Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VfrLmru0yp4IZiqT0ucy5wsGwvI.cer
File: VfrLmru0yp4IZiqT0ucy5wsGwvI.cer (raw, json)
Hash identifier: 6jHmDq5pnZ7ixDqg4ZtAdJzFuxxnreP1DL37m+OUrBc=
Subject key identifier: 55:FA:CB:9A:BB:B4:CA:9E:08:66:2A:93:D2:E7:32:E7:0B:06:C2:F2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FC3C06E747E323D227264FF32827BC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f0/e23338-1f3f-4acd-a88c-2eccfce112dd/1/VfrLmru0yp4IZiqT0ucy5wsGwvI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f0/e23338-1f3f-4acd-a88c-2eccfce112dd/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:49:03 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 89.45.128.0/20
IP: 185.4.84.0/22
IP: 185.84.48.0/22
IP: 185.92.28.0/22
IP: 185.96.108.0/22
IP: 2a02:67c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3c:06:e7:47:e3:23:d2:27:26:4f:f3:28:27:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55facb9abbb4ca9e08662a93d2e732e70b06c2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0d:f9:68:00:14:56:4d:81:ce:dc:b6:fe:22:
60:b8:0b:ae:f0:fe:d1:eb:9e:b6:8e:6e:e5:73:91:
46:50:fc:a8:34:29:52:82:05:21:d2:47:46:4a:65:
6d:75:65:dd:6e:cd:1a:e5:54:c4:bd:46:0c:fa:4c:
b2:6b:c4:26:58:48:45:9a:7e:ed:f6:8a:c2:ac:bb:
d8:dc:e7:ac:89:47:6b:7e:77:9d:7a:05:99:8c:52:
7e:04:d2:ec:67:af:ef:49:69:02:e0:77:38:7c:bb:
f8:dd:e3:74:e1:b7:0e:18:9e:7c:e3:8d:cf:eb:1d:
72:5d:ba:8e:a0:7d:c7:60:ae:a2:90:4f:09:11:42:
fd:1b:0b:86:fb:b8:c3:10:c8:eb:8d:56:0b:ea:d0:
a6:c0:1b:a7:99:23:9d:0d:f2:9b:0a:1e:68:56:00:
a3:0f:e5:44:d2:d7:9f:a9:4b:53:4b:93:af:fb:68:
39:8b:22:a9:ba:76:7c:90:08:55:36:11:38:a9:93:
ab:e9:cc:b2:0f:f5:18:61:4e:04:26:cc:01:fe:6b:
eb:b5:10:52:6b:48:47:9e:11:84:7e:99:da:89:03:
cc:7d:b0:57:9a:be:38:53:3a:0e:08:03:0e:6c:54:
54:d8:ac:88:47:11:40:07:81:3b:71:e3:c6:30:40:
8e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FA:CB:9A:BB:B4:CA:9E:08:66:2A:93:D2:E7:32:E7:0B:06:C2:F2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e23338-1f3f-4acd-a88c-2eccfce112dd/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e23338-1f3f-4acd-a88c-2eccfce112dd/1/VfrLmru0yp4IZiqT0ucy5wsGwvI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.128.0/20
185.4.84.0/22
185.84.48.0/22
185.92.28.0/22
185.96.108.0/22
IPv6:
2a02:67c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:9c:e8:b8:93:74:05:91:4b:82:14:07:71:d7:12:fa:72:85:
fb:00:6a:e6:bc:57:23:20:eb:d7:16:38:8d:24:61:2e:19:6a:
b6:8e:83:c1:90:f7:3a:d9:dc:c7:de:01:b3:e5:cb:d7:c4:f4:
96:91:d3:6e:4c:bf:ee:5e:df:13:af:9f:99:cb:0b:7c:7f:66:
0c:28:f0:d9:d4:bc:46:35:67:64:3e:8d:2e:48:ce:a4:d8:c8:
bf:f2:16:55:8b:85:f3:9f:ef:af:bd:21:7a:74:99:07:e6:c9:
ed:6b:c1:e8:26:50:78:3b:8b:d0:b0:01:a1:dc:1b:31:e1:4e:
a3:25:dc:dc:28:ef:0f:90:b9:67:79:ab:6d:82:36:59:93:e8:
80:4c:e2:1a:77:55:12:78:35:bf:6e:e6:5f:23:33:03:d8:e4:
2b:5e:82:57:c8:0d:26:b2:56:90:01:33:e5:8f:c5:fe:c5:f8:
a4:0b:4f:8f:5f:fc:56:94:52:8c:55:0c:76:37:e0:72:c1:09:
92:82:5b:17:86:34:5a:3f:5a:29:00:59:a8:9b:8d:0e:d2:83:
ae:1a:f0:9b:18:89:d1:50:3a:04:bb:e0:1a:83:d4:6f:ff:b6:
1c:7b:a4:72:05:a3:41:01:75:8c:f9:92:17:5d:8e:9a:02:d6:
06:f8:5c:94
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZQi/DwG50fjI9InJk/zKCe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZhY2I5YWJiYjRjYTllMDg2NjJhOTNkMmU3MzJlNzBiMDZjMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw35aAAUVk2Bzty2/iJguAuu8P7R
6562jm7lc5FGUPyoNClSggUh0kdGSmVtdWXdbs0a5VTEvUYM+kyya8QmWEhFmn7t
9orCrLvY3OesiUdrfnedegWZjFJ+BNLsZ6/vSWkC4Hc4fLv43eN04bcOGJ58443P
6x1yXbqOoH3HYK6ikE8JEUL9GwuG+7jDEMjrjVYL6tCmwBunmSOdDfKbCh5oVgCj
D+VE0tefqUtTS5Ov+2g5iyKpunZ8kAhVNhE4qZOr6cyyD/UYYU4EJswB/mvrtRBS
a0hHnhGEfpnaiQPMfbBXmr44UzoOCAMObFRU2KyIRxFAB4E7cePGMECOZwIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFFX6y5q7tMqeCGYqk9LnMucLBsLyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YwL2UyMzMz
OC0xZjNmLTRhY2QtYTg4Yy0yZWNjZmNlMTEyZGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAvZTIzMzM4
LTFmM2YtNGFjZC1hODhjLTJlY2NmY2UxMTJkZC8xL1ZmckxtcnUweXA0SVppcVQw
dWN5NXdzR3d2SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQEWS2AAwQCuQRUAwQCuVQwAwQCuVwcAwQCuWBs
MA0EAgACMAcDBQAqAmfAMA0GCSqGSIb3DQEBCwUAA4IBAQA3nOi4k3QFkUuCFAdx
1xL6coX7AGrmvFcjIOvXFjiNJGEuGWq2joPBkPc62dzH3gGz5cvXxPSWkdNuTL/u
Xt8Tr5+Zywt8f2YMKPDZ1LxGNWdkPo0uSM6k2Mi/8hZVi4Xzn++vvSF6dJkH5snt
a8HoJlB4O4vQsAGh3Bsx4U6jJdzcKO8PkLlneattgjZZk+iATOIad1USeDW/buZf
IzMD2OQrXoJXyA0mslaQATPlj8X+xfikC0+PX/xWlFKMVQx2N+BywQmSglsXhjRa
P1opAFmom40O0oOuGvCbGInRUDoEu+Aag9Rv/7Yce6RyBaNBAXWM+ZIXXY6aAtYG
+FyU
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:57:31 2025 by rpki-client