Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
File: S1KaTSL67yMTXW7_iRImZiPEklU.cer (raw, json)
Hash identifier: QeF6X2rhBtKHoMT+V9noUrYvDX6Fa5QNPAO1RdkFInU=
Subject key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9EE715B833E75AF3D08CA162819D8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:50:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 42705
AS: 207701
IP: 5.11.16.0/22
IP: 5.11.21.0 -- 5.11.22.255
IP: 5.11.24.0/21
IP: 80.251.0.0/20
IP: 85.31.64.0/19
IP: 2a01:7a8::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ee:71:5b:83:3e:75:af:3d:08:ca:16:28:19:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b529a4d22faef23135d6eff8912266623c49255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:31:92:a4:a2:56:21:30:7e:58:ff:6e:bf:b0:
c4:66:fe:9a:eb:1b:bf:0a:10:44:f5:23:9f:06:b0:
09:d1:80:7a:41:39:4e:53:32:d4:12:73:b9:97:3b:
c7:4b:e7:ff:7f:31:02:60:a5:4a:bc:b7:0c:0c:f1:
c2:0e:3c:b5:16:11:b7:81:5d:c7:0b:dd:2a:74:7e:
38:8c:d4:66:fa:c6:50:e7:bf:25:af:10:19:82:5c:
ea:10:b2:31:54:01:4f:b0:5f:b7:3b:12:9b:6c:d2:
80:22:66:c8:02:59:2d:76:6c:8b:1f:da:3b:48:4e:
00:be:8c:04:2e:44:d2:21:59:6d:35:f5:7b:ab:48:
0e:4c:7c:d8:b8:10:ef:d3:4e:64:ec:3c:38:c0:24:
b0:62:74:14:a5:99:d6:28:c9:67:ba:6e:8d:33:5c:
70:99:4b:29:17:dc:1e:7b:38:86:11:1d:71:3a:f0:
89:e0:65:3f:46:6d:99:eb:61:52:dc:44:76:5f:a4:
ce:c3:48:d8:5b:df:b1:a2:4e:56:b4:f2:11:b7:9c:
73:5a:95:df:4f:d4:27:94:ea:60:f6:33:5e:b5:f5:
4d:50:9b:ad:e1:96:15:fc:54:10:a3:29:c7:00:1e:
98:45:d0:65:28:5e:a0:01:18:0f:72:fd:26:bf:26:
99:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
IPv6:
2a01:7a8::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42705
207701
Signature Algorithm: sha256WithRSAEncryption
a2:25:03:98:87:3f:81:c1:30:67:79:e8:96:40:8e:20:c9:70:
41:01:1b:f6:ee:d8:c8:a9:f2:19:68:3a:e4:76:a7:0c:b8:94:
32:65:ec:ac:fb:c6:f2:00:ac:a5:1f:c5:5d:cb:a0:ec:60:10:
12:37:3c:8c:9e:80:32:df:33:c8:19:c4:2a:d2:5d:e8:b1:27:
57:0a:52:24:51:bd:6a:23:91:91:54:43:d9:3b:8a:1e:22:c9:
78:e5:9d:ec:55:43:ab:5b:ca:a2:81:6c:eb:11:05:33:2e:02:
8a:fc:cf:58:6e:d1:cf:b9:2c:fc:14:a8:5c:01:2b:64:d2:b9:
76:ee:52:79:f9:f7:d5:eb:f3:8a:61:27:da:a0:50:db:58:f1:
83:dd:3b:3b:f8:df:9a:89:a2:79:5a:9f:16:9e:a1:be:ac:61:
a8:fc:39:b9:55:1c:32:7a:d4:68:fc:dd:97:46:88:de:1e:19:
f1:2c:a9:01:87:24:bf:08:82:40:fb:9b:e1:b9:2a:48:ae:05:
91:86:11:f5:b8:57:cb:6f:fe:ae:cc:c7:02:cc:3f:b7:df:df:
0d:95:f0:91:95:0f:04:46:8e:8e:15:73:26:5d:bf:96:e4:8d:
1b:0c:bb:de:d2:91:96:0d:28:32:11:a6:50:f2:c4:10:5c:49:
f5:72:ac:4d
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZQm2e5xW4M+da89CMoWKBnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjUyOWE0ZDIyZmFlZjIzMTM1ZDZlZmY4OTEyMjY2NjIzYzQ5MjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjGSpKJWITB+WP9uv7DEZv6a6xu/
ChBE9SOfBrAJ0YB6QTlOUzLUEnO5lzvHS+f/fzECYKVKvLcMDPHCDjy1FhG3gV3H
C90qdH44jNRm+sZQ578lrxAZglzqELIxVAFPsF+3OxKbbNKAImbIAlktdmyLH9o7
SE4AvowELkTSIVltNfV7q0gOTHzYuBDv005k7Dw4wCSwYnQUpZnWKMlnum6NM1xw
mUspF9weeziGER1xOvCJ4GU/Rm2Z62FS3ER2X6TOw0jYW9+xok5WtPIRt5xzWpXf
T9QnlOpg9jNetfVNUJut4ZYV/FQQoynHAB6YRdBlKF6gARgPcv0mvyaZlwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFEtSmk0i+u8jE11u/4kSJmYjxJJVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QzLzFkOWIw
NS1lYzYxLTRjMzMtYTA5Ny0zNmFlNzZlZTk4M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMvMWQ5YjA1
LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8xL1MxS2FUU0w2N3lNVFhXN19p
UkltWmlQRWtsVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME4GCCsGAQUF
BwEHAQH/BD8wPTAsBAIAATAmAwQCBQsQMAwDBAAFCxUDBAAFCxYDBAMFCxgDBARQ
+wADBAVVH0AwDQQCAAIwBwMFACoBB6gwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgID
AKbRAgMDK1UwDQYJKoZIhvcNAQELBQADggEBAKIlA5iHP4HBMGd56JZAjiDJcEEB
G/bu2Mip8hloOuR2pwy4lDJl7Kz7xvIArKUfxV3LoOxgEBI3PIyegDLfM8gZxCrS
XeixJ1cKUiRRvWojkZFUQ9k7ih4iyXjlnexVQ6tbyqKBbOsRBTMuAor8z1hu0c+5
LPwUqFwBK2TSuXbuUnn599Xr84phJ9qgUNtY8YPdOzv435qJonlanxaeob6sYaj8
OblVHDJ61Gj83ZdGiN4eGfEsqQGHJL8IgkD7m+G5KkiuBZGGEfW4V8tv/q7MxwLM
P7ff3w2V8JGVDwRGjo4VcyZdv5bkjRsMu97SkZYNKDIRplDyxBBcSfVyrE0=
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:45:03 2025 by rpki-client