Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
File: YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer (raw, json)
Hash identifier: w5WDGiiGuZnSo/0f+Z0eoc6rTi0Ot1C5R20s+AOV+d0=
Subject key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D7EEE505D053A1A2998582B0B5F880
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:49:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 196714
IP: 31.3.80.0/21
IP: 91.137.0.0/18
IP: 109.73.16.0/20
IP: 171.33.184.0/21
IP: 185.38.8.0/22
IP: 2a02:2250::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ee:e5:05:d0:53:a1:a2:99:85:82:b0:b5:f8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f3:b0:46:30:63:fd:f5:36:7d:12:66:9f:dc:
fa:0c:7a:1e:fb:f6:38:01:5a:72:a9:93:0f:34:29:
2f:a6:18:d5:1d:6c:5f:08:a3:d6:95:94:61:06:47:
da:08:31:ff:1d:98:43:a4:47:54:99:96:de:0b:1e:
56:6a:94:ae:63:a2:c7:04:84:9f:81:f8:9b:47:86:
d5:25:0b:d5:68:ce:21:d5:e7:78:b3:ed:56:e4:12:
f8:bc:1e:1b:fb:79:4d:7e:03:bb:1a:50:06:ac:f9:
9d:40:e9:86:cc:9a:4a:40:00:2c:15:30:cf:1b:a4:
b1:ff:c6:ad:0e:62:48:af:fe:b9:5f:26:58:da:44:
a1:1c:de:b5:65:f2:92:e9:c6:ac:3c:cc:87:67:5e:
f4:c0:43:d0:88:7a:e8:8c:6f:0c:2f:22:22:35:49:
86:2c:99:0b:a7:af:01:4f:b4:20:ca:ec:af:09:50:
a2:2f:f1:ef:5b:c3:a6:6c:28:52:32:d4:f3:03:d8:
6f:e9:65:ae:d6:17:3e:01:a7:24:a9:e7:57:78:03:
8f:36:93:f0:06:f9:e6:73:e1:ad:05:aa:c3:f6:a4:
8f:da:69:89:86:65:f8:6f:2a:44:ee:fc:97:25:ac:
6d:23:bc:ab:d4:bd:a1:67:ce:3c:bd:68:b6:fb:3e:
e9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.80.0/21
91.137.0.0/18
109.73.16.0/20
171.33.184.0/21
185.38.8.0/22
IPv6:
2a02:2250::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
196714
Signature Algorithm: sha256WithRSAEncryption
0e:66:ec:4c:09:9b:56:6a:8c:2d:0c:92:28:a2:31:8c:bd:3f:
71:9f:10:ec:41:a0:d0:cb:a6:6f:31:ee:ce:94:9a:f8:b8:e7:
5c:e7:b3:15:ef:6b:f7:6d:a4:33:b9:3a:39:b5:92:ab:18:23:
2c:f9:db:bc:17:be:64:24:a6:83:f8:7f:4e:75:df:3d:df:b8:
ef:d5:d5:86:21:53:d3:9a:b7:78:c1:a2:47:0e:4d:7b:3e:b7:
36:ea:5c:00:2d:e6:82:6f:e1:86:78:c0:d6:6c:24:49:d7:6f:
2b:b2:1d:6f:b7:c0:10:23:9f:e5:be:3e:8b:9a:ce:15:89:f4:
5b:8f:f6:66:87:53:46:70:da:82:14:9f:6c:ab:87:23:2b:f9:
10:17:dd:dd:31:89:13:6a:fc:f8:32:12:69:c6:ee:a6:6c:7a:
11:9a:49:ee:3d:d9:46:32:e4:61:d1:5b:13:85:ff:5e:6f:85:
ce:84:a2:0c:d9:c5:dd:3a:18:8f:f3:c5:95:db:6c:5c:32:b7:
7b:a4:dd:b7:13:a2:d7:37:46:b4:1f:90:70:e4:de:d7:a1:75:
21:d5:ce:a3:cf:dc:23:df:22:bb:f5:59:fe:a2:29:c8:f9:ea:
5a:01:0c:46:d6:1c:df:26:e6:53:46:00:03:49:6d:d1:9c:84:
d3:02:77:bc
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZQj1+7lBdBToaKZhYKwtfiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVhODM4NWExNGZkOTk2Nzk3OGFlN2YwNmVjNGRkNTIyMjlhNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufOwRjBj/fU2fRJmn9z6DHoe+/Y4
AVpyqZMPNCkvphjVHWxfCKPWlZRhBkfaCDH/HZhDpEdUmZbeCx5WapSuY6LHBISf
gfibR4bVJQvVaM4h1ed4s+1W5BL4vB4b+3lNfgO7GlAGrPmdQOmGzJpKQAAsFTDP
G6Sx/8atDmJIr/65XyZY2kShHN61ZfKS6casPMyHZ170wEPQiHrojG8MLyIiNUmG
LJkLp68BT7QgyuyvCVCiL/HvW8OmbChSMtTzA9hv6WWu1hc+AackqedXeAOPNpPw
Bvnmc+GtBarD9qSP2mmJhmX4bypE7vyXJaxtI7yr1L2hZ848vWi2+z7pDwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFGDqg4WhT9mWeXiufwbsTdUiKaRKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzliLzAzMzBm
Yi05NWQxLTQzMDItYmVhMS1mNTQ1NzdmN2NjMGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvMDMzMGZi
LTk1ZDEtNDMwMi1iZWExLWY1NDU3N2Y3Y2MwZi8xL1lPcURoYUZQMlpaNWVLNV9C
dXhOMVNJcHBFby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQDHwNQAwQGW4kAAwQEbUkQAwQDqyG4AwQCuSYI
MA0EAgACMAcDBQAqAiJQMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMAajANBgkq
hkiG9w0BAQsFAAOCAQEADmbsTAmbVmqMLQySKKIxjL0/cZ8Q7EGg0MumbzHuzpSa
+LjnXOezFe9r922kM7k6ObWSqxgjLPnbvBe+ZCSmg/h/TnXfPd+479XVhiFT05q3
eMGiRw5Nez63NupcAC3mgm/hhnjA1mwkSddvK7Idb7fAECOf5b4+i5rOFYn0W4/2
ZodTRnDaghSfbKuHIyv5EBfd3TGJE2r8+DISacbupmx6EZpJ7j3ZRjLkYdFbE4X/
Xm+FzoSiDNnF3ToYj/PFldtsXDK3e6TdtxOi1zdGtB+QcOTe16F1IdXOo8/cI98i
u/VZ/qIpyPnqWgEMRtYc3ybmU0YAA0lt0ZyE0wJ3vA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:01:07 2025 by rpki-client