Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XinALSYfkT6lv4PCvHwzQUpCvMo.cer
File: XinALSYfkT6lv4PCvHwzQUpCvMo.cer (raw, json)
Hash identifier: /BivC02QTLJceOf6ZeMkmpxiUMhm6yLRsNKi5ds+wA4=
Subject key identifier: 5E:29:C0:2D:26:1F:91:3E:A5:BF:83:C2:BC:7C:33:41:4A:42:BC:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D59835C51A685D26B23A7F6FEB9960
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/XinALSYfkT6lv4PCvHwzQUpCvMo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:47:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 56571
IP: 176.10.64.0/20
IP: 185.32.68.0/24
IP: 185.191.40.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:98:35:c5:1a:68:5d:26:b2:3a:7f:6f:eb:99:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e29c02d261f913ea5bf83c2bc7c33414a42bcca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cc:22:1a:69:09:d2:b8:a5:9c:4f:0a:9b:52:
7f:19:44:8c:e3:77:b5:83:37:38:73:c0:74:9a:2c:
00:66:71:aa:a2:4a:62:e4:4e:6d:f7:4c:42:b9:6b:
42:bd:1f:0e:78:1c:28:75:da:83:7a:81:ea:81:c4:
c3:d5:3e:bc:14:02:16:96:17:25:36:7f:94:09:84:
70:ef:bc:1f:d8:5a:65:2f:64:d0:08:1e:a6:f8:c6:
74:2d:13:20:35:10:e3:99:4f:e3:5d:96:33:58:6b:
b4:37:8f:26:97:50:4d:98:aa:87:1a:00:95:7f:82:
d4:90:49:84:63:65:21:34:df:88:d0:74:58:70:ba:
8c:19:6f:92:d4:f5:90:00:9c:64:4a:56:32:45:0c:
f1:d1:50:d8:c8:82:bf:71:39:d2:62:35:f7:d7:aa:
ee:7b:b0:fe:17:aa:1d:9a:4e:9b:11:da:31:42:71:
6c:9a:88:52:24:b6:62:c1:f6:33:db:48:02:69:6f:
46:95:45:fd:cb:8c:a9:ee:39:bf:18:71:32:e8:e6:
6e:be:37:57:8f:e6:3b:ea:e1:0b:ce:2f:0c:48:4b:
e7:93:2b:ca:be:fc:46:98:1e:83:79:36:26:5c:90:
3c:c5:3d:40:fd:57:63:97:b5:71:02:cf:26:f1:da:
21:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:29:C0:2D:26:1F:91:3E:A5:BF:83:C2:BC:7C:33:41:4A:42:BC:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac1253-0459-46cf-b1b9-9ac1a7e4c406/1/XinALSYfkT6lv4PCvHwzQUpCvMo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.64.0/20
185.32.68.0/24
185.191.40.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56571
Signature Algorithm: sha256WithRSAEncryption
99:e8:de:43:37:fb:f2:fc:25:fa:43:0e:78:85:f1:d8:2c:bb:
78:44:d1:8a:c0:6f:e5:a7:fc:3c:e9:fd:22:47:d0:05:bc:32:
4b:61:b7:8a:f1:99:c3:db:8c:97:65:7f:d2:ba:fc:ba:a8:0a:
f3:aa:bb:a1:1e:87:f2:20:f5:08:a9:0d:8c:3c:d9:53:63:30:
88:68:52:8f:c4:d2:e4:ea:2a:d2:e0:79:ea:11:62:d5:7f:27:
0d:7b:6f:0f:3a:7c:c2:4a:ef:8c:b4:72:b9:5c:fa:e5:c4:40:
f1:45:69:3f:42:cb:a0:2e:15:b6:12:f8:30:b6:53:35:4d:c1:
60:86:aa:63:d6:24:69:d9:f2:11:e8:46:83:9c:6d:ea:2d:61:
99:28:84:89:2a:b9:91:ba:35:91:c7:16:ac:50:46:9f:dd:32:
78:fb:73:72:4f:c4:a3:65:1a:be:b3:24:91:f4:85:99:03:ff:
21:7f:20:b8:7c:b5:0f:50:06:5f:c0:23:55:e5:3a:6e:ec:a3:
a8:c6:9a:e7:da:55:b4:cf:ba:ef:05:3c:79:10:ae:db:41:0b:
37:31:40:66:5f:1a:04:af:2e:e9:1f:c8:a3:ad:d3:7d:48:46:
b1:fa:ba:a6:8b:b0:ff:cf:b3:52:e2:c6:15:0b:d7:ce:5c:51:
d7:82:15:14
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZQg1Zg1xRpoXSayOn9v65lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTI5YzAyZDI2MWY5MTNlYTViZjgzYzJiYzdjMzM0MTRhNDJiY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArswiGmkJ0rilnE8Km1J/GUSM43e1
gzc4c8B0miwAZnGqokpi5E5t90xCuWtCvR8OeBwoddqDeoHqgcTD1T68FAIWlhcl
Nn+UCYRw77wf2FplL2TQCB6m+MZ0LRMgNRDjmU/jXZYzWGu0N48ml1BNmKqHGgCV
f4LUkEmEY2UhNN+I0HRYcLqMGW+S1PWQAJxkSlYyRQzx0VDYyIK/cTnSYjX316ru
e7D+F6odmk6bEdoxQnFsmohSJLZiwfYz20gCaW9GlUX9y4yp7jm/GHEy6OZuvjdX
j+Y76uELzi8MSEvnkyvKvvxGmB6DeTYmXJA8xT1A/Vdjl7VxAs8m8dohHQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFF4pwC0mH5E+pb+Dwrx8M0FKQrzKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I1L2FjMTI1
My0wNDU5LTQ2Y2YtYjFiOS05YWMxYTdlNGM0MDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUvYWMxMjUz
LTA0NTktNDZjZi1iMWI5LTlhYzFhN2U0YzQwNi8xL1hpbkFMU1lma1Q2bHY0UEN2
SHd6UVVwQ3ZNby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQEsApAAwQAuSBEAwQCub8oMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwDc+zANBgkqhkiG9w0BAQsFAAOCAQEAmejeQzf78vwl+kMO
eIXx2Cy7eETRisBv5af8POn9IkfQBbwyS2G3ivGZw9uMl2V/0rr8uqgK86q7oR6H
8iD1CKkNjDzZU2MwiGhSj8TS5Ooq0uB56hFi1X8nDXtvDzp8wkrvjLRyuVz65cRA
8UVpP0LLoC4VthL4MLZTNU3BYIaqY9YkadnyEehGg5xt6i1hmSiEiSq5kbo1kccW
rFBGn90yePtzck/Eo2UavrMkkfSFmQP/IX8guHy1D1AGX8AjVeU6buyjqMaa59pV
tM+67wU8eRCu20ELNzFAZl8aBK8u6R/Io63TfUhGsfq6pouw/8+zUuLGFQvXzlxR
14IVFA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:50:33 2025 by rpki-client