Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
File: TppsGPNJs5XDHDO7f5ufWBe96ag.cer (raw, json)
Hash identifier: R/IKXGZXaLXhl185lZoMGK7SikRXJtUW2tV3kYGfBH4=
Subject key identifier: 4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D65FC6912BD135D91BBCC7DE343F6D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.mft
caRepository: rsync://rpki.nellicus.net/repo/nellicus/1/
Notify URL: https://rpki.nellicus.net/rrdp/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:27 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 61961
IP: 185.204.12.0/22
IP: 2001:678:5e4::/48
IP: 2a0a:f040::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5f:c6:91:2b:d1:35:d9:1b:bc:c7:de:34:3f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:db:5f:c9:43:c8:bf:a6:2d:bb:9e:54:23:
29:32:14:5c:7a:38:75:34:ac:d1:ba:32:51:d2:9a:
c4:47:ad:84:6d:5e:49:0d:c2:c1:30:3d:d5:68:d5:
2b:7c:59:f7:d2:b2:de:23:0a:a0:90:03:5b:a5:51:
e7:ea:e9:6c:9d:19:a8:fa:ad:df:74:11:c2:53:54:
e7:01:18:5d:b3:d7:46:3b:02:cb:a4:75:bb:72:61:
18:06:05:d1:75:5e:cc:0b:5f:b7:26:49:32:0c:c1:
3d:a0:99:3a:7c:46:dd:91:b3:2c:21:8e:63:18:8c:
b8:b5:7c:ba:e4:ef:ea:8d:5c:cb:56:df:aa:9c:da:
90:0b:cc:5a:f2:89:8b:c2:ea:10:f2:f8:9d:72:0b:
7d:15:38:2d:84:89:9e:cc:b4:c0:32:b8:dd:9d:e4:
b8:76:5e:c4:dd:39:bc:80:29:77:cc:74:bf:2a:b0:
6d:99:3a:1c:a5:25:ae:4d:b5:e3:b6:6f:da:ce:75:
8b:b8:6f:59:15:14:7e:ba:f0:b1:fe:8a:61:90:0d:
1f:99:2a:ef:a0:be:fd:87:32:63:bc:fe:20:18:f3:
52:82:a2:df:2d:8d:50:f1:9a:a0:30:6b:61:eb:db:
e7:d6:82:45:fd:b4:67:56:7b:d3:f0:07:7f:d9:4f:
de:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.nellicus.net/repo/nellicus/1/
RPKI Manifest - URI:rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.mft
RPKI Notify - URI:https://rpki.nellicus.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.12.0/22
IPv6:
2001:678:5e4::/48
2a0a:f040::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61961
Signature Algorithm: sha256WithRSAEncryption
66:dc:c7:06:75:4c:19:f5:5e:c3:41:77:6e:fb:d2:f3:b0:51:
05:0b:e0:ec:d1:00:b0:30:90:4a:f0:ce:b3:49:70:a9:e3:b5:
4a:39:a6:04:e8:d6:40:ef:d1:99:d8:3d:ad:e1:1f:87:72:fb:
c0:03:3f:00:41:5b:2e:d6:fd:03:25:d2:d1:56:a3:d6:62:1f:
73:8b:75:4d:13:f3:c1:f8:64:8a:4e:0c:9b:61:02:c0:96:2f:
09:01:32:a2:16:d9:f8:cd:9d:df:73:13:e3:ee:2f:04:f1:e3:
cb:d7:05:57:63:f5:b6:d8:24:ad:f7:60:e3:fb:bf:f0:a0:9d:
07:d5:22:e2:71:ca:69:6d:ed:7c:fd:f5:de:c8:fa:db:a3:7b:
87:7d:5b:f6:cc:d1:83:29:36:18:23:f8:c3:80:ac:c5:6e:bf:
1c:a9:33:12:3c:4e:12:12:0d:88:14:10:14:fb:87:68:3a:5f:
8d:37:70:59:bc:df:10:a7:b8:f5:02:77:4d:de:99:03:59:23:
05:fa:c4:9c:60:95:97:cb:8a:34:e9:f1:4c:d3:fb:b8:a7:14:
b1:a0:61:55:a8:f2:87:7b:c2:be:23:47:b0:f8:76:61:48:a9:
b5:d5:b8:0e:45:2e:90:20:0a:98:e1:5e:1f:97:42:f9:78:7c:
b0:b5:43:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZQg1l/GkSvRNdkbvMfeND9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTlhNmMxOGYzNDliMzk1YzMxYzMzYmI3ZjliOWY1ODE3YmRlOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubrbX8lDyL+mLbueVCMpMhRcejh1
NKzRujJR0prER62EbV5JDcLBMD3VaNUrfFn30rLeIwqgkANbpVHn6ulsnRmo+q3f
dBHCU1TnARhds9dGOwLLpHW7cmEYBgXRdV7MC1+3JkkyDME9oJk6fEbdkbMsIY5j
GIy4tXy65O/qjVzLVt+qnNqQC8xa8omLwuoQ8vidcgt9FTgthImezLTAMrjdneS4
dl7E3Tm8gCl3zHS/KrBtmTocpSWuTbXjtm/aznWLuG9ZFRR+uvCx/ophkA0fmSrv
oL79hzJjvP4gGPNSgqLfLY1Q8ZqgMGth69vn1oJF/bRnVnvT8Ad/2U/eIQIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFE6abBjzSbOVwxwzu3+bn1gXvemoMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgekGCCsGAQUFBwELBIHcMIHZMDYGCCsGAQUFBzAFhipyc3lu
YzovL3Jwa2kubmVsbGljdXMubmV0L3JlcG8vbmVsbGljdXMvMS8wYgYIKwYBBQUH
MAqGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxsaWN1cy8xLzRF
OUE2QzE4RjM0OUIzOTVDMzFDMzNCQjdGOUI5RjU4MTdCREU5QTgubWZ0MDsGCCsG
AQUFBzANhi9odHRwczovL3Jwa2kubmVsbGljdXMubmV0L3JyZHAvbm90aWZpY2F0
aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5j
cmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYw
DAQCAAEwBgMEArnMDDAWBAIAAjAQAwcAIAEGeAXkAwUDKgrwQDAaBggrBgEFBQcB
CAEB/wQLMAmgBzAFAgMA8gkwDQYJKoZIhvcNAQELBQADggEBAGbcxwZ1TBn1XsNB
d2770vOwUQUL4OzRALAwkErwzrNJcKnjtUo5pgTo1kDv0ZnYPa3hH4dy+8ADPwBB
Wy7W/QMl0tFWo9ZiH3OLdU0T88H4ZIpODJthAsCWLwkBMqIW2fjNnd9zE+PuLwTx
48vXBVdj9bbYJK33YOP7v/CgnQfVIuJxymlt7Xz99d7I+tuje4d9W/bM0YMpNhgj
+MOArMVuvxypMxI8ThISDYgUEBT7h2g6X403cFm83xCnuPUCd03emQNZIwX6xJxg
lZfLijTp8UzT+7inFLGgYVWo8od7wr4jR7D4dmFIqbXVuA5FLpAgCpjhXh+XQvl4
fLC1QyE=
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:50:42 2025 by rpki-client