Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
File: UoUm3npC8eCAkWhA7r85A4uJPRY.cer (raw, json)
Hash identifier: t9TNS+n2nXBdZCjQhmX9On7WeD58AxtUZh8J1aqm/I0=
Subject key identifier: 52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C5132C0C2EA2149F0F7094CCD7B3F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:47:57 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 212710
IP: 193.58.100.0/22
IP: 2a09:2900::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:51:32:c0:c2:ea:21:49:f0:f7:09:4c:cd:7b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=528526de7a42f1e080916840eebf39038b893d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:48:d7:53:ce:39:94:c4:d0:f2:75:b1:c7:8a:
41:3d:22:65:e4:b6:62:a5:2b:c2:b0:66:30:9d:16:
2e:dd:79:6b:0a:5b:38:c4:13:66:31:b6:9f:5c:77:
da:78:6a:67:89:54:87:41:f2:cb:a7:85:8e:42:ff:
e0:8a:27:9d:85:06:b9:db:fd:ee:96:be:01:81:7d:
27:81:4f:96:6c:61:73:dd:84:96:e3:17:80:8c:38:
a4:15:d6:e7:41:77:05:25:fd:b7:bf:0b:7a:49:26:
8b:91:89:bb:48:f4:e2:03:32:18:23:09:bc:d8:e2:
ae:2a:cf:63:ae:fa:a7:f6:e4:ec:dc:2d:5b:ba:7b:
80:47:2b:36:31:e6:1d:5f:6d:8b:47:df:1c:a8:e8:
af:60:1f:8c:e0:68:34:66:cd:a7:e3:a0:96:b1:52:
a8:44:10:4c:95:0e:25:e0:c2:cf:54:57:66:a2:00:
4b:65:65:a0:51:0e:44:75:1e:dd:31:1c:8e:82:ab:
4e:81:9a:fa:57:be:a1:06:af:c7:c3:3d:a4:b1:bd:
2a:14:c1:ee:c2:37:51:87:21:26:3e:09:fb:df:f8:
3f:e0:25:75:1c:a7:95:7d:a5:a7:5b:f4:d2:c5:e3:
bf:86:88:ad:e3:39:8e:8b:94:b2:d7:f0:0f:55:76:
81:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.100.0/22
IPv6:
2a09:2900::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212710
Signature Algorithm: sha256WithRSAEncryption
04:0a:16:d8:59:61:e3:4c:e4:c2:95:34:6e:7b:9e:67:3a:e2:
e2:58:57:79:bc:70:ba:12:c0:61:0d:aa:e4:5f:e4:a9:97:79:
f0:14:33:5b:18:eb:90:cd:7f:b4:9c:e5:ea:49:5a:5b:cd:39:
65:3c:6a:46:2e:27:48:f0:e1:e6:68:1e:7c:54:8d:fd:5c:12:
23:ed:b4:a8:9d:ca:8e:35:ae:34:04:0d:4d:20:af:c7:89:f2:
06:23:b4:77:32:80:7e:eb:49:c3:2f:76:50:cf:dd:70:73:4d:
17:06:35:3d:95:18:e3:1d:a5:9f:04:81:ce:5b:5c:63:ce:a6:
b2:63:c7:bb:66:0e:d9:02:45:1c:55:52:84:39:e6:f6:8f:b5:
93:be:78:f0:d6:c5:b2:d9:cc:7d:78:ce:45:14:f5:e7:c2:18:
db:02:42:5f:b0:41:ed:89:97:25:87:f3:e1:fb:0a:5a:f8:a2:
67:86:db:b9:05:ba:51:90:64:65:6a:00:e4:98:24:52:01:79:
fe:33:8b:43:e9:21:68:a4:c8:86:9b:9e:fd:d8:b8:5a:74:e7:
f4:5c:d1:96:9b:8c:e4:aa:b3:14:8e:26:8b:17:eb:60:37:46:
82:54:da:f1:3b:91:73:16:c8:2b:58:94:28:a0:b4:9a:25:a6:
11:98:ad:33
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQfjFEywMLqIUnw9wlMzXs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg1MjZkZTdhNDJmMWUwODA5MTY4NDBlZWJmMzkwMzhiODkzZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEjXU845lMTQ8nWxx4pBPSJl5LZi
pSvCsGYwnRYu3XlrCls4xBNmMbafXHfaeGpniVSHQfLLp4WOQv/giiedhQa52/3u
lr4BgX0ngU+WbGFz3YSW4xeAjDikFdbnQXcFJf23vwt6SSaLkYm7SPTiAzIYIwm8
2OKuKs9jrvqn9uTs3C1bunuARys2MeYdX22LR98cqOivYB+M4Gg0Zs2n46CWsVKo
RBBMlQ4l4MLPVFdmogBLZWWgUQ5EdR7dMRyOgqtOgZr6V76hBq/Hwz2ksb0qFMHu
wjdRhyEmPgn73/g/4CV1HKeVfaWnW/TSxeO/hoit4zmOi5Sy1/APVXaBYQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFKFJt56QvHggJFoQO6/OQOLiT0WMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3Lzk2YTky
OC04MTljLTQ3NmMtYmFlMS01MGM5ZjViM2MzZTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvOTZhOTI4
LTgxOWMtNDc2Yy1iYWUxLTUwYzlmNWIzYzNlNC8xL1VvVW0zbnBDOGVDQWtXaEE3
cjg1QTR1SlBSWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCwTpkMA0EAgACMAcDBQMqCSkAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM+5jANBgkqhkiG9w0BAQsFAAOCAQEABAoW2Flh40zk
wpU0bnueZzri4lhXebxwuhLAYQ2q5F/kqZd58BQzWxjrkM1/tJzl6klaW805ZTxq
Ri4nSPDh5mgefFSN/VwSI+20qJ3KjjWuNAQNTSCvx4nyBiO0dzKAfutJwy92UM/d
cHNNFwY1PZUY4x2lnwSBzltcY86msmPHu2YO2QJFHFVShDnm9o+1k7548NbFstnM
fXjORRT158IY2wJCX7BB7YmXJYfz4fsKWviiZ4bbuQW6UZBkZWoA5JgkUgF5/jOL
Q+khaKTIhpue/di4WnTn9FzRlpuM5KqzFI4mixfrYDdGglTa8TuRcxbIK1iUKKC0
miWmEZitMw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:01:43 2025 by rpki-client