Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
File: XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer (raw, json)
Hash identifier: FJSH3jb3/QAvwq8estofM5EJHakNL6E1STXex+YOC8Q=
Subject key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C5E95FF3C5679C017182BEB421A8B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:48:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 45.81.56.0/22
IP: 2a09:d640::/29
IP: 2a0e:5080::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5e:95:ff:3c:56:79:c0:17:18:2b:eb:42:1a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:6f:94:57:2f:15:42:22:b3:a6:33:19:68:
ea:cb:75:e0:c6:a5:7a:5a:81:04:ce:41:7b:37:4a:
33:cc:51:14:d8:29:d5:ab:c7:3a:56:3e:4b:04:83:
95:d0:79:e3:73:1d:7d:37:91:bc:63:cc:7c:15:e3:
db:05:ec:7e:e6:73:ae:98:f2:2d:db:46:b2:79:d2:
f6:23:84:f8:70:dd:30:dd:4c:3f:5b:eb:b5:a8:4c:
5b:1f:1b:c3:7c:4b:11:f7:a4:ca:c0:95:2a:44:b0:
c2:cc:c4:bd:5b:11:ab:99:26:bb:e1:19:f8:73:12:
09:ff:1f:61:f8:8d:cc:64:89:dc:c5:8c:7a:20:f1:
fd:b2:e1:cb:93:ff:44:30:90:b0:8e:c1:ee:5d:84:
1e:eb:7a:e8:54:43:e7:15:e7:2a:3a:77:a0:85:1b:
0e:d2:2b:03:25:31:e1:d4:e4:85:6f:e9:61:ae:3e:
0b:c8:c2:87:f0:58:1c:3c:db:c5:59:5f:89:26:70:
2b:ba:50:53:f1:88:ff:57:ab:b6:0b:0c:dd:a8:84:
58:42:17:72:4e:10:03:08:4e:62:7e:7f:97:f3:44:
31:57:71:a8:39:e8:25:ff:76:1f:e3:64:b6:c2:45:
69:2b:0e:45:fe:18:aa:c2:4a:51:26:28:49:5b:1f:
72:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.56.0/22
IPv6:
2a09:d640::/29
2a0e:5080::/29
Signature Algorithm: sha256WithRSAEncryption
70:a1:af:36:3f:ed:e9:54:ba:2d:4d:6b:b5:51:9c:e4:70:a6:
4d:32:f1:60:8d:5b:1d:67:04:c6:ef:a1:39:03:0c:86:ce:70:
6e:23:71:1f:3e:dc:fe:72:62:b9:ed:6d:52:d2:08:31:b2:56:
cb:91:ae:00:84:63:eb:a5:99:3b:60:6c:9f:46:5d:e3:45:18:
64:e0:9c:37:59:99:8b:ac:7d:45:05:87:d4:27:1e:c2:4b:76:
f6:2e:d5:28:b2:7b:6f:46:66:ba:50:14:05:5d:57:93:b1:80:
88:14:17:3d:6b:08:83:7a:c7:25:fb:43:3a:ac:6d:c9:6a:de:
5f:3c:c6:58:1a:f9:a4:0f:0a:80:ca:a2:48:34:77:de:82:7e:
c0:2c:18:ae:7c:e6:58:fd:ec:f8:69:06:ae:5b:00:96:bf:dc:
3a:3f:e2:fa:44:88:29:e5:fa:16:55:c1:2d:72:db:80:b6:1a:
63:08:55:45:7f:d3:f5:27:dc:d7:45:73:17:49:f3:17:a1:de:
b9:cb:34:7e:44:25:ed:ec:62:28:1e:fa:41:a7:cc:63:c0:e2:
4f:55:9a:f5:28:2d:6b:56:01:99:f5:8c:00:55:cc:f6:44:2c:
85:fb:48:ad:67:9e:e4:21:b4:97:0f:7f:75:25:25:d1:74:7e:
68:36:b6:69
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZQfjF6V/zxWecAXGCvrQhqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGEzMjE1YWJmYTQ2MjFkNTc3MDlmODM4YTkyODAxZjJlOTBkZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsflvlFcvFUIis6YzGWjqy3XgxqV6
WoEEzkF7N0ozzFEU2CnVq8c6Vj5LBIOV0Hnjcx19N5G8Y8x8FePbBex+5nOumPIt
20ayedL2I4T4cN0w3Uw/W+u1qExbHxvDfEsR96TKwJUqRLDCzMS9WxGrmSa74Rn4
cxIJ/x9h+I3MZIncxYx6IPH9suHLk/9EMJCwjsHuXYQe63roVEPnFecqOneghRsO
0isDJTHh1OSFb+lhrj4LyMKH8FgcPNvFWV+JJnArulBT8Yj/V6u2CwzdqIRYQhdy
ThADCE5ifn+X80QxV3GoOegl/3Yf42S2wkVpKw5F/hiqwkpRJihJWx9yXwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFF2jIVq/pGIdV3Cfg4qSgB8ukN3+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2JmMjQ1
NjdiLTdhNzQtNGMxZi1hYTg1LWRkMjRhZjczY2NiYi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYy
NDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvNURBMzIxNUFCRkE0
NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgME
Ai1RODAUBAIAAjAOAwUDKgnWQAMFAyoOUIAwDQYJKoZIhvcNAQELBQADggEBAHCh
rzY/7elUui1Na7VRnORwpk0y8WCNWx1nBMbvoTkDDIbOcG4jcR8+3P5yYrntbVLS
CDGyVsuRrgCEY+ulmTtgbJ9GXeNFGGTgnDdZmYusfUUFh9QnHsJLdvYu1Siye29G
ZrpQFAVdV5OxgIgUFz1rCIN6xyX7Qzqsbclq3l88xlga+aQPCoDKokg0d96CfsAs
GK585lj97PhpBq5bAJa/3Do/4vpEiCnl+hZVwS1y24C2GmMIVUV/0/Un3NdFcxdJ
8xeh3rnLNH5EJe3sYige+kGnzGPA4k9VmvUoLWtWAZn1jABVzPZELIX7SK1nnuQh
tJcPf3UlJdF0fmg2tmk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:47:31 2025 by rpki-client