Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
File: XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer (raw, json)
Hash identifier: epFUgTZyfCzTLl+FmqlS84QF6AS49XaycR7k8aTz1/0=
Subject key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFA54C9C398840DE3098AB839991848
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204258
IP: 185.109.40.0/22
IP: 2a06:4e80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:54:c9:c3:98:84:0d:e3:09:8a:b8:39:99:18:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:85:c1:a7:a4:83:ff:e4:0f:5f:c9:c9:1e:d0:
6b:6a:f4:6c:2b:0b:10:e7:24:14:f2:7c:75:33:e1:
d2:33:d5:43:77:d7:67:70:a6:a9:83:c7:26:d7:d1:
38:7e:00:a3:11:90:8d:cd:0c:26:31:e5:45:c7:f0:
54:14:6c:b6:e3:62:3e:6f:93:dc:33:17:9a:88:27:
5b:4a:8c:19:7e:6d:a1:69:f3:9a:52:a9:30:71:70:
39:c8:ae:65:a6:02:58:4c:d6:42:47:66:0b:62:f0:
60:24:1d:6d:4f:fc:cb:f5:6c:91:a1:1e:6e:48:1c:
68:d3:cc:f4:34:67:91:ce:b0:eb:ba:e8:6b:07:08:
f5:2a:98:20:ff:59:ca:8f:d5:3a:d6:56:45:c8:db:
6d:ea:20:2d:a8:91:da:4e:a2:1b:f1:1d:30:1d:68:
5b:21:f3:e6:75:92:db:fc:8d:88:d1:a4:10:66:1a:
65:a4:21:3d:c7:b4:c7:d9:9a:f1:88:11:a9:1b:cf:
4b:3a:80:bb:e5:96:19:fc:f6:c1:77:6b:60:7b:8d:
bf:ad:1b:62:87:c3:5f:64:b8:f8:a2:40:79:b9:de:
ba:12:23:ed:2b:98:a4:81:56:f7:04:b2:ba:32:55:
47:d8:f0:40:d6:77:b8:22:04:ed:67:7c:93:f4:44:
d4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.40.0/22
IPv6:
2a06:4e80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204258
Signature Algorithm: sha256WithRSAEncryption
04:b1:4f:d5:c3:96:c4:7e:76:59:e9:2c:03:26:f0:4b:fd:75:
31:e0:aa:f1:12:dc:10:41:32:be:e8:38:dc:1b:6e:2b:c3:ed:
da:d7:fe:52:77:4c:84:20:fb:2f:23:19:58:c6:19:03:af:59:
0d:fc:3e:84:64:9a:bf:6b:73:43:b9:76:a1:57:1d:f5:6f:1f:
7a:80:e0:32:b7:8a:c0:76:d8:a9:38:61:f7:de:c0:b8:55:a8:
1b:86:c3:a7:fe:a5:63:1b:4c:f2:09:1f:83:d7:fd:d4:25:b5:
c8:31:7c:52:87:e5:44:e8:29:69:a5:8c:91:d4:23:af:46:6a:
f9:fa:ce:5c:e4:11:51:fe:fe:6a:3b:8b:29:aa:61:6d:80:f7:
91:13:81:78:09:21:d8:0b:c0:da:21:bb:cd:d7:5c:bc:c1:df:
5c:11:95:47:26:76:86:c4:7d:f5:94:a8:2b:52:eb:13:f6:90:
13:63:08:ae:c9:33:ba:22:26:55:82:17:cb:21:98:d8:0a:81:
99:8b:14:72:46:4b:18:70:02:2c:c0:d0:0e:46:70:e4:1f:e6:
4a:74:f5:30:a1:7c:81:b6:d2:7a:56:c6:cb:c3:d9:3f:20:55:
12:0a:5c:e3:92:ed:f7:29:b7:dc:c9:c8:17:fb:0a:43:a7:d0:
89:02:ed:9b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQf+lTJw5iEDeMJirg5mRhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE4NWYxZGQ0ZDAzNDY0ODBmMDA5ODc0YThmNTY3MGUzMTA4NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoXBp6SD/+QPX8nJHtBravRsKwsQ
5yQU8nx1M+HSM9VDd9dncKapg8cm19E4fgCjEZCNzQwmMeVFx/BUFGy242I+b5Pc
MxeaiCdbSowZfm2hafOaUqkwcXA5yK5lpgJYTNZCR2YLYvBgJB1tT/zL9WyRoR5u
SBxo08z0NGeRzrDruuhrBwj1Kpgg/1nKj9U61lZFyNtt6iAtqJHaTqIb8R0wHWhb
IfPmdZLb/I2I0aQQZhplpCE9x7TH2ZrxiBGpG89LOoC75ZYZ/PbBd2tge42/rRti
h8NfZLj4okB5ud66EiPtK5ikgVb3BLK6MlVH2PBA1ne4IgTtZ3yT9ETUkwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFF6oXx3U0DRkgPAJh0qPVnDjEIXCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VjL2VmNzgw
OC0xMjJiLTRiODktOTM1OC01OTBjNWYxYjAxYjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMvZWY3ODA4
LTEyMmItNGI4OS05MzU4LTU5MGM1ZjFiMDFiMy8xL1hxaGZIZFRRTkdTQThBbUhT
bzlXY09NUWhjSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuW0oMA0EAgACMAcDBQMqBk6AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMd4jANBgkqhkiG9w0BAQsFAAOCAQEABLFP1cOWxH52
WeksAybwS/11MeCq8RLcEEEyvug43BtuK8Pt2tf+UndMhCD7LyMZWMYZA69ZDfw+
hGSav2tzQ7l2oVcd9W8feoDgMreKwHbYqThh997AuFWoG4bDp/6lYxtM8gkfg9f9
1CW1yDF8UoflROgpaaWMkdQjr0Zq+frOXOQRUf7+ajuLKaphbYD3kROBeAkh2AvA
2iG7zddcvMHfXBGVRyZ2hsR99ZSoK1LrE/aQE2MIrskzuiImVYIXyyGY2AqBmYsU
ckZLGHACLMDQDkZw5B/mSnT1MKF8gbbSelbGy8PZPyBVEgpc45Lt9ym33MnIF/sK
Q6fQiQLtmw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:05:46 2025 by rpki-client