Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UFbHUIQP5cAQOn9RAix87qj-lps.cer
File: UFbHUIQP5cAQOn9RAix87qj-lps.cer (raw, json)
Hash identifier: ySc9DAIFDqByNbJVNhwp4INbY8dR/1ZowGAd/ixF6qI=
Subject key identifier: 50:56:C7:50:84:0F:E5:C0:10:3A:7F:51:02:2C:7C:EE:A8:FE:96:9B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427482EF598AC7FDB1479FFF53C9A1F39
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/UFbHUIQP5cAQOn9RAix87qj-lps.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 37.18.64.0/21
IP: 46.227.192.0/21
IP: 185.137.4.0/22
IP: 2a06:fa80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:2e:f5:98:ac:7f:db:14:79:ff:f5:3c:9a:1f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5056c750840fe5c0103a7f51022c7ceea8fe969b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:34:65:2e:70:4e:3f:92:72:e2:a1:ba:85:08:
88:b5:7a:48:da:b3:70:8d:3e:8d:91:b1:71:cb:9c:
3c:b2:d8:03:fd:c7:5f:cb:87:cd:eb:10:87:80:fc:
6d:d7:e3:45:d8:6f:d6:72:45:da:2f:ed:f4:2e:37:
c8:2b:35:65:f9:4e:4f:74:08:16:91:2f:24:46:67:
09:ff:0e:dc:b4:d6:e1:a6:59:df:cd:d6:ef:b4:6c:
cf:2e:9e:65:7e:40:48:e5:34:9c:e6:7d:6f:a7:f0:
c2:58:83:c8:69:8d:9c:1c:7b:74:e4:98:ec:70:8c:
fd:4d:9a:5f:c8:72:9f:7a:72:dd:2b:7c:fa:4e:59:
ea:2e:2b:6f:0e:b0:ce:23:c8:55:2e:4b:92:74:b0:
43:69:64:93:14:6c:fd:b8:e0:62:39:bc:30:c4:25:
ce:dc:cd:1f:79:65:f8:c5:11:fa:66:58:73:ac:9f:
78:00:54:09:3e:0a:64:74:4e:61:e2:1c:37:ad:72:
8d:3c:fd:2c:c1:4d:5d:65:ae:c4:e1:ff:e5:4c:3b:
e2:42:9f:d9:aa:7e:4c:8f:6b:eb:a8:66:d0:cb:a4:
a9:97:b8:a4:74:4d:17:6e:58:1a:e3:ff:a9:d6:a7:
09:d6:a7:e0:73:50:ea:2e:3a:2c:e6:e5:9c:a4:c7:
6e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:56:C7:50:84:0F:E5:C0:10:3A:7F:51:02:2C:7C:EE:A8:FE:96:9B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/UFbHUIQP5cAQOn9RAix87qj-lps.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.64.0/21
46.227.192.0/21
185.137.4.0/22
IPv6:
2a06:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
98:81:b7:24:2d:f3:f8:d1:95:41:b2:9e:e9:66:4c:f0:ba:92:
f6:28:64:36:e2:5e:b5:3d:3d:95:d5:f7:13:ad:0f:60:d1:bb:
c3:6c:6f:29:e6:03:a2:93:d8:b7:77:8d:ca:7e:e1:29:c7:ee:
6e:61:4f:43:f3:0b:69:19:c3:4e:f8:02:ba:9a:15:4b:5d:e8:
cf:d4:ec:c8:6f:64:bc:50:9b:0a:fb:25:a2:28:2a:a9:77:72:
fc:a7:85:63:dc:5a:42:7c:c8:02:65:15:f1:0c:44:e5:d7:00:
30:07:ee:c2:b5:50:33:8c:b3:0e:2a:f9:45:88:ee:5d:5f:19:
ed:9d:db:80:ec:be:36:3e:57:99:cc:80:37:0c:91:10:72:a7:
5e:13:03:fa:9c:a6:fe:e9:3d:60:61:d7:78:3b:67:38:8b:95:
31:0b:0c:2f:53:35:11:0c:e3:e7:cf:77:9a:eb:33:c2:36:0d:
0c:5a:5a:bc:31:13:fa:ef:35:64:51:45:7a:6e:26:fb:6a:45:
c9:8a:1f:d7:a4:88:ab:13:f6:83:5d:f3:40:c9:98:f3:ec:e5:
c8:f3:ed:88:bc:21:1d:71:f7:99:e2:12:01:8e:57:8f:87:65:
f6:97:bd:50:f0:8c:40:ed:cd:99:d0:61:b5:04:85:b3:93:ba:
15:ae:7a:7b
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQnSC71mKx/2xR5//U8mh85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDU2Yzc1MDg0MGZlNWMwMTAzYTdmNTEwMjJjN2NlZWE4ZmU5NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDRlLnBOP5Jy4qG6hQiItXpI2rNw
jT6NkbFxy5w8stgD/cdfy4fN6xCHgPxt1+NF2G/WckXaL+30LjfIKzVl+U5PdAgW
kS8kRmcJ/w7ctNbhplnfzdbvtGzPLp5lfkBI5TSc5n1vp/DCWIPIaY2cHHt05Jjs
cIz9TZpfyHKfenLdK3z6TlnqLitvDrDOI8hVLkuSdLBDaWSTFGz9uOBiObwwxCXO
3M0feWX4xRH6ZlhzrJ94AFQJPgpkdE5h4hw3rXKNPP0swU1dZa7E4f/lTDviQp/Z
qn5Mj2vrqGbQy6Spl7ikdE0Xblga4/+p1qcJ1qfgc1DqLjos5uWcpMdu3QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFFBWx1CED+XAEDp/UQIsfO6o/pabMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyLzI1Mjk2
OC1iOGJhLTRlMTktODRkNy0zMjI4Mjg2ZGE2MDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIvMjUyOTY4
LWI4YmEtNGUxOS04NGQ3LTMyMjgyODZkYTYwMS8xL1VGYkhVSVFQNWNBUU9uOVJB
aXg4N3FqLWxwcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDJRJAAwQDLuPAAwQCuYkEMA0EAgACMAcDBQMq
BvqAMA0GCSqGSIb3DQEBCwUAA4IBAQCYgbckLfP40ZVBsp7pZkzwupL2KGQ24l61
PT2V1fcTrQ9g0bvDbG8p5gOik9i3d43KfuEpx+5uYU9D8wtpGcNO+AK6mhVLXejP
1OzIb2S8UJsK+yWiKCqpd3L8p4Vj3FpCfMgCZRXxDETl1wAwB+7CtVAzjLMOKvlF
iO5dXxntnduA7L42PleZzIA3DJEQcqdeEwP6nKb+6T1gYdd4O2c4i5UxCwwvUzUR
DOPnz3ea6zPCNg0MWlq8MRP67zVkUUV6bib7akXJih/XpIirE/aDXfNAyZjz7OXI
8+2IvCEdcfeZ4hIBjlePh2X2l71Q8IxA7c2Z0GG1BIWzk7oVrnp7
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:35:09 2025 by rpki-client