Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
File: TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer (raw, json)
Hash identifier: XA9kO51DUOzoY9v6gWIpcjKM7HL7bmy6dyjN9DgOOFw=
Subject key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942521A6F10484EDE30508B2D3D1C4C422
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:09 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204365
IP: 62.169.160.0/19
IP: 80.242.32.0/20
IP: 92.245.0.0/19
IP: 185.251.120.0/22
IP: 188.123.112.0/22
IP: 188.123.120.0/21
IP: 2a02:6720::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a6:f1:04:84:ed:e3:05:08:b2:d3:d1:c4:c4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:00:6a:d8:23:48:7a:92:2b:68:83:2b:b1:03:
d1:71:fe:2d:66:21:43:8a:7c:36:66:af:bd:5e:2e:
17:ab:30:9d:73:13:f4:3a:ee:9d:ba:07:4e:da:29:
ea:4f:80:c0:66:4c:93:6b:72:c9:19:37:7b:28:0f:
99:a4:8c:ac:ac:3c:7f:90:12:7f:5d:94:1c:9a:79:
20:b0:f9:d3:80:51:af:58:7a:f7:e6:48:56:47:c3:
25:fa:be:be:a8:33:d1:f1:e7:3d:63:46:25:a7:43:
a1:eb:4a:2e:65:8a:2e:44:be:e3:1b:83:25:77:38:
74:da:8b:42:af:3b:19:3b:5e:85:54:9b:07:ca:8e:
b1:f8:cc:d0:87:d4:8e:1e:6c:80:d8:8f:3c:2e:16:
8a:93:84:86:54:f5:4d:6a:c3:89:9d:d6:15:0d:50:
17:94:fc:65:6f:9a:25:8c:68:6e:0a:2b:54:70:07:
51:69:2c:5d:b4:98:aa:2a:bd:b0:00:87:25:c5:83:
dc:b7:b5:6d:1d:ba:7f:a7:d3:bc:e9:00:9f:ea:c6:
1a:ea:9b:bc:e6:d1:60:fa:fd:6e:4e:1b:94:db:18:
77:33:11:52:27:9b:9e:5e:5b:ac:a4:2f:9e:0e:bc:
27:7b:78:87:a5:11:ab:a0:e9:51:04:61:d2:e3:12:
4d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.160.0/19
80.242.32.0/20
92.245.0.0/19
185.251.120.0/22
188.123.112.0/22
188.123.120.0/21
IPv6:
2a02:6720::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204365
Signature Algorithm: sha256WithRSAEncryption
a1:ec:fb:82:75:bb:b4:ce:9e:a7:26:a6:4b:63:10:1e:26:57:
aa:31:87:87:e4:b7:d3:3c:69:27:6e:1c:a2:18:74:e6:73:a5:
23:1a:64:f2:3b:19:3e:1d:88:10:16:ee:84:ee:e0:52:13:c6:
89:9b:01:a5:66:21:51:7b:37:63:84:af:18:97:cb:22:1a:a8:
51:8f:d7:26:c2:23:e0:3b:66:44:53:ce:5b:d3:f4:55:db:31:
99:66:e3:42:3d:a1:4b:6a:35:b3:01:16:56:7a:5d:23:54:fb:
54:6d:7c:49:02:ee:95:07:27:c9:b3:e4:4f:ef:e2:82:f6:0c:
f1:01:57:6d:b1:f4:fc:f7:0c:6f:5b:01:c8:56:71:3c:60:8c:
ae:3e:d6:ca:4d:4a:8b:00:77:12:52:ac:f1:c1:c5:7c:99:4c:
2d:fb:3c:ff:9c:d3:eb:d0:bb:1d:a2:f5:f9:e4:86:88:97:36:
51:34:ec:ed:c1:84:04:01:80:52:67:c1:54:ad:eb:68:96:c9:
47:cd:92:56:1f:42:ea:37:24:1e:9c:a0:e2:d6:95:60:41:cd:
f3:9e:78:0b:63:1b:fe:d7:97:22:50:11:41:98:7a:d5:ef:dd:
cb:62:1b:e5:b4:c0:b3:15:b3:98:fe:2d:cf:cb:4f:da:cd:4d:
28:8b:85:1b
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAZQlIabxBITt4wUIstPRxMQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ5MjdhMTQxZmIyNWI3NTgyNGM2YmVhZWYwNjc5ZDM0ZmM0OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqABq2CNIepIraIMrsQPRcf4tZiFD
inw2Zq+9Xi4XqzCdcxP0Ou6dugdO2inqT4DAZkyTa3LJGTd7KA+ZpIysrDx/kBJ/
XZQcmnkgsPnTgFGvWHr35khWR8Ml+r6+qDPR8ec9Y0Ylp0Oh60ouZYouRL7jG4Ml
dzh02otCrzsZO16FVJsHyo6x+MzQh9SOHmyA2I88LhaKk4SGVPVNasOJndYVDVAX
lPxlb5oljGhuCitUcAdRaSxdtJiqKr2wAIclxYPct7VtHbp/p9O86QCf6sYa6pu8
5tFg+v1uThuU2xh3MxFSJ5ueXluspC+eDrwne3iHpRGroOlRBGHS4xJNBQIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFE1JJ6FB+yW3WCTGvq7wZ500/Em9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzZhNGI4
Ni0zMmI0LTQwNWYtYmQ2NS02ODA4MzcwOWE0YjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvNmE0Yjg2
LTMyYjQtNDA1Zi1iZDY1LTY4MDgzNzA5YTRiNS8xL1RVa25vVUg3SmJkWUpNYS1y
dkJublRUOFNiMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF
BwEHAQH/BD0wOzAqBAIAATAkAwQFPqmgAwQEUPIgAwQFXPUAAwQCuft4AwQCvHtw
AwQDvHt4MA0EAgACMAcDBQMqAmcgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMe
TTANBgkqhkiG9w0BAQsFAAOCAQEAoez7gnW7tM6epyamS2MQHiZXqjGHh+S30zxp
J24cohh05nOlIxpk8jsZPh2IEBbuhO7gUhPGiZsBpWYhUXs3Y4SvGJfLIhqoUY/X
JsIj4DtmRFPOW9P0VdsxmWbjQj2hS2o1swEWVnpdI1T7VG18SQLulQcnybPkT+/i
gvYM8QFXbbH0/PcMb1sByFZxPGCMrj7Wyk1KiwB3ElKs8cHFfJlMLfs8/5zT69C7
HaL1+eSGiJc2UTTs7cGEBAGAUmfBVK3raJbJR82SVh9C6jckHpyg4taVYEHN8554
C2Mb/teXIlARQZh61e/dy2Ib5bTAsxWzmP4tz8tP2s1NKIuFGw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:46:26 2025 by rpki-client