Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
File: Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer (raw, json)
Hash identifier: n8Dcb2wmi2hwYIJsMTvdsA1ndc+nibIo1P/BdCEDw4Y=
Subject key identifier: 49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B3CBAE283F64BDDFC35C13D4083231
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:49:10 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 56676
IP: 31.130.120.0/21
IP: 91.237.209.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cb:ae:28:3f:64:bd:df:c3:5c:13:d4:08:32:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:37:fd:83:f2:83:3c:a1:2a:78:04:19:68:5d:
07:6e:84:dc:bb:f2:1c:7e:3d:b8:35:34:5f:ee:2a:
46:e1:ab:46:08:45:1d:97:7b:e2:dc:c9:19:c6:1b:
ea:12:14:b7:33:3a:86:96:de:80:38:bd:c7:93:a1:
a3:10:66:a0:c0:61:07:75:e1:cb:1a:a3:33:36:20:
3e:45:b8:32:9a:fd:a2:38:45:55:fa:18:6d:7c:4e:
cd:a4:ab:bf:3b:f7:55:4e:6c:f7:19:6d:82:f1:dd:
37:3b:46:b5:d4:ee:48:6d:19:f8:14:f6:f2:c6:4d:
18:0b:8f:36:03:18:c0:48:da:dc:6a:6a:79:3e:14:
48:4d:f8:f5:c1:2b:09:ec:d7:6a:81:2b:1e:27:df:
81:fb:93:fc:a8:dc:cb:7a:96:a8:28:e3:9c:b6:4c:
2a:2a:b9:94:29:9b:d9:c4:78:10:f6:f1:22:ad:a0:
0b:a3:8d:7f:b9:8b:ca:68:af:a4:11:71:eb:08:9f:
61:ed:61:bf:67:cd:55:03:bc:fd:35:2b:aa:81:98:
59:b1:4e:4e:3a:18:db:44:fd:fa:67:e8:dd:d5:00:
c9:7b:aa:da:48:a7:a3:bd:99:1f:29:22:ae:56:33:
af:e2:18:d4:19:c5:7e:7b:46:0f:48:7e:3a:b6:30:
dd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.120.0/21
91.237.209.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56676
Signature Algorithm: sha256WithRSAEncryption
97:6f:87:0d:c1:82:28:a3:71:81:38:bb:f0:0e:13:c6:8c:fd:
a8:d5:fd:b7:69:f2:dd:10:91:e3:38:0f:c1:c1:77:87:27:0a:
35:e1:20:4c:9d:19:bf:7b:a6:54:00:e8:3e:9b:3d:7f:ca:96:
2f:72:0e:a0:b6:70:0b:24:31:a0:05:5b:0b:20:c6:af:93:0a:
81:26:e6:fa:a1:7b:e1:ec:7a:3b:a3:3c:88:d8:fc:30:aa:bd:
1a:56:2d:d4:8e:37:18:c1:ef:1e:89:33:43:4c:62:80:09:51:
95:d5:59:c8:97:a7:ec:dc:97:2d:8c:77:1a:d4:4e:37:ca:19:
31:0b:80:b2:35:89:31:70:57:30:1b:31:91:18:c7:68:9d:7f:
5e:62:3b:5a:36:9f:73:73:03:bd:d9:9c:9c:d1:30:c5:32:2f:
38:6e:c9:c2:e3:71:8c:4b:36:6c:8d:b6:aa:c6:bd:18:3b:4b:
3c:e3:67:50:9b:d6:39:11:ae:59:27:32:03:19:79:20:97:a1:
23:f6:3b:40:b5:e2:ae:3c:75:00:9a:29:85:ab:e3:0e:2e:b9:
cd:d7:3b:c1:50:e0:01:62:04:9b:06:5b:9a:40:b1:65:d3:bd:
d0:03:f0:1b:10:19:8d:7e:92:bb:c4:88:0b:5a:89:ae:d4:30:
bb:e9:e7:d9
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQks8uuKD9kvd/DXBPUCDIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWNkOWVjOGU1M2Y4ZmMyYTM1ZTkxYjc3MDE0ZjZhNzNkOGI1YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjf9g/KDPKEqeAQZaF0HboTcu/Ic
fj24NTRf7ipG4atGCEUdl3vi3MkZxhvqEhS3MzqGlt6AOL3Hk6GjEGagwGEHdeHL
GqMzNiA+Rbgymv2iOEVV+hhtfE7NpKu/O/dVTmz3GW2C8d03O0a11O5IbRn4FPby
xk0YC482AxjASNrcamp5PhRITfj1wSsJ7NdqgSseJ9+B+5P8qNzLepaoKOOctkwq
KrmUKZvZxHgQ9vEiraALo41/uYvKaK+kEXHrCJ9h7WG/Z81VA7z9NSuqgZhZsU5O
OhjbRP36Z+jd1QDJe6raSKejvZkfKSKuVjOv4hjUGcV+e0YPSH46tjDdVwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFEnNnsjlP4/Co16Rt3AU9qc9i1s9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE0LzFiNTk2
MS04NGFiLTQwYmUtYjBkYy0yZjZmOWY4ODgzNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQvMWI1OTYx
LTg0YWItNDBiZS1iMGRjLTJmNmY5Zjg4ODM3NS8xL1NjMmV5T1VfajhLalhwRzNj
QlQycHoyTFd6MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDH4J4AwQAW+3RMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDdZDANBgkqhkiG9w0BAQsFAAOCAQEAl2+HDcGCKKNxgTi78A4Txoz9
qNX9t2ny3RCR4zgPwcF3hycKNeEgTJ0Zv3umVADoPps9f8qWL3IOoLZwCyQxoAVb
CyDGr5MKgSbm+qF74ex6O6M8iNj8MKq9GlYt1I43GMHvHokzQ0xigAlRldVZyJen
7NyXLYx3GtRON8oZMQuAsjWJMXBXMBsxkRjHaJ1/XmI7Wjafc3MDvdmcnNEwxTIv
OG7JwuNxjEs2bI22qsa9GDtLPONnUJvWORGuWScyAxl5IJehI/Y7QLXirjx1AJop
havjDi65zdc7wVDgAWIEmwZbmkCxZdO90APwGxAZjX6Su8SIC1qJrtQwu+nn2Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:40:11 2025 by rpki-client