Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
File: QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer (raw, json)
Hash identifier: rUCEQpsbh5raA/97Cf3KpmnpzbBkETdZhZlGI04UEBU=
Subject key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFAA254DB05C91D008CBD7E221FA134
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 91.235.8.0/22
IP: 185.18.36.0/22
IP: 185.93.200.0/22
IP: 2a05:fa40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a2:54:db:05:c9:1d:00:8c:bd:7e:22:1f:a1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:eb:ef:6c:70:f4:bd:46:48:9e:3f:41:9f:
be:c8:77:41:b1:2f:f0:77:70:0c:25:cb:43:08:1f:
98:69:f0:85:8b:84:d0:09:48:ee:d8:6b:89:7a:be:
77:b0:01:04:cb:89:56:90:08:9e:db:86:d4:f8:ca:
b4:be:86:31:20:3c:7f:78:fc:40:16:fe:ed:b2:15:
0c:80:ed:ec:36:75:3e:39:39:56:3c:e2:e5:34:a1:
66:8e:58:42:7b:4e:e6:af:54:8b:48:3e:a2:ae:fc:
30:df:f3:f3:ce:e8:cf:77:a4:f0:88:0d:c7:96:d2:
7e:7f:ca:0f:f7:ae:e6:df:c7:a2:e7:6a:68:ca:dd:
7d:39:6e:ae:73:bc:ba:fa:ab:f2:ce:ed:c4:b6:6c:
bb:13:8b:8e:33:22:51:49:b1:b0:35:fb:39:c8:84:
86:47:1e:94:40:4d:de:03:d3:ca:47:cb:e5:f1:c4:
ea:60:58:92:07:f4:46:a1:3a:a6:c4:6e:01:82:55:
10:7a:ff:7e:7a:e6:f4:90:26:d2:71:43:2e:50:87:
8f:13:5c:d9:d2:20:16:a0:69:1f:10:44:9e:1d:ab:
9a:13:5a:a2:84:c2:af:13:6e:64:f2:8b:cb:ea:6e:
5f:42:0e:a7:c1:fa:b7:3c:15:0b:82:a8:39:45:85:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.8.0/22
185.18.36.0/22
185.93.200.0/22
IPv6:
2a05:fa40::/29
Signature Algorithm: sha256WithRSAEncryption
97:cd:d1:3f:19:6d:36:56:1a:14:07:3f:1f:3c:22:49:45:5a:
29:03:ba:e7:dd:f2:59:c7:c4:87:70:49:a0:a1:6b:c1:99:b9:
e3:28:9a:af:10:42:f0:0b:40:87:19:d8:b8:bb:d3:9d:44:7c:
25:55:83:ef:96:e7:4c:1f:2e:b2:85:b9:42:c6:30:00:69:ee:
5e:4a:9f:66:65:5a:b9:cd:65:1b:eb:0b:74:4f:eb:db:2e:70:
c7:23:01:bf:54:e9:1f:85:2e:11:25:4c:af:ef:50:cf:b3:3b:
77:fd:99:65:7b:5c:41:7b:10:69:75:c4:55:75:29:da:e9:d2:
d1:1d:58:7f:72:4a:08:65:7a:3c:53:dd:70:8b:ff:a1:c9:77:
c9:ed:8f:84:6d:37:2f:62:9d:a5:f4:e8:3d:85:3c:1a:5a:2a:
0d:b1:36:5b:a5:c9:43:e6:4c:3e:21:21:e4:d6:dd:1a:f1:89:
72:63:63:03:ef:00:48:c4:88:9e:db:f9:c2:a0:2e:00:10:e8:
2a:49:d3:f2:51:45:dc:eb:fe:76:89:1b:99:18:70:77:be:da:
c0:c3:2d:91:52:48:ef:15:e6:eb:d6:06:a1:20:fe:be:2e:49:
c5:03:8c:8a:c4:22:90:94:b1:6c:ee:07:8c:6d:e6:c1:f6:11:
cc:e7:16:2c
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQf+qJU2wXJHQCMvX4iH6E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVjMTBmODRkYzIyOTM3ZWY2ZDE1ZWI3MWJiYjRhNTMwODE2MmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp13r72xw9L1GSJ4/QZ++yHdBsS/w
d3AMJctDCB+YafCFi4TQCUju2GuJer53sAEEy4lWkAie24bU+Mq0voYxIDx/ePxA
Fv7tshUMgO3sNnU+OTlWPOLlNKFmjlhCe07mr1SLSD6irvww3/PzzujPd6TwiA3H
ltJ+f8oP967m38ei52poyt19OW6uc7y6+qvyzu3Etmy7E4uOMyJRSbGwNfs5yISG
Rx6UQE3eA9PKR8vl8cTqYFiSB/RGoTqmxG4BglUQev9+eub0kCbScUMuUIePE1zZ
0iAWoGkfEESeHauaE1qihMKvE25k8ovL6m5fQg6nwfq3PBULgqg5RYWYDwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFEFcEPhNwik3720V63G7tKUwgWK/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzVjNTdl
Ny03YmE4LTRhNjItOGQxNS1jNmI2ZmQxMmNlMjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvNWM1N2U3
LTdiYTgtNGE2Mi04ZDE1LWM2YjZmZDEyY2UyNy8xL1FWd1EtRTNDS1RmdmJSWHJj
YnUwcFRDQllyOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCW+sIAwQCuRIkAwQCuV3IMA0EAgACMAcDBQMq
BfpAMA0GCSqGSIb3DQEBCwUAA4IBAQCXzdE/GW02VhoUBz8fPCJJRVopA7rn3fJZ
x8SHcEmgoWvBmbnjKJqvEELwC0CHGdi4u9OdRHwlVYPvludMHy6yhblCxjAAae5e
Sp9mZVq5zWUb6wt0T+vbLnDHIwG/VOkfhS4RJUyv71DPszt3/Zlle1xBexBpdcRV
dSna6dLRHVh/ckoIZXo8U91wi/+hyXfJ7Y+EbTcvYp2l9Og9hTwaWioNsTZbpclD
5kw+ISHk1t0a8YlyY2MD7wBIxIie2/nCoC4AEOgqSdPyUUXc6/52iRuZGHB3vtrA
wy2RUkjvFebr1gahIP6+LknFA4yKxCKQlLFs7geMbebB9hHM5xYs
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:12:46 2025 by rpki-client