Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/T4BFzPUJd-vDBmo87tj9MvHwI94.cer
File: T4BFzPUJd-vDBmo87tj9MvHwI94.cer (raw, json)
Hash identifier: j9TnIapvchxo/rk0aQTnKuPzGZBhGvUI7fD4ruo+nMM=
Subject key identifier: 4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FC7378823E5C450D2BB416D0AFCDD5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/T4BFzPUJd-vDBmo87tj9MvHwI94.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:48:09 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35445
IP: 85.188.64.0 -- 85.188.191.255
IP: 2001:67c:191c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:73:78:82:3e:5c:45:0d:2b:b4:16:d0:af:cd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f8045ccf50977ebc3066a3ceed8fd32f1f023de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:b9:c3:8d:0d:19:04:03:aa:fb:18:69:56:
91:92:63:d6:4b:bf:a8:b6:68:6e:75:b4:35:13:6b:
22:4d:c2:4e:66:e5:2b:76:be:f5:38:c3:01:46:ee:
47:6a:e1:63:2c:55:04:f9:18:34:f0:b3:6a:8e:39:
fa:9f:69:8d:8f:5b:76:58:4e:fb:9e:51:6d:30:69:
f9:cf:44:db:fd:75:5a:4f:7c:9a:3b:8f:cc:a7:80:
ef:88:f3:51:e5:c7:78:72:6b:cf:7a:18:1f:9a:91:
dd:5f:26:67:ab:e2:ad:05:81:78:c5:60:9d:f4:72:
f5:6c:98:85:32:35:9b:c8:2e:e6:03:d3:4e:b7:c2:
a0:7a:90:9b:65:80:79:f3:68:49:52:ea:f3:41:26:
9d:c6:34:c9:0c:83:8e:dc:27:b8:61:5d:99:42:b4:
e1:cc:50:ac:a8:e5:ea:e1:50:35:eb:6e:af:76:f2:
e1:d5:e6:c6:68:1f:11:a9:ac:23:dc:3d:b8:03:32:
ab:be:5e:35:01:08:38:40:b0:86:5a:d5:4b:fd:d2:
8b:8e:54:b2:65:50:01:57:80:61:97:59:d6:e9:fe:
1e:21:07:1b:02:40:54:54:f8:9a:77:0e:96:55:f1:
66:bb:5e:fe:22:2d:4c:37:8f:2f:b8:f5:0f:1d:a6:
00:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/T4BFzPUJd-vDBmo87tj9MvHwI94.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.188.64.0-85.188.191.255
IPv6:
2001:67c:191c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35445
Signature Algorithm: sha256WithRSAEncryption
96:1b:d8:b2:c0:0b:1c:01:0f:79:27:df:8f:52:e0:4d:4e:d4:
05:a6:13:fd:89:ed:e4:17:7a:a9:16:bb:bc:4c:bf:51:b9:99:
0d:bc:49:de:0b:5a:45:46:df:4f:81:88:bf:76:be:8f:30:1c:
b0:e1:c2:17:a4:f1:5d:02:d5:29:cc:0e:7e:99:6c:67:4d:fe:
6a:e4:3a:4c:39:80:17:9f:99:41:89:10:68:e9:e0:63:d5:63:
55:fe:03:33:45:90:ea:a0:1f:07:62:c1:53:c5:8f:a1:82:f3:
ca:c1:63:9d:fc:73:f0:9b:c7:b8:fc:0d:61:35:cc:ce:f3:3c:
bd:37:5a:a5:df:eb:e5:dc:7a:bf:3c:28:63:b3:e9:66:7e:04:
6f:3f:ed:83:29:21:27:6a:c7:7a:18:30:92:e1:77:90:61:fb:
02:2c:fa:8f:10:d4:27:15:24:80:15:43:c4:58:35:53:fb:19:
5b:48:97:f5:0b:02:4f:f5:0c:d5:2a:3b:d2:03:d3:6f:ac:25:
b7:7b:ac:d0:cd:bb:8f:91:d3:9e:ed:53:e3:59:02:07:c9:b5:
dc:ab:9d:92:a7:af:29:a2:ed:31:88:62:3a:38:1d:01:c6:2e:
fd:81:a6:35:8a:70:72:ad:43:1f:8c:6f:14:19:31:33:e2:c9:
43:ac:4b:66
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZQl/HN4gj5cRQ0rtBbQr83VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjgwNDVjY2Y1MDk3N2ViYzMwNjZhM2NlZWQ4ZmQzMmYxZjAyM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPm5w40NGQQDqvsYaVaRkmPWS7+o
tmhudbQ1E2siTcJOZuUrdr71OMMBRu5HauFjLFUE+Rg08LNqjjn6n2mNj1t2WE77
nlFtMGn5z0Tb/XVaT3yaO4/Mp4DviPNR5cd4cmvPehgfmpHdXyZnq+KtBYF4xWCd
9HL1bJiFMjWbyC7mA9NOt8KgepCbZYB582hJUurzQSadxjTJDIOO3Ce4YV2ZQrTh
zFCsqOXq4VA1626vdvLh1ebGaB8Rqawj3D24AzKrvl41AQg4QLCGWtVL/dKLjlSy
ZVABV4Bhl1nW6f4eIQcbAkBUVPiadw6WVfFmu17+Ii1MN48vuPUPHaYAbwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFE+ARcz1CXfrwwZqPO7Y/TLx8CPeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmLzdkOWUx
MC0yYzE5LTRkZDgtYTgwZi00MGM4Njk3YmJkZTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvN2Q5ZTEw
LTJjMTktNGRkOC1hODBmLTQwYzg2OTdiYmRlOS8xL1Q0QkZ6UFVKZC12REJtbzg3
dGo5TXZId0k5NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzAUBAIAATAOMAwDBAZVvEADBAZVvIAwDwQCAAIwCQMHACABBnwZ
HDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAinUwDQYJKoZIhvcNAQELBQADggEB
AJYb2LLACxwBD3kn349S4E1O1AWmE/2J7eQXeqkWu7xMv1G5mQ28Sd4LWkVG30+B
iL92vo8wHLDhwhek8V0C1SnMDn6ZbGdN/mrkOkw5gBefmUGJEGjp4GPVY1X+AzNF
kOqgHwdiwVPFj6GC88rBY538c/Cbx7j8DWE1zM7zPL03WqXf6+Xcer88KGOz6WZ+
BG8/7YMpISdqx3oYMJLhd5Bh+wIs+o8Q1CcVJIAVQ8RYNVP7GVtIl/ULAk/1DNUq
O9ID02+sJbd7rNDNu4+R057tU+NZAgfJtdyrnZKnrymi7TGIYjo4HQHGLv2BpjWK
cHKtQx+MbxQZMTPiyUOsS2Y=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:56:30 2025 by rpki-client