Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
File: VDxcNKYv--2PwPDsAbQsDFDufvc.cer (raw, json)
Hash identifier: voaKN9SFsruS996Ekm18GkyxRqMir+b8C8SaH6BMOTg=
Subject key identifier: 54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B21CDE4F3A20F8967B9B7BFFA6CCBB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:28 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 91.204.72.0/22
IP: 185.23.16.0/22
IP: 2a00:6ae0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1c:de:4f:3a:20:f8:96:7b:9b:7b:ff:a6:cc:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2e:b8:3d:3b:c1:2b:2d:94:7b:8b:c7:7d:3d:
54:2d:5d:b9:81:86:4d:ce:b4:5c:e9:66:4b:9c:91:
ee:bf:e9:6f:36:32:28:30:5e:2f:dd:2c:6c:f1:80:
d9:57:02:e6:3d:aa:8f:8b:0a:13:c1:51:5c:1f:b1:
ba:56:a1:de:8c:b9:38:49:20:b3:de:ae:29:2e:94:
b9:ff:23:1c:51:72:0f:fa:d9:ca:65:24:c4:61:ae:
08:05:c4:dc:21:d9:ea:b8:2e:70:84:b2:64:26:c4:
55:51:4c:fd:fd:2d:66:74:30:5c:dc:bb:fc:57:03:
63:f6:38:63:9e:4e:bd:7d:ef:1e:b3:af:02:66:19:
ed:bb:83:bb:8d:a4:1e:06:7a:07:b9:b7:35:a5:61:
c6:d1:c1:24:dd:72:7e:98:d5:a6:8b:14:91:38:f7:
d2:d6:af:09:70:48:bb:81:05:8e:15:c0:45:c9:db:
6f:b1:6a:5e:11:8f:4a:b5:cc:8d:f3:b7:0c:64:8e:
0a:e8:8b:47:9f:ef:1b:bb:93:b9:c4:d9:aa:77:3e:
96:8a:1c:19:91:0a:31:a5:c6:e8:45:e1:1d:fa:85:
27:50:ba:74:da:69:cd:39:ea:5b:e5:6c:48:cc:94:
8f:4b:90:bd:cd:76:9e:e6:8c:ef:25:03:a7:f8:11:
88:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.72.0/22
185.23.16.0/22
IPv6:
2a00:6ae0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:9c:a2:24:ba:e0:02:94:3d:3c:92:f2:72:af:b2:e2:22:cf:
41:c0:98:b4:a9:da:33:71:d0:a0:1c:6e:77:2a:ce:84:60:ec:
3f:c9:73:43:88:67:2f:f2:cd:49:8f:2d:e9:dc:05:a5:c5:cb:
32:8d:1e:a9:99:71:cf:84:43:8f:95:97:8b:f5:9e:a2:95:86:
80:af:c5:e3:5f:bd:8f:03:70:aa:47:58:5a:c7:61:82:af:b1:
22:5d:08:5e:54:27:db:3e:9d:47:7c:ee:7b:84:42:fa:c9:43:
9e:2a:8b:37:3e:aa:77:ed:db:11:30:66:2b:6b:0f:c6:ba:00:
e2:e0:7a:db:67:49:64:84:3e:ee:36:74:49:ed:87:df:94:be:
85:77:3c:ae:70:c8:8c:c7:65:9f:1e:67:74:97:21:d3:ef:91:
ee:01:e8:cc:cf:fc:a7:35:2d:25:26:b2:08:58:c6:8d:fb:c9:
2f:df:51:cc:5c:ba:df:75:88:a3:14:78:97:88:53:0a:a4:a3:
d6:10:4f:6f:da:7b:6a:d5:bc:98:a0:27:f3:cd:6a:11:9b:ba:
ae:51:21:25:63:3b:89:85:e7:67:97:bd:a7:49:e7:ab:99:c0:
71:4e:94:48:2e:94:0d:ec:0d:6c:5c:b5:be:4c:8c:67:8d:f3:
aa:5b:01:f2
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQhshzeTzog+JZ7m3v/psy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNjNWMzNGE2MmZmYmVkOGZjMGYwZWMwMWI0MmMwYzUwZWU3ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi64PTvBKy2Ue4vHfT1ULV25gYZN
zrRc6WZLnJHuv+lvNjIoMF4v3Sxs8YDZVwLmPaqPiwoTwVFcH7G6VqHejLk4SSCz
3q4pLpS5/yMcUXIP+tnKZSTEYa4IBcTcIdnquC5whLJkJsRVUUz9/S1mdDBc3Lv8
VwNj9jhjnk69fe8es68CZhntu4O7jaQeBnoHubc1pWHG0cEk3XJ+mNWmixSROPfS
1q8JcEi7gQWOFcBFydtvsWpeEY9KtcyN87cMZI4K6ItHn+8bu5O5xNmqdz6WihwZ
kQoxpcboReEd+oUnULp02mnNOepb5WxIzJSPS5C9zXae5ozvJQOn+BGItQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RlLzE2ZTAy
Mi00ZGE4LTQ2ODQtODVlNi1mNGYxZjkzZTA0NjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUvMTZlMDIy
LTRkYTgtNDY4NC04NWU2LWY0ZjFmOTNlMDQ2Ny8xL1ZEeGNOS1l2LS0yUHdQRHNB
YlFzREZEdWZ2Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCW8xIAwQCuRcQMA0EAgACMAcDBQAqAGrgMA0G
CSqGSIb3DQEBCwUAA4IBAQAcnKIkuuAClD08kvJyr7LiIs9BwJi0qdozcdCgHG53
Ks6EYOw/yXNDiGcv8s1Jjy3p3AWlxcsyjR6pmXHPhEOPlZeL9Z6ilYaAr8XjX72P
A3CqR1hax2GCr7EiXQheVCfbPp1HfO57hEL6yUOeKos3Pqp37dsRMGYraw/GugDi
4HrbZ0lkhD7uNnRJ7YfflL6FdzyucMiMx2WfHmd0lyHT75HuAejMz/ynNS0lJrII
WMaN+8kv31HMXLrfdYijFHiXiFMKpKPWEE9v2ntq1byYoCfzzWoRm7quUSElYzuJ
hednl72nSeermcBxTpRILpQN7A1sXLW+TIxnjfOqWwHy
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:37 2025 by rpki-client