Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
File: TRNilffzLmS-ePs5nrbRWuPpJjI.cer (raw, json)
Hash identifier: v0sXazarl7zkzr1FP5Q+OpCYht8GYPxNhlTnz1h5AOg=
Subject key identifier: 4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C85440B7EA518E5A98E9CD85B823D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:48:10 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.5.175.0/24
IP: 194.5.188.0/24
IP: 194.5.195.0/24
IP: 194.5.205.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:85:44:0b:7e:a5:18:e5:a9:8e:9c:d8:5b:82:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c2:84:4a:22:21:97:0a:f7:ed:07:26:35:65:
f4:b1:96:f8:6d:46:7f:2b:56:6a:61:a8:95:75:e0:
aa:92:c2:ad:5b:8a:5f:81:57:ad:90:f1:5a:3c:9a:
8f:18:0d:37:18:11:70:bd:69:56:e5:6d:a2:ec:76:
10:70:cf:45:63:79:8b:ae:f3:ed:4c:68:3c:31:d9:
00:09:2e:c4:08:c8:19:12:04:4a:0d:2a:93:2a:1f:
df:89:3d:a4:4e:fa:c6:6b:ce:62:c5:1b:8b:45:a0:
2a:d4:7e:14:08:ec:fc:93:f6:84:52:01:15:75:7c:
53:cc:52:97:2e:2f:b0:81:fc:8c:ba:c7:30:98:bc:
98:e3:83:9f:74:08:41:9c:95:a0:89:25:ce:2d:fd:
12:86:7b:71:d5:1a:b4:c5:b8:e7:52:84:6c:7b:c2:
b9:ad:10:3b:27:fb:08:bd:1f:63:60:40:2c:52:86:
4d:e5:d2:72:fa:e4:0c:a1:a2:dd:88:02:3e:87:f7:
a0:6a:71:66:b0:40:c2:53:6c:f8:1a:2a:5b:b4:62:
f4:00:63:43:17:c2:33:71:7a:50:9c:00:39:77:5f:
95:12:54:60:e3:ab:83:4a:b6:f1:dd:3b:58:87:92:
c5:6e:5c:54:c7:56:48:ba:d5:28:b8:a3:56:2f:ee:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.175.0/24
194.5.188.0/24
194.5.195.0/24
194.5.205.0/24
Signature Algorithm: sha256WithRSAEncryption
51:45:8f:e1:4d:5a:e5:95:15:b7:89:1d:10:4b:03:02:49:11:
5b:20:1d:fb:79:30:d5:2b:e3:80:73:8b:68:7b:7f:97:86:c9:
8a:ba:16:b6:b1:a2:e3:a5:6e:5d:11:cc:5c:55:57:74:a0:91:
24:97:1f:8a:14:15:30:9b:1c:c9:87:a3:af:31:e2:c7:0e:ce:
54:81:78:1c:35:42:27:e8:80:7e:98:22:04:d0:b9:50:fe:d5:
24:98:86:63:b6:b1:72:ea:bb:f2:2c:9d:07:50:d0:ea:c2:31:
04:ed:46:dc:5e:8c:a7:1e:8b:b3:33:a6:77:d6:d4:80:b4:66:
47:3f:12:e8:63:87:00:df:4e:9a:f3:19:c5:2d:ea:7b:65:02:
7c:7f:06:96:a5:96:6d:c1:60:66:20:b6:fa:88:dd:1b:ad:f8:
a2:88:2a:48:ed:b3:96:f9:94:85:a5:51:2f:9f:be:73:9f:9c:
c6:d5:f5:57:e3:c3:00:66:37:22:31:15:c3:34:15:48:a0:3e:
3d:90:2e:a8:63:25:64:8a:cc:7c:8e:40:7f:ad:ad:cc:ab:8b:
6c:9a:0c:84:70:54:a0:58:ea:77:1b:63:1c:fb:fa:68:98:da:
8e:2b:36:70:bb:e6:88:fc:57:b8:6f:93:e6:5c:80:5c:f9:1a:
ee:2a:fe:c4
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZQfjIVEC36lGOWpjpzYW4I9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDEzNjI5NWY3ZjMyZTY0YmU3OGZiMzk5ZWI2ZDE1YWUzZTkyNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cKESiIhlwr37QcmNWX0sZb4bUZ/
K1ZqYaiVdeCqksKtW4pfgVetkPFaPJqPGA03GBFwvWlW5W2i7HYQcM9FY3mLrvPt
TGg8MdkACS7ECMgZEgRKDSqTKh/fiT2kTvrGa85ixRuLRaAq1H4UCOz8k/aEUgEV
dXxTzFKXLi+wgfyMuscwmLyY44OfdAhBnJWgiSXOLf0Shntx1Rq0xbjnUoRse8K5
rRA7J/sIvR9jYEAsUoZN5dJy+uQMoaLdiAI+h/eganFmsEDCU2z4GipbtGL0AGND
F8IzcXpQnAA5d1+VElRg46uDSrbx3TtYh5LFblxUx1ZIutUouKNWL+79jwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFE0TYpX38y5kvnj7OZ620Vrj6SYyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RiL2I0NDMz
MC01ZDNiLTQ0NzktOGIxMC0yYmI3ZmRkNWY3MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIvYjQ0MzMw
LTVkM2ItNDQ3OS04YjEwLTJiYjdmZGQ1ZjcyOC8xL1RSTmlsZmZ6TG1TLWVQczVu
cmJSV3VQcEpqSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQAwgWvAwQAwgW8AwQAwgXDAwQAwgXNMA0GCSqG
SIb3DQEBCwUAA4IBAQBRRY/hTVrllRW3iR0QSwMCSRFbIB37eTDVK+OAc4toe3+X
hsmKuha2saLjpW5dEcxcVVd0oJEklx+KFBUwmxzJh6OvMeLHDs5UgXgcNUIn6IB+
mCIE0LlQ/tUkmIZjtrFy6rvyLJ0HUNDqwjEE7UbcXoynHouzM6Z31tSAtGZHPxLo
Y4cA306a8xnFLep7ZQJ8fwaWpZZtwWBmILb6iN0brfiiiCpI7bOW+ZSFpVEvn75z
n5zG1fVX48MAZjciMRXDNBVIoD49kC6oYyVkisx8jkB/ra3Mq4tsmgyEcFSgWOp3
G2Mc+/pomNqOKzZwu+aI/Fe4b5PmXIBc+RruKv7E
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:28:28 2025 by rpki-client