Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
File: U53I-Drwei_XEh53wBzCg8ZRoIc.cer (raw, json)
Hash identifier: NZKZcecRXAk8PDnKPRYa/dRWnvya20/8cvv3oPQofqE=
Subject key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424459E23B9ECC130C0B4FF77E6E12DFC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 48842
IP: 91.212.60.0/24
IP: 91.217.163.0/24
IP: 193.169.172.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9e:23:b9:ec:c1:30:c0:b4:ff:77:e6:e1:2d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:be:14:38:77:3f:7d:db:a2:61:89:5d:b3:
81:27:1c:07:f3:b1:60:36:23:e7:d2:ea:56:6f:8e:
9a:81:3b:25:78:f2:a0:d5:77:79:08:10:af:0b:c4:
47:49:3a:78:cd:be:ca:ff:07:f3:87:a9:e8:4b:25:
e7:d9:32:84:80:c6:1d:24:27:0e:cb:80:ef:5f:4f:
1d:92:59:05:0a:e8:e4:9a:74:bf:49:08:ea:c9:fe:
81:55:1e:1b:13:20:e1:c6:84:14:65:33:21:c0:10:
08:2d:f0:f7:de:5f:65:0d:db:1e:3f:1b:3d:03:d4:
e1:e1:12:bc:a1:51:e7:ab:7a:f8:e9:bc:f0:79:f4:
75:77:25:6d:7d:04:96:ac:83:00:82:d2:76:7b:78:
60:d0:00:74:e0:9a:df:b3:07:0d:68:ff:fd:22:33:
ce:cb:56:0c:c9:ee:01:26:76:93:5f:79:a4:83:bd:
ad:ac:d6:41:13:b4:7e:dc:3b:66:50:ea:61:9e:65:
5f:4b:05:82:51:0d:2d:25:fd:43:64:3c:01:87:1c:
32:ba:0a:cc:cd:d7:9f:12:e8:17:6f:1c:38:95:20:
b2:38:73:ae:08:4d:5b:70:9a:42:3d:24:a2:59:a7:
bc:d5:f5:79:7c:5f:cd:44:11:ca:29:08:95:cd:1f:
15:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.60.0/24
91.217.163.0/24
193.169.172.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
48842
Signature Algorithm: sha256WithRSAEncryption
02:97:cd:26:d4:97:00:bf:15:d0:48:10:20:c5:1b:8d:52:7e:
37:55:84:1d:78:0b:05:21:ee:67:46:5b:9b:25:c2:b4:1b:2a:
8e:88:67:6c:d8:83:be:62:9d:4f:6e:74:48:43:41:f7:3b:1d:
86:f6:37:13:66:a7:8d:5c:4a:52:30:5d:5c:8e:58:2b:e0:5d:
84:8b:4f:39:a8:ea:ab:af:aa:5b:29:db:39:4b:a5:22:96:30:
b8:bc:1d:cf:f4:58:50:a8:7b:0c:4f:31:ee:23:7b:51:51:0e:
45:d8:8c:ce:34:ec:fa:95:28:77:d8:03:70:99:3d:8a:81:65:
23:05:3f:81:30:10:f0:82:7a:16:4e:bf:4d:2f:9f:09:e7:5f:
24:20:77:2f:39:c7:a5:8f:75:2d:7c:a4:47:c0:02:ea:7c:ad:
15:62:0d:65:ae:30:9c:84:3a:29:24:4e:e6:03:88:76:31:b4:
4b:06:1e:29:49:b7:94:0d:ed:02:25:e4:d2:e8:d6:f8:a5:5b:
cb:a4:a4:a4:f4:48:29:7c:19:1d:09:a7:38:68:c9:da:0f:4f:
29:a5:6f:69:cc:73:ae:cf:6c:54:7d:bf:65:6e:73:93:11:0c:
15:7a:7c:ec:c8:02:97:d4:15:78:e3:0c:1b:10:db:87:aa:a9:
25:cc:a1:ba
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZQkRZ4juezBMMC0/3fm4S38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzlkYzhmODNhZjA3YTJmZDcxMjFlNzdjMDFjYzI4M2M2NTFhMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQW+FDh3P33bomGJXbOBJxwH87Fg
NiPn0upWb46agTslePKg1Xd5CBCvC8RHSTp4zb7K/wfzh6noSyXn2TKEgMYdJCcO
y4DvX08dklkFCujkmnS/SQjqyf6BVR4bEyDhxoQUZTMhwBAILfD33l9lDdsePxs9
A9Th4RK8oVHnq3r46bzwefR1dyVtfQSWrIMAgtJ2e3hg0AB04JrfswcNaP/9IjPO
y1YMye4BJnaTX3mkg72trNZBE7R+3DtmUOphnmVfSwWCUQ0tJf1DZDwBhxwyugrM
zdefEugXbxw4lSCyOHOuCE1bcJpCPSSiWae81fV5fF/NRBHKKQiVzR8VrQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFFOdyPg68Hov1xIed8AcwoPGUaCHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzczMmVh
Mi05YTVjLTRlZGEtYjliNC02Mjc2YjE3OGVmZGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvNzMyZWEy
LTlhNWMtNGVkYS1iOWI0LTYyNzZiMTc4ZWZkZi8xL1U1M0ktRHJ3ZWlfWEVoNTN3
QnpDZzhaUm9JYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQAW9Q8AwQAW9mjAwQBwamsMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwC+yjANBgkqhkiG9w0BAQsFAAOCAQEAApfNJtSXAL8V0EgQ
IMUbjVJ+N1WEHXgLBSHuZ0ZbmyXCtBsqjohnbNiDvmKdT250SENB9zsdhvY3E2an
jVxKUjBdXI5YK+BdhItPOajqq6+qWynbOUulIpYwuLwdz/RYUKh7DE8x7iN7UVEO
RdiMzjTs+pUod9gDcJk9ioFlIwU/gTAQ8IJ6Fk6/TS+fCedfJCB3LznHpY91LXyk
R8AC6nytFWINZa4wnIQ6KSRO5gOIdjG0SwYeKUm3lA3tAiXk0ujW+KVby6SkpPRI
KXwZHQmnOGjJ2g9PKaVvacxzrs9sVH2/ZW5zkxEMFXp87MgCl9QVeOMMGxDbh6qp
Jcyhug==
-----END CERTIFICATE-----
Generated at Sat Mar 8 22:11:06 2025 by rpki-client