Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U0Z21mkyx3oldhE2rJnrm3TYAaY.cer
File: U0Z21mkyx3oldhE2rJnrm3TYAaY.cer (raw, json)
Hash identifier: D/lFiICwwdYXOThrqqUx1fTkZU+asQEos2SAgPAjFbc=
Subject key identifier: 53:46:76:D6:69:32:C7:7A:25:76:11:36:AC:99:EB:9B:74:D8:01:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942521DEDA2C0CEF93CB8383466C8AF2E8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/04e64b-924c-48a0-89a4-a00944fd7d9d/1/U0Z21mkyx3oldhE2rJnrm3TYAaY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/04e64b-924c-48a0-89a4-a00944fd7d9d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:24 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197941
IP: 91.230.85.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:de:da:2c:0c:ef:93:cb:83:83:46:6c:8a:f2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=534676d66932c77a25761136ac99eb9b74d801a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:58:67:20:0d:71:16:ec:0a:50:ec:db:aa:62:
95:9c:b0:d6:a8:3d:04:c7:c2:a4:26:c5:66:e6:a6:
93:1a:e8:37:0a:de:51:24:cc:6c:32:74:cf:be:39:
fa:4a:17:6b:44:a9:b7:30:0e:92:82:1e:4b:7a:ac:
d0:34:a2:51:4d:4b:1d:33:33:31:d3:fb:a5:aa:9a:
77:08:bb:a5:b2:d2:38:09:39:15:f9:51:26:10:f9:
79:e6:cc:98:0a:0a:53:c8:0e:6d:48:45:ca:27:6e:
c9:a6:6d:af:2d:38:46:04:21:a5:11:e1:59:77:e0:
30:ca:9f:4f:b0:a3:54:b0:32:4b:fb:14:2e:1a:28:
5d:18:d9:f6:08:c3:4f:9c:ed:41:b8:04:9f:58:2a:
23:f8:55:be:8c:23:1c:56:f2:14:45:53:88:d7:f5:
31:7e:11:da:cd:7c:a1:7a:ce:de:ba:9a:8f:df:37:
7d:fd:af:57:a8:89:f6:3a:64:ad:1d:41:f9:ef:9f:
42:73:88:bb:e6:53:47:db:ee:a3:3b:bb:27:93:f6:
c6:4a:58:ba:04:19:9e:4a:d5:05:d2:11:f2:e9:25:
be:ce:a5:b1:d4:7d:ab:93:96:d5:6a:a8:6f:94:6d:
0b:7b:55:d8:75:a2:41:b3:b3:14:57:17:95:bf:81:
4e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:46:76:D6:69:32:C7:7A:25:76:11:36:AC:99:EB:9B:74:D8:01:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/04e64b-924c-48a0-89a4-a00944fd7d9d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/04e64b-924c-48a0-89a4-a00944fd7d9d/1/U0Z21mkyx3oldhE2rJnrm3TYAaY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.85.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197941
Signature Algorithm: sha256WithRSAEncryption
82:e3:dd:9a:b7:9a:fc:6c:81:15:bd:69:b2:42:99:50:92:b4:
78:20:0a:84:aa:2a:e3:27:66:eb:51:45:bd:2b:cc:60:b1:de:
e5:85:ae:35:64:7c:a8:3c:8a:09:9a:c3:3c:df:a7:78:ed:c2:
09:25:79:ce:75:3a:a4:8a:99:99:e7:e4:35:e9:57:da:c7:fe:
93:bb:24:04:c1:00:e1:9f:f1:65:4d:89:3c:02:9e:c1:37:91:
1d:df:19:16:0a:23:19:ba:52:ed:80:85:83:11:69:42:8e:ab:
ec:d0:1a:96:62:48:9c:25:51:5d:21:c3:ee:e1:47:73:9f:28:
1b:08:2f:b1:20:c0:36:64:e8:0b:9a:df:85:d9:68:99:3e:1a:
b1:ee:d0:4a:a7:96:9c:37:1a:04:b1:c2:0d:5c:42:ef:8c:23:
a1:db:ec:b7:ef:44:68:eb:97:12:13:96:bf:12:81:fb:2d:f1:
85:74:62:4b:40:e8:48:81:2c:76:80:97:d5:e8:df:99:97:e0:
31:2c:09:a9:e3:09:89:be:01:c3:f1:ec:f8:71:c6:b6:9d:59:
bb:1c:bc:1d:d3:7f:a5:52:59:6d:dc:db:b2:34:f0:d9:f9:1b:
d2:1b:97:ee:ef:15:1b:ac:be:f5:be:0e:0f:df:f9:0c:97:4c:
1b:f4:07:f5
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQlId7aLAzvk8uDg0ZsivLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQ2NzZkNjY5MzJjNzdhMjU3NjExMzZhYzk5ZWI5Yjc0ZDgwMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFhnIA1xFuwKUOzbqmKVnLDWqD0E
x8KkJsVm5qaTGug3Ct5RJMxsMnTPvjn6ShdrRKm3MA6Sgh5LeqzQNKJRTUsdMzMx
0/ulqpp3CLulstI4CTkV+VEmEPl55syYCgpTyA5tSEXKJ27Jpm2vLThGBCGlEeFZ
d+Awyp9PsKNUsDJL+xQuGihdGNn2CMNPnO1BuASfWCoj+FW+jCMcVvIURVOI1/Ux
fhHazXyhes7eupqP3zd9/a9XqIn2OmStHUH5759Cc4i75lNH2+6jO7snk/bGSli6
BBmeStUF0hHy6SW+zqWx1H2rk5bVaqhvlG0Le1XYdaJBs7MUVxeVv4FOsQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFFNGdtZpMsd6JXYRNqyZ65t02AGmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkLzA0ZTY0
Yi05MjRjLTQ4YTAtODlhNC1hMDA5NDRmZDdkOWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvMDRlNjRi
LTkyNGMtNDhhMC04OWE0LWEwMDk0NGZkN2Q5ZC8xL1UwWjIxbWt5eDNvbGRoRTJy
Sm5ybTNUWUFhWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW+ZVMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMFNTANBgkqhkiG9w0BAQsFAAOCAQEAguPdmrea/GyBFb1pskKZUJK0eCAKhKoq
4ydm61FFvSvMYLHe5YWuNWR8qDyKCZrDPN+neO3CCSV5znU6pIqZmefkNelX2sf+
k7skBMEA4Z/xZU2JPAKewTeRHd8ZFgojGbpS7YCFgxFpQo6r7NAalmJInCVRXSHD
7uFHc58oGwgvsSDANmToC5rfhdlomT4ase7QSqeWnDcaBLHCDVxC74wjodvst+9E
aOuXEhOWvxKB+y3xhXRiS0DoSIEsdoCX1ejfmZfgMSwJqeMJib4Bw/Hs+HHGtp1Z
uxy8HdN/pVJZbdzbsjTw2fkb0huX7u8VG6y+9b4OD9/5DJdMG/QH9Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:34:00 2025 by rpki-client