Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
File: WLuO46dH7YtXhlfN1HN1hvX9uTE.cer (raw, json)
Hash identifier: pOiyLth992hsmFfrvpikO9Fl1kWYoO11USWtYZBQktQ=
Subject key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01951D7CDD37DA79D6A54F31EA54EF0309A4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 19 Feb 2025 09:14:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8356
AS: 8676
AS: 47578
AS: 56739
AS: 209035
IP: 31.7.8.0/21
IP: 185.109.124.0/22
IP: 185.109.136.0/22
IP: 217.65.160.0/20
IP: 217.198.56.0/21
IP: 2001:768::/32
IP: 2001:1420::/29
IP: 2a03:9f00::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:7c:dd:37:da:79:d6:a5:4f:31:ea:54:ef:03:09:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 19 09:14:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:aa:e3:51:73:91:ff:dc:f4:6e:23:0a:7f:
6b:9b:cc:b7:3d:2c:81:6d:f0:f0:37:48:ca:eb:11:
b4:9a:57:94:ee:73:1c:9f:7e:24:4c:f2:b9:22:d3:
2f:04:1d:47:02:f5:88:7d:ee:29:d2:2c:25:e7:56:
95:55:a2:64:40:2f:1d:fb:a9:77:11:20:9f:4f:b2:
dc:6d:f0:b7:fe:3e:8e:93:c8:36:2f:8a:ef:e0:25:
53:81:45:96:89:99:3f:5c:62:ea:a5:57:2a:06:51:
31:02:99:e0:66:0b:b9:ad:8d:fc:29:97:f5:74:0f:
b2:9d:85:48:4d:0c:c1:bb:83:89:1d:67:b8:e0:05:
48:c5:60:e2:e8:ea:d8:8d:ba:29:c4:12:9b:09:54:
4a:e4:75:70:1a:83:3e:e2:0d:a8:62:be:90:61:f5:
25:68:5e:3d:a2:b4:06:6c:42:69:2c:e6:af:71:6e:
4d:3f:10:d5:6f:ab:35:8a:ef:42:4a:c1:be:51:96:
f0:57:2a:3c:1b:51:35:79:76:5a:b4:21:70:66:a1:
15:8b:4c:8d:b7:01:3d:23:d3:01:c6:7a:59:99:4b:
c5:bf:79:ef:44:03:2d:73:cd:b5:03:ce:79:54:12:
7d:8f:dc:ee:aa:2b:e1:c0:c5:65:f4:e8:58:e3:1a:
23:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.8.0/21
185.109.124.0/22
185.109.136.0/22
217.65.160.0/20
217.198.56.0/21
IPv6:
2001:768::/32
2001:1420::/29
2a03:9f00::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8356
8676
47578
56739
209035
Signature Algorithm: sha256WithRSAEncryption
61:eb:5c:de:d8:58:60:7e:93:0d:2b:8f:c5:5a:7e:bd:ad:85:
fa:f1:d6:4d:04:f0:f1:86:a2:1a:93:92:c1:7f:c5:a2:87:df:
7c:5d:2b:d0:4a:a0:c4:22:12:9c:46:c2:3f:0b:28:7c:c7:47:
c3:57:89:4d:da:22:fa:65:1f:f3:a8:f4:b8:e7:dd:65:28:64:
f9:4f:9d:b5:ad:b9:ac:f8:16:e3:39:d8:9e:f6:ac:6b:99:76:
9b:00:fb:7b:83:10:15:e5:63:df:fb:a1:1e:a0:c2:3d:69:17:
d5:54:6b:4a:6d:aa:77:76:03:53:0c:f0:6b:7e:99:65:13:4a:
69:b7:51:ee:4f:e0:fc:95:f5:cd:e1:8d:2a:ab:21:bd:af:87:
9d:7e:6c:0c:88:13:82:b6:da:26:f3:69:19:49:04:df:1f:11:
a5:df:19:98:b9:c5:19:64:27:a4:9e:3b:11:04:97:38:7c:1d:
26:41:be:17:11:01:ba:19:33:25:8e:9f:db:2c:6e:0d:1d:d2:
9f:5c:d5:76:cb:59:00:fa:d7:5c:f9:cd:d2:f8:ad:15:50:39:
ab:06:1e:a8:c1:a1:fc:ef:8a:c9:29:c3:a1:ab:32:f3:39:42:
0d:d2:ce:b3:98:c8:f9:7d:35:94:63:89:ed:a1:3b:3c:41:d1:
f1:15:03:44
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZUdfN032nnWpU8x6lTvAwmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMjE5MDkxNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJiOGVlM2E3NDdlZDhiNTc4NjU3Y2RkNDczNzU4NmY1ZmRiOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbmq41Fzkf/c9G4jCn9rm8y3PSyB
bfDwN0jK6xG0mleU7nMcn34kTPK5ItMvBB1HAvWIfe4p0iwl51aVVaJkQC8d+6l3
ESCfT7LcbfC3/j6Ok8g2L4rv4CVTgUWWiZk/XGLqpVcqBlExApngZgu5rY38KZf1
dA+ynYVITQzBu4OJHWe44AVIxWDi6OrYjbopxBKbCVRK5HVwGoM+4g2oYr6QYfUl
aF49orQGbEJpLOavcW5NPxDVb6s1iu9CSsG+UZbwVyo8G1E1eXZatCFwZqEVi0yN
twE9I9MBxnpZmUvFv3nvRAMtc821A855VBJ9j9zuqivhwMVl9OhY4xojvQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFFi7juOnR+2LV4ZXzdRzdYb1/bkxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YyLzAzYTcw
Yi0zYmM2LTQzMzktOWU0OS1hODNmOTE0MDM1YjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvMDNhNzBi
LTNiYzYtNDMzOS05ZTQ5LWE4M2Y5MTQwMzViMy8xL1dMdU80NmRIN1l0WGhsZk4x
SE4xaHZYOXVURS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUF
BwEHAQH/BEUwQzAkBAIAATAeAwQDHwcIAwQCuW18AwQCuW2IAwQE2UGgAwQD2cY4
MBsEAgACMBUDBQAgAQdoAwUDIAEUIAMFACoDnwAwLAYIKwYBBQUHAQgBAf8EHTAb
oBkwFwICIKQCAiHkAgMAudoCAwDdowIDAzCLMA0GCSqGSIb3DQEBCwUAA4IBAQBh
61ze2FhgfpMNK4/FWn69rYX68dZNBPDxhqIak5LBf8Wih998XSvQSqDEIhKcRsI/
Cyh8x0fDV4lN2iL6ZR/zqPS4591lKGT5T521rbms+BbjOdie9qxrmXabAPt7gxAV
5WPf+6EeoMI9aRfVVGtKbap3dgNTDPBrfpllE0ppt1HuT+D8lfXN4Y0qqyG9r4ed
fmwMiBOCttom82kZSQTfHxGl3xmYucUZZCeknjsRBJc4fB0mQb4XEQG6GTMljp/b
LG4NHdKfXNV2y1kA+tdc+c3S+K0VUDmrBh6owaH874rJKcOhqzLzOUIN0s6zmMj5
fTWUY4ntoTs8QdHxFQNE
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:09:45 2025 by rpki-client