Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
File: QHsur7H0zNuzzWzU10srM5eKC3A.cer (raw, json)
Hash identifier: XPeFz5jYlnpnBj14VBNX46AJmnkvbJ6gE1FSfKZTE5k=
Subject key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942444F6000B1AC7C1B31615B0F3B5A304
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206914
IP: 185.148.164.0/22
IP: 2a07:5f40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f6:00:0b:1a:c7:c1:b3:16:15:b0:f3:b5:a3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9f:10:0d:4d:39:e4:fe:e8:b9:45:9a:6f:6f:
4a:ad:7b:57:6d:2c:ad:8e:11:76:14:ce:d7:81:0f:
6f:62:0c:57:3c:27:49:7b:37:a9:49:62:e9:50:3c:
b1:b7:db:6f:53:72:68:5b:1c:70:0d:a6:61:a5:a4:
db:0b:7d:9a:3b:25:83:10:de:ff:98:70:79:2c:03:
80:72:50:dc:e8:a9:27:34:ad:cb:a9:fc:88:1a:e2:
a1:46:ac:30:18:5c:27:b5:e2:d3:55:e5:20:0c:7d:
e6:d9:14:63:b7:a3:00:15:f4:b8:3f:4a:9e:f8:e1:
1e:3a:55:c5:8c:8e:30:d3:19:1e:b8:e4:3e:c8:01:
ce:f3:a1:9d:11:0f:c5:a5:eb:33:5c:cd:4d:e1:a7:
dd:af:7b:2e:cb:9b:78:9f:c4:39:6b:d2:57:f3:c4:
0d:ed:77:4d:a1:3f:c8:87:f9:ee:74:45:51:49:fa:
0c:c5:15:d1:15:f4:07:b8:32:28:9f:94:a1:e1:8a:
94:2c:e6:b6:a6:32:75:23:87:2f:f7:a8:77:41:70:
f0:30:ae:c2:67:82:ad:20:2b:f1:d4:17:20:7e:61:
dd:e0:69:9d:58:68:25:d4:17:a9:bc:04:9a:01:17:
4f:a6:04:d5:cc:f7:6a:da:27:ef:8a:cc:38:66:ee:
30:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.164.0/22
IPv6:
2a07:5f40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206914
Signature Algorithm: sha256WithRSAEncryption
b1:63:75:16:1e:0b:1a:9e:8c:0a:cb:d6:d8:a2:a6:99:55:f3:
21:24:bb:b6:22:8a:21:f5:b1:d9:63:bd:d5:db:3d:a3:fc:da:
f2:25:2f:f6:ae:db:42:38:43:d8:30:ce:d8:5e:20:fd:37:12:
4d:5c:e9:89:e5:46:b4:03:58:bb:47:2a:1b:8a:f8:1b:85:e4:
93:80:ee:dd:80:5b:49:9c:2a:50:b7:72:1e:34:df:2c:b2:70:
1c:87:b5:48:42:63:1d:a1:9f:c2:1e:da:13:e8:c5:2b:df:31:
d9:98:78:77:ae:1f:53:77:94:1f:28:e3:37:b6:17:c7:2f:85:
a8:d9:32:e0:79:a6:18:bf:66:76:36:b0:14:c2:c3:f4:f9:86:
fc:8b:fe:25:1e:a4:c0:ce:be:d8:e1:4a:04:f0:95:f2:12:82:
bc:cd:1b:4c:84:7d:32:16:e3:5e:e8:2c:47:8f:8a:bc:ff:d0:
89:a6:b3:10:9a:c5:0a:f0:1b:d3:06:cc:5b:6f:61:c4:65:5b:
78:5a:23:cb:1a:dc:4f:74:0c:2a:6e:07:59:7f:36:91:17:36:
aa:a6:aa:a6:e7:7a:c2:e6:41:ff:66:bd:31:b4:70:c7:7a:44:
01:03:37:0e:93:9a:35:9f:e6:53:43:9e:f8:6b:f4:79:fb:f9:
e9:c3:5c:5d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQkRPYACxrHwbMWFbDztaMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdiMmVhZmIxZjRjY2RiYjNjZDZjZDRkNzRiMmIzMzk3OGEwYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv58QDU055P7ouUWab29KrXtXbSyt
jhF2FM7XgQ9vYgxXPCdJezepSWLpUDyxt9tvU3JoWxxwDaZhpaTbC32aOyWDEN7/
mHB5LAOAclDc6KknNK3LqfyIGuKhRqwwGFwnteLTVeUgDH3m2RRjt6MAFfS4P0qe
+OEeOlXFjI4w0xkeuOQ+yAHO86GdEQ/FpeszXM1N4afdr3suy5t4n8Q5a9JX88QN
7XdNoT/Ih/nudEVRSfoMxRXRFfQHuDIon5Sh4YqULOa2pjJ1I4cv96h3QXDwMK7C
Z4KtICvx1BcgfmHd4GmdWGgl1BepvASaARdPpgTVzPdq2ifvisw4Zu4wPwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEB7Lq+x9Mzbs81s1NdLKzOXigtwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FiLzZhZWNj
NS1iODVjLTQxOGItYWZjOC1jMmU2NjhjMTk3MjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIvNmFlY2M1
LWI4NWMtNDE4Yi1hZmM4LWMyZTY2OGMxOTcyNy8xL1FIc3VyN0gwek51enpXelUx
MHNyTTVlS0MzQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZSkMA0EAgACMAcDBQMqB19AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMoQjANBgkqhkiG9w0BAQsFAAOCAQEAsWN1Fh4LGp6M
CsvW2KKmmVXzISS7tiKKIfWx2WO91ds9o/za8iUv9q7bQjhD2DDO2F4g/TcSTVzp
ieVGtANYu0cqG4r4G4Xkk4Du3YBbSZwqULdyHjTfLLJwHIe1SEJjHaGfwh7aE+jF
K98x2Zh4d64fU3eUHyjjN7YXxy+FqNky4HmmGL9mdjawFMLD9PmG/Iv+JR6kwM6+
2OFKBPCV8hKCvM0bTIR9MhbjXugsR4+KvP/QiaazEJrFCvAb0wbMW29hxGVbeFoj
yxrcT3QMKm4HWX82kRc2qqaqpud6wuZB/2a9MbRwx3pEAQM3DpOaNZ/mU0Oe+Gv0
efv56cNcXQ==
-----END CERTIFICATE-----
Generated at Sat Mar 8 22:12:28 2025 by rpki-client