Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UmxhjRW7cS4-uuBqixgWl6XkB7g.cer
File: UmxhjRW7cS4-uuBqixgWl6XkB7g.cer (raw, json)
Hash identifier: 9G5j5G3u3Zecho7RMQu4uLDB4ELqsO6aMUr1+KQMgcw=
Subject key identifier: 52:6C:61:8D:15:BB:71:2E:3E:BA:E0:6A:8B:18:16:97:A5:E4:07:B8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B19D7B5BB8BA43623BAD1B68DA5931
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dd/260cf2-8850-43f8-a7f2-9273fc016f7d/1/UmxhjRW7cS4-uuBqixgWl6XkB7g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dd/260cf2-8850-43f8-a7f2-9273fc016f7d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:47:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 213123
IP: 45.85.164.0/22
IP: 94.231.197.0/24
IP: 2a0e:c280::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9d:7b:5b:b8:ba:43:62:3b:ad:1b:68:da:59:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=526c618d15bb712e3ebae06a8b181697a5e407b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b0:e2:17:82:20:b2:62:2b:84:c8:de:b8:9c:
c2:9a:de:4b:df:b2:f4:48:66:f8:68:51:91:b9:2b:
7d:f0:1b:19:ef:f9:46:29:d5:4b:a5:1a:07:bc:41:
4e:f3:90:74:90:75:72:36:ba:c1:7a:39:30:5f:82:
19:2a:dd:89:68:34:b1:2b:6a:f7:f4:d1:bf:27:4c:
46:6c:7a:cb:9c:f9:01:6a:0a:88:3b:d5:39:60:3e:
0c:fc:4a:60:0a:c2:5d:63:12:bd:70:e6:38:08:f0:
9b:88:0d:14:89:c1:15:22:fb:dd:8a:b6:70:f8:75:
d4:d1:fd:d8:b6:9d:f2:32:a9:90:97:85:d3:59:9b:
c4:05:b8:f7:95:36:93:cc:31:1c:9a:b7:6b:83:8c:
e4:14:18:e9:08:12:a9:94:c2:82:b7:b9:a5:a6:45:
28:ca:0f:61:8b:39:9b:f9:fe:94:f3:37:c4:ec:ef:
32:ee:00:c3:82:01:97:85:f9:ee:6c:32:9b:23:09:
fa:32:62:c8:10:bd:45:00:67:97:18:18:9d:76:e2:
a6:8e:df:14:0c:16:e0:6d:e5:f7:af:69:9d:01:b2:
d8:eb:2d:d9:c6:e2:53:80:e2:fc:fb:bf:e0:32:5e:
bc:68:77:b6:47:01:7a:8a:94:79:a3:98:0e:18:08:
77:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6C:61:8D:15:BB:71:2E:3E:BA:E0:6A:8B:18:16:97:A5:E4:07:B8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/260cf2-8850-43f8-a7f2-9273fc016f7d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/260cf2-8850-43f8-a7f2-9273fc016f7d/1/UmxhjRW7cS4-uuBqixgWl6XkB7g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.164.0/22
94.231.197.0/24
IPv6:
2a0e:c280::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213123
Signature Algorithm: sha256WithRSAEncryption
33:94:5b:55:80:34:55:92:0a:fd:91:a5:e3:f7:a7:8d:da:7c:
74:f8:ec:91:00:be:2d:9d:b6:14:64:6c:f4:ce:9a:42:6f:bc:
90:87:79:c8:71:35:7b:01:66:75:37:b5:07:70:08:28:82:09:
e5:40:62:4a:71:34:74:a8:9d:ee:aa:82:6c:77:62:c2:13:95:
6d:d9:1c:e7:15:20:fd:ca:52:02:f7:a9:5c:c8:28:4d:b4:c3:
c7:28:53:18:d2:66:a3:34:c4:41:ec:c0:47:62:79:95:9d:3f:
68:2e:a9:9a:e3:ca:bc:2a:43:a9:6a:d4:a8:ab:4d:79:3c:b1:
d2:ec:5e:b2:f7:d5:bf:ec:91:67:12:d6:be:37:9f:a4:35:cd:
0e:88:47:49:ae:e6:15:82:1d:e8:b5:83:8f:d2:c8:2d:84:55:
d7:43:55:ca:39:aa:dc:75:5c:6c:14:4d:b2:ec:00:90:d9:61:
8b:e9:ce:b2:b0:e3:0b:a8:a8:64:9f:b7:0c:cc:c6:2e:f4:06:
45:05:2a:53:a3:9e:17:53:2d:cb:c3:cc:f8:b0:e8:02:07:00:
19:05:ee:9b:ef:c8:10:85:86:ff:18:b8:e9:f5:41:ee:75:24:
53:23:58:91:22:14:84:ac:4a:2b:0d:1b:48:73:c7:30:29:1b:
73:cf:e8:93
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQhsZ17W7i6Q2I7rRto2lkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZjNjE4ZDE1YmI3MTJlM2ViYWUwNmE4YjE4MTY5N2E1ZTQwN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbDiF4IgsmIrhMjeuJzCmt5L37L0
SGb4aFGRuSt98BsZ7/lGKdVLpRoHvEFO85B0kHVyNrrBejkwX4IZKt2JaDSxK2r3
9NG/J0xGbHrLnPkBagqIO9U5YD4M/EpgCsJdYxK9cOY4CPCbiA0UicEVIvvdirZw
+HXU0f3Ytp3yMqmQl4XTWZvEBbj3lTaTzDEcmrdrg4zkFBjpCBKplMKCt7mlpkUo
yg9hizmb+f6U8zfE7O8y7gDDggGXhfnubDKbIwn6MmLIEL1FAGeXGBidduKmjt8U
DBbgbeX3r2mdAbLY6y3ZxuJTgOL8+7/gMl68aHe2RwF6ipR5o5gOGAh3MQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFFJsYY0Vu3EuPrrgaosYFpel5Ae4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RkLzI2MGNm
Mi04ODUwLTQzZjgtYTdmMi05MjczZmMwMTZmN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQvMjYwY2Yy
LTg4NTAtNDNmOC1hN2YyLTkyNzNmYzAxNmY3ZC8xL1VteGhqUlc3Y1M0LXV1QnFp
eGdXbDZYa0I3Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCLVWkAwQAXufFMA0EAgACMAcDBQMqDsKAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwNAgzANBgkqhkiG9w0BAQsFAAOCAQEAM5Rb
VYA0VZIK/ZGl4/enjdp8dPjskQC+LZ22FGRs9M6aQm+8kId5yHE1ewFmdTe1B3AI
KIIJ5UBiSnE0dKid7qqCbHdiwhOVbdkc5xUg/cpSAvepXMgoTbTDxyhTGNJmozTE
QezAR2J5lZ0/aC6pmuPKvCpDqWrUqKtNeTyx0uxesvfVv+yRZxLWvjefpDXNDohH
Sa7mFYId6LWDj9LILYRV10NVyjmq3HVcbBRNsuwAkNlhi+nOsrDjC6ioZJ+3DMzG
LvQGRQUqU6OeF1Mty8PM+LDoAgcAGQXum+/IEIWG/xi46fVB7nUkUyNYkSIUhKxK
Kw0bSHPHMCkbc8/okw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:56:19 2025 by rpki-client