Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/R928ziYovwn65r8EQhjGV-i9PG4.cer
File: R928ziYovwn65r8EQhjGV-i9PG4.cer (raw, json)
Hash identifier: I80Tv952Te56K+/ap1Xraqp82NGdTgWudiHP9Os2FO4=
Subject key identifier: 47:DD:BC:CE:26:28:BF:09:FA:E6:BF:04:42:18:C6:57:E8:BD:3C:6E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194214407A58591D1B06F146D4911CD02A1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/R928ziYovwn65r8EQhjGV-i9PG4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:14 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 215239
IP: 45.143.0.0/22
IP: 2a14:2d40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:07:a5:85:91:d1:b0:6f:14:6d:49:11:cd:02:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47ddbcce2628bf09fae6bf044218c657e8bd3c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7f:ba:64:12:2a:b7:69:4f:6f:9a:fa:92:ee:
b3:81:9e:a5:c5:cc:89:eb:15:73:3c:af:b0:bc:15:
29:51:12:55:4f:63:df:76:83:80:e6:b4:92:b2:32:
d1:33:75:c8:1f:a8:ee:cd:46:a5:3f:6a:87:64:4f:
cf:41:14:52:bf:e3:90:f4:54:6c:9d:20:98:4f:66:
68:62:d3:a4:ef:5a:9e:11:12:57:ff:fe:e8:eb:01:
d1:84:6b:ce:ab:4f:f7:51:2e:bf:6e:f8:5c:db:59:
c0:e2:c6:f5:b5:73:ba:06:33:13:4f:43:72:55:91:
ae:4b:18:28:02:aa:c4:2f:21:ef:51:70:e5:88:5c:
58:96:d5:e3:1d:0d:3a:f4:4c:77:e1:f9:e8:a5:25:
db:10:61:53:f9:56:1d:f5:eb:22:9b:ed:91:d3:f5:
c6:ea:08:80:a0:56:98:ba:dc:4f:c9:03:60:7b:b7:
1e:09:13:f7:db:2f:ae:39:db:2d:45:bf:d3:d6:06:
34:46:d8:2e:5e:34:9d:b6:67:72:3f:43:d9:bd:a2:
e6:6a:3f:58:d5:b3:d9:6d:c9:52:1a:31:08:03:f4:
ff:a1:b3:db:f7:a6:21:bf:42:fd:10:fb:cf:44:f2:
a3:50:2d:22:22:74:7b:13:27:44:0d:b0:52:d1:70:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DD:BC:CE:26:28:BF:09:FA:E6:BF:04:42:18:C6:57:E8:BD:3C:6E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/R928ziYovwn65r8EQhjGV-i9PG4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.0.0/22
IPv6:
2a14:2d40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
215239
Signature Algorithm: sha256WithRSAEncryption
7d:53:49:e3:cc:25:17:e6:3d:ec:5d:03:34:0d:78:fa:a1:bd:
23:8c:df:e9:70:1b:69:39:23:f8:59:a4:19:f6:bb:ea:67:4b:
65:69:52:f8:66:4e:ad:15:3f:f4:cc:49:29:25:59:53:02:e5:
76:7d:20:92:35:92:36:42:65:98:8f:92:ac:29:17:4c:05:fc:
9f:3d:10:8d:b1:8f:a7:8b:0c:2b:7e:46:76:78:38:29:dc:d1:
10:8c:48:08:83:44:84:dc:4f:64:fc:6c:d8:1a:19:10:75:5c:
f0:f7:d3:42:2b:d0:83:be:52:96:a8:f4:90:1e:42:78:1c:77:
e3:f2:94:5b:b5:2b:f9:7d:16:a8:98:fc:d5:a3:2d:f9:8e:49:
bc:71:ce:6f:29:7f:57:98:39:9f:67:32:8e:bb:d8:8d:46:00:
99:a7:5a:2e:35:90:e0:17:af:8d:eb:31:3e:29:40:5f:64:07:
38:15:2f:98:a4:43:e4:5c:e3:11:f2:41:77:b1:fa:e1:7a:37:
29:5f:46:86:eb:29:da:3b:8f:5c:13:9f:1c:6b:ef:a3:d0:39:
8f:9b:ee:21:36:de:3d:7c:68:3f:44:e8:74:d1:32:3e:84:38:
7e:c7:75:cc:00:bd:b8:d8:da:28:f6:63:88:03:c5:9c:26:02:
98:27:7b:33
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQhRAelhZHRsG8UbUkRzQKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RkYmNjZTI2MjhiZjA5ZmFlNmJmMDQ0MjE4YzY1N2U4YmQzYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X+6ZBIqt2lPb5r6ku6zgZ6lxcyJ
6xVzPK+wvBUpURJVT2PfdoOA5rSSsjLRM3XIH6juzUalP2qHZE/PQRRSv+OQ9FRs
nSCYT2ZoYtOk71qeERJX//7o6wHRhGvOq0/3US6/bvhc21nA4sb1tXO6BjMTT0Ny
VZGuSxgoAqrELyHvUXDliFxYltXjHQ069Ex34fnopSXbEGFT+VYd9esim+2R0/XG
6giAoFaYutxPyQNge7ceCRP32y+uOdstRb/T1gY0RtguXjSdtmdyP0PZvaLmaj9Y
1bPZbclSGjEIA/T/obPb96Yhv0L9EPvPRPKjUC0iInR7EydEDbBS0XDXeQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEfdvM4mKL8J+ua/BEIYxlfovTxuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JlL2EzYjM1
NS05YWZhLTQzNGUtODA5OC01MGQ3MDliZmZlYjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvYTNiMzU1
LTlhZmEtNDM0ZS04MDk4LTUwZDcwOWJmZmViNS8xL1I5Mjh6aVlvdnduNjVyOEVR
aGpHVi1pOVBHNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLY8AMA0EAgACMAcDBQMqFC1AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNIxzANBgkqhkiG9w0BAQsFAAOCAQEAfVNJ48wlF+Y9
7F0DNA14+qG9I4zf6XAbaTkj+FmkGfa76mdLZWlS+GZOrRU/9MxJKSVZUwLldn0g
kjWSNkJlmI+SrCkXTAX8nz0QjbGPp4sMK35Gdng4KdzREIxICINEhNxPZPxs2BoZ
EHVc8PfTQivQg75Slqj0kB5CeBx34/KUW7Ur+X0WqJj81aMt+Y5JvHHObyl/V5g5
n2cyjrvYjUYAmadaLjWQ4BevjesxPilAX2QHOBUvmKRD5FzjEfJBd7H64Xo3KV9G
husp2juPXBOfHGvvo9A5j5vuITbePXxoP0TodNEyPoQ4fsd1zAC9uNjaKPZjiAPF
nCYCmCd7Mw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:44 2025 by rpki-client