Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.cer
File: U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.cer (raw, json)
Hash identifier: Rda/y+NkLJ5X4ezFX+uDLxVJpwlvmZVDO+93Kk9yt14=
Subject key identifier: 53:76:46:7E:F0:92:1C:51:19:0E:2E:A6:0F:2A:BB:3B:D6:E9:C1:9F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B22203EDF5448828F56666A852A91F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 16181
IP: 193.41.218.0/23
IP: 2a0b:480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:22:03:ed:f5:44:88:28:f5:66:66:a8:52:a9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5376467ef0921c51190e2ea60f2abb3bd6e9c19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7e:a5:08:c7:4c:88:89:56:3c:18:25:c8:12:
f6:78:69:15:c0:17:0c:d8:e0:e5:b0:70:49:8e:72:
02:91:06:eb:61:61:0e:9d:58:7b:3c:2e:78:8c:a4:
6b:fb:6a:1c:6d:c7:81:98:bb:cb:4c:27:9f:cc:f8:
8c:34:33:48:a5:b5:40:88:9d:0b:cc:f0:92:10:13:
10:07:9f:b3:c3:78:43:69:2d:51:a2:8c:a7:36:b9:
64:36:d8:26:e0:1b:ef:df:a3:6f:38:07:29:71:bf:
8c:ed:f4:1e:71:e7:e5:20:e9:43:bb:d2:9b:ad:bc:
8d:d0:51:e5:bc:ac:45:1f:6d:04:7a:26:9f:b9:98:
82:be:86:f7:bd:ec:ce:5d:a3:41:23:98:28:b4:04:
5c:39:3d:3b:8d:62:3b:c5:89:5c:a0:54:a5:ff:dc:
79:15:07:43:fc:d7:66:ef:27:2c:3b:2c:f0:db:6d:
e3:92:e6:10:0b:4d:4e:b8:99:e1:64:3a:8d:f6:5a:
14:85:a8:17:8a:5b:7a:95:02:e1:1b:d4:59:36:ce:
f9:7b:81:2e:ab:e4:59:f1:14:8b:28:94:91:a6:66:
56:0a:e7:bb:7b:4e:58:d7:d9:7e:2b:42:ad:c4:b0:
28:8b:52:01:8d:07:7f:e7:4f:3c:31:df:09:dd:b2:
90:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:76:46:7E:F0:92:1C:51:19:0E:2E:A6:0F:2A:BB:3B:D6:E9:C1:9F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.218.0/23
IPv6:
2a0b:480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16181
Signature Algorithm: sha256WithRSAEncryption
ae:9c:a5:f8:68:94:42:ae:51:4f:84:00:d1:f5:fb:8e:5e:7c:
48:7e:87:87:55:34:f3:b3:b2:2c:db:17:2e:33:9a:d3:4e:8c:
ea:9a:c5:f8:e5:b2:4f:22:a7:9f:9f:cf:cc:b9:34:ab:2f:2b:
9f:c8:35:5e:99:9b:5a:9c:bf:ab:8d:7f:3a:44:ea:f9:90:9e:
7e:ff:4f:27:ea:93:75:9f:b1:06:e6:05:03:d2:36:92:b8:47:
f0:c1:69:64:98:32:19:c4:cb:68:8a:ff:bf:12:5e:aa:15:74:
6a:57:10:8d:ec:46:72:68:73:f5:5f:5e:a8:34:52:75:dd:e9:
d0:12:03:24:f1:c3:2a:6c:5f:3c:5a:d2:48:32:03:4f:8e:57:
07:27:f6:a8:86:6b:d8:e9:19:bd:a3:c2:b9:3e:00:0f:4d:aa:
9d:49:0d:98:b1:ca:ce:50:8f:da:b7:5e:ea:87:e9:da:9b:bd:
4e:12:c4:94:30:d4:a2:3f:50:7d:cf:b3:9e:9b:11:bc:a7:c3:
42:54:91:11:30:4b:11:30:34:c7:0b:4c:6a:a5:26:76:5b:eb:
67:23:df:ef:36:44:8f:15:06:21:fa:31:a4:81:d9:94:ab:9e:
31:7d:54:1d:8f:d5:15:b0:b8:fa:ce:c6:4d:f7:8e:46:37:4f:
58:45:2f:23
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZQhsiID7fVEiCj1ZmaoUqkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc2NDY3ZWYwOTIxYzUxMTkwZTJlYTYwZjJhYmIzYmQ2ZTljMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH6lCMdMiIlWPBglyBL2eGkVwBcM
2ODlsHBJjnICkQbrYWEOnVh7PC54jKRr+2ocbceBmLvLTCefzPiMNDNIpbVAiJ0L
zPCSEBMQB5+zw3hDaS1RooynNrlkNtgm4Bvv36NvOAcpcb+M7fQeceflIOlDu9Kb
rbyN0FHlvKxFH20EeiafuZiCvob3vezOXaNBI5gotARcOT07jWI7xYlcoFSl/9x5
FQdD/Ndm7ycsOyzw223jkuYQC01OuJnhZDqN9loUhagXilt6lQLhG9RZNs75e4Eu
q+RZ8RSLKJSRpmZWCue7e05Y19l+K0KtxLAoi1IBjQd/5088Md8J3bKQmQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFFN2Rn7wkhxRGQ4upg8quzvW6cGfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0L2M5ZGIw
ZS05MDNlLTQ4NWUtYjY3Zi0yYzdhMmE3NDYyNzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvYzlkYjBl
LTkwM2UtNDg1ZS1iNjdmLTJjN2EyYTc0NjI3OS8xL1UzWkdmdkNTSEZFWkRpNm1E
eXE3TzlicHdaOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQBwSnaMA0EAgACMAcDBQMqCwSAMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAj81MA0GCSqGSIb3DQEBCwUAA4IBAQCunKX4aJRCrlFP
hADR9fuOXnxIfoeHVTTzs7Is2xcuM5rTTozqmsX45bJPIqefn8/MuTSrLyufyDVe
mZtanL+rjX86ROr5kJ5+/08n6pN1n7EG5gUD0jaSuEfwwWlkmDIZxMtoiv+/El6q
FXRqVxCN7EZyaHP1X16oNFJ13enQEgMk8cMqbF88WtJIMgNPjlcHJ/aohmvY6Rm9
o8K5PgAPTaqdSQ2YscrOUI/at17qh+nam71OEsSUMNSiP1B9z7OemxG8p8NCVJER
MEsRMDTHC0xqpSZ2W+tnI9/vNkSPFQYh+jGkgdmUq54xfVQdj9UVsLj6zsZN945G
N09YRS8j
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:48:18 2025 by rpki-client