Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YLlhXfjGWdrIzAh70BHUtf83Pio.cer
File: YLlhXfjGWdrIzAh70BHUtf83Pio.cer (raw, json)
Hash identifier: TD7fB2i9y+jxgQ4mLoodK6NnijUFp8krl5uIMDJZ4o0=
Subject key identifier: 60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194236A10B5BCEA8A7D7E274FA7F1BC468D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/YLlhXfjGWdrIzAh70BHUtf83Pio.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:49:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8589
IP: 185.121.124.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:10:b5:bc:ea:8a:7d:7e:27:4f:a7:f1:bc:46:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60b9615df8c659dac8cc087bd011d4b5ff373e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f7:c6:ec:3f:97:d0:59:27:26:d4:28:6d:fb:
a1:51:27:d7:5e:5f:b9:c0:49:b5:43:06:b4:04:fd:
d1:46:bc:4a:fa:5e:3b:26:2f:fc:47:07:8a:ee:11:
bb:16:d9:46:c4:c0:61:51:48:b0:47:3e:5d:47:39:
5c:b8:57:4b:3d:45:31:cf:af:27:f0:78:0e:9b:21:
56:e0:8d:29:d5:fc:d4:dd:d9:e4:93:0f:6e:f1:a5:
2b:d0:50:c5:2b:e7:9a:71:b5:90:1c:2b:ce:46:b7:
d0:4f:55:1b:8a:45:7b:b2:fc:b7:31:d5:6a:4b:56:
69:3b:47:12:12:cc:de:f2:47:87:5f:46:66:f9:b0:
ce:ab:60:23:ba:45:61:6d:73:7a:26:ca:ce:67:87:
43:04:21:0c:96:00:2b:75:dc:d2:31:b5:fc:d6:6d:
4f:15:da:3a:b3:c7:36:fb:ae:be:c6:43:26:32:fc:
45:81:58:d2:14:39:ce:cc:f3:75:f2:29:33:44:b6:
b1:76:34:e1:81:82:a7:ce:1b:1b:32:72:e3:c9:82:
f2:69:16:0c:e1:fb:63:f9:dd:6b:a0:7d:81:86:8a:
09:ce:73:bd:a4:ee:ea:10:aa:1a:16:73:53:75:ac:
63:c0:d3:9b:07:20:e2:1a:bd:1c:cd:09:6d:9b:66:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/YLlhXfjGWdrIzAh70BHUtf83Pio.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.124.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8589
Signature Algorithm: sha256WithRSAEncryption
2e:b6:a3:bc:ae:e9:8a:3e:3d:08:0b:d8:c3:21:af:dd:ee:b4:
01:20:a1:c2:10:ae:2c:e0:63:92:0b:b8:1a:6a:c9:b9:76:94:
0b:18:5d:64:c1:6d:eb:bf:13:fd:71:ef:d5:5e:5f:d2:72:2e:
09:90:c9:a6:fa:cd:f7:3f:84:89:57:f9:e9:c5:a2:e8:90:50:
d3:9a:66:f0:a8:f2:e8:7a:99:da:31:ae:7c:04:66:93:1a:7a:
e0:ea:0f:ce:d4:e7:b3:28:e2:47:6c:fa:d2:51:59:51:da:8c:
6f:51:27:a3:5b:76:5d:40:11:19:f5:77:70:83:1a:32:8a:27:
cf:86:7f:f6:96:3a:b9:34:ba:69:15:7f:26:23:fe:4b:74:a8:
bf:79:b4:36:ec:88:fd:7e:48:fe:47:b3:bb:9b:a9:4b:90:ae:
47:a3:ad:c4:d3:36:81:a3:cc:48:44:83:63:af:86:f5:81:a5:
0d:24:2c:9c:ab:5f:47:0d:1d:4c:24:d3:c4:a7:ca:7c:ba:08:
8d:46:8c:09:83:5d:7a:c6:64:f4:84:66:84:b2:0a:ff:f4:9d:
7e:58:4b:35:17:d6:c6:5a:5c:99:51:3e:34:18:1c:41:43:54:
2d:90:80:22:80:73:80:bf:11:db:a7:04:30:1c:22:ac:29:88:
d8:10:88:ba
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQjahC1vOqKfX4nT6fxvEaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI5NjE1ZGY4YzY1OWRhYzhjYzA4N2JkMDExZDRiNWZmMzczZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ffG7D+X0FknJtQobfuhUSfXXl+5
wEm1Qwa0BP3RRrxK+l47Ji/8RweK7hG7FtlGxMBhUUiwRz5dRzlcuFdLPUUxz68n
8HgOmyFW4I0p1fzU3dnkkw9u8aUr0FDFK+eacbWQHCvORrfQT1UbikV7svy3MdVq
S1ZpO0cSEsze8keHX0Zm+bDOq2AjukVhbXN6JsrOZ4dDBCEMlgArddzSMbX81m1P
Fdo6s8c2+66+xkMmMvxFgVjSFDnOzPN18ikzRLaxdjThgYKnzhsbMnLjyYLyaRYM
4ftj+d1roH2BhooJznO9pO7qEKoaFnNTdaxjwNObByDiGr0czQltm2ZR+QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFGC5YV34xlnayMwIe9AR1LX/Nz4qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1LzlhOGFk
OC1iNmM5LTRjNmMtYWMyNy02MmQ4ODFhYTkwNmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvOWE4YWQ4
LWI2YzktNGM2Yy1hYzI3LTYyZDg4MWFhOTA2Zi8xL1lMbGhYZmpHV2RySXpBaDcw
QkhVdGY4M1Bpby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuXl8MBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AiGNMA0GCSqGSIb3DQEBCwUAA4IBAQAutqO8rumKPj0IC9jDIa/d7rQBIKHCEK4s
4GOSC7gaasm5dpQLGF1kwW3rvxP9ce/VXl/Sci4JkMmm+s33P4SJV/npxaLokFDT
mmbwqPLoepnaMa58BGaTGnrg6g/O1OezKOJHbPrSUVlR2oxvUSejW3ZdQBEZ9Xdw
gxoyiifPhn/2ljq5NLppFX8mI/5LdKi/ebQ27Ij9fkj+R7O7m6lLkK5Ho63E0zaB
o8xIRINjr4b1gaUNJCycq19HDR1MJNPEp8p8ugiNRowJg116xmT0hGaEsgr/9J1+
WEs1F9bGWlyZUT40GBxBQ1QtkIAigHOAvxHbpwQwHCKsKYjYEIi6
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:04:56 2025 by rpki-client