Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
File: XbWMRb7iUfx1daY-W0kN7GEU5so.cer (raw, json)
Hash identifier: tPYNL4U31R0CMiGNLxOQvPzG6AH69ebnyi5SSyN6wsM=
Subject key identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FB71A3E0F7D25DF72537CBFAB55062
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:11 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 43231
IP: 89.44.108.0/24
IP: 185.188.36.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:71:a3:e0:f7:d2:5d:f7:25:37:cb:fa:b5:50:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:8e:fe:4e:69:e4:84:fe:7b:1a:81:7b:c7:
51:6b:1d:aa:6b:1e:4b:f7:e8:29:e9:b2:a3:c9:d0:
43:1b:60:2d:43:70:f8:0c:a1:2a:4c:fb:b9:23:30:
ad:af:26:7f:5a:d9:ed:7c:58:9e:c7:1f:b9:96:93:
ff:57:68:45:c6:a3:63:82:bf:73:a0:5e:26:84:40:
3d:0d:5a:f1:c2:6a:96:6d:3c:da:d6:cd:51:f4:b2:
b3:2e:bd:02:5e:e4:6c:46:ea:48:ac:e4:2a:c5:38:
cf:74:c4:3a:5e:db:5b:42:ae:e8:b0:76:2b:bc:40:
80:ca:61:20:3c:74:8c:e6:5b:49:64:0c:2b:1d:3e:
47:c7:41:67:04:f7:c9:20:c5:ac:82:2a:86:67:f9:
53:c8:96:f5:75:db:06:29:7f:db:c6:e0:72:f7:b4:
7e:89:af:d1:a3:2a:a6:33:91:de:4e:b9:f9:32:5c:
d9:36:51:89:b1:a8:8e:67:d9:f8:f3:cc:c4:9b:cb:
a5:7b:1b:8b:ff:71:7a:3f:6c:cb:73:8a:6e:9c:57:
05:10:09:74:35:0b:5a:46:5b:d1:67:85:45:b2:94:
8e:eb:5c:e4:22:44:14:9c:fd:16:f8:3f:d2:f5:c9:
e9:4a:a1:6c:65:e4:ea:24:72:2b:9e:52:81:a6:79:
90:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.108.0/24
185.188.36.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43231
Signature Algorithm: sha256WithRSAEncryption
75:ee:65:d6:1e:16:5b:44:10:d5:a6:5b:b4:90:9c:f3:ea:ee:
06:89:f7:a1:5f:4a:06:4b:82:30:64:30:fd:5a:41:4a:d3:16:
18:09:85:ff:3b:1e:85:26:62:d6:49:c8:3f:a7:2d:62:0a:35:
23:67:63:dc:df:1d:62:22:81:40:60:c7:61:ad:51:aa:52:2f:
80:81:39:e6:4d:2b:3d:74:92:ce:ff:35:5a:b1:ea:89:51:f9:
07:f2:f5:9f:2b:d5:1b:bd:fc:be:0f:c1:5d:f3:e2:b9:2e:a6:
2b:9b:e2:7a:ab:3b:c6:4b:ae:2f:6a:92:ac:0f:f0:e5:db:b4:
98:15:ef:fb:6d:a3:31:b4:79:47:01:4c:74:2a:22:a9:d8:36:
87:5c:19:4c:e8:9e:86:39:92:9e:2d:8c:05:9b:22:8d:2d:9f:
95:27:f7:a5:d7:c1:6c:e1:68:43:dd:0f:cb:fa:32:5b:4e:a3:
91:84:4f:28:60:45:95:0a:21:09:68:aa:d9:24:30:1e:b8:aa:
8e:a5:74:78:65:3a:50:8d:de:8f:d4:f6:d8:90:72:95:b0:97:
35:77:f1:82:70:a1:16:df:2f:9f:80:3c:b2:98:dc:b5:9d:bf:
41:a5:b0:9f:26:ab:ea:3b:0c:c5:97:09:c7:ee:82:39:d1:af:
9f:56:7e:c1
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQi+3Gj4PfSXfclN8v6tVBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGI1OGM0NWJlZTI1MWZjNzU3NWE2M2U1YjQ5MGRlYzYxMTRlNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKyO/k5p5IT+exqBe8dRax2qax5L
9+gp6bKjydBDG2AtQ3D4DKEqTPu5IzCtryZ/WtntfFiexx+5lpP/V2hFxqNjgr9z
oF4mhEA9DVrxwmqWbTza1s1R9LKzLr0CXuRsRupIrOQqxTjPdMQ6XttbQq7osHYr
vECAymEgPHSM5ltJZAwrHT5Hx0FnBPfJIMWsgiqGZ/lTyJb1ddsGKX/bxuBy97R+
ia/RoyqmM5HeTrn5MlzZNlGJsaiOZ9n488zEm8ulexuL/3F6P2zLc4punFcFEAl0
NQtaRlvRZ4VFspSO61zkIkQUnP0W+D/S9cnpSqFsZeTqJHIrnlKBpnmQvQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFF21jEW+4lH8dXWmPltJDexhFObKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjL2FkZjkz
ZC05OGRhLTQxY2MtOGE2ZC05YzJhZDQ3NWEyMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvYWRmOTNk
LTk4ZGEtNDFjYy04YTZkLTljMmFkNDc1YTIzMS8xL1hiV01SYjdpVWZ4MWRhWS1X
MGtON0dFVTVzby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAWSxsAwQCubwkMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCo3zANBgkqhkiG9w0BAQsFAAOCAQEAde5l1h4WW0QQ1aZbtJCc8+ru
Bon3oV9KBkuCMGQw/VpBStMWGAmF/zsehSZi1knIP6ctYgo1I2dj3N8dYiKBQGDH
Ya1RqlIvgIE55k0rPXSSzv81WrHqiVH5B/L1nyvVG738vg/BXfPiuS6mK5vieqs7
xkuuL2qSrA/w5du0mBXv+22jMbR5RwFMdCoiqdg2h1wZTOiehjmSni2MBZsijS2f
lSf3pdfBbOFoQ90Py/oyW06jkYRPKGBFlQohCWiq2SQwHriqjqV0eGU6UI3ej9T2
2JBylbCXNXfxgnChFt8vn4A8spjctZ2/QaWwnyar6jsMxZcJx+6COdGvn1Z+wQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:47:31 2025 by rpki-client