Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YZz5qeC2RhrYM4dawRaPiSP9VQs.cer
File: YZz5qeC2RhrYM4dawRaPiSP9VQs.cer (raw, json)
Hash identifier: 24u7lQfwRIwm+waEbmf45d+9f7r4BSo/EvKwRGvjjWw=
Subject key identifier: 61:9C:F9:A9:E0:B6:46:1A:D8:33:87:5A:C1:16:8F:89:23:FD:55:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942068404F827C4D9307234E0B81E4CA1A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fc/d6bfab-eac6-4a42-8872-14afae91336d/1/YZz5qeC2RhrYM4dawRaPiSP9VQs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fc/d6bfab-eac6-4a42-8872-14afae91336d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:48:10 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200410
IP: 78.24.201.0/24
IP: 2a13:680::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:40:4f:82:7c:4d:93:07:23:4e:0b:81:e4:ca:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=619cf9a9e0b6461ad833875ac1168f8923fd550b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1d:a5:4e:5b:08:9c:4e:9b:2f:76:f2:cc:d7:
79:f2:cb:fc:75:fb:76:e6:4e:34:b1:a8:11:24:52:
4f:2b:35:6c:de:f1:60:7f:3d:36:b2:d4:c7:3a:5b:
74:48:c1:56:96:80:71:c6:0b:f1:40:89:71:b2:e9:
83:34:b1:22:cd:b9:b2:63:fe:91:93:8c:5f:8e:c6:
ac:ad:fb:5f:53:99:b4:c7:16:33:ec:de:0e:42:15:
81:c1:49:f3:85:91:9c:36:17:1b:14:23:87:b8:50:
c8:c9:b4:69:d6:65:3e:f0:4b:1d:77:b1:b8:cc:c1:
2c:5a:2c:ee:7e:46:eb:f5:20:b2:ff:86:e0:37:70:
39:12:52:1f:0d:34:73:46:e1:36:92:45:2a:cd:80:
26:78:5e:1a:7d:85:17:9e:ec:55:75:01:f3:f1:79:
5b:f9:45:21:0a:12:46:dd:08:e3:52:13:27:3b:48:
fd:aa:c8:f5:ad:b2:59:35:88:1e:20:79:8a:ca:b6:
01:41:d2:d7:3e:90:d0:52:3b:05:9a:8c:c8:4a:01:
d4:04:31:6f:cd:c6:2c:d8:6d:2d:80:f2:03:9d:3d:
66:8f:a3:d1:61:74:b0:14:4c:70:d5:14:29:19:e6:
83:d5:53:db:29:48:bd:b3:59:54:e3:3c:b8:bc:8d:
44:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9C:F9:A9:E0:B6:46:1A:D8:33:87:5A:C1:16:8F:89:23:FD:55:0B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d6bfab-eac6-4a42-8872-14afae91336d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d6bfab-eac6-4a42-8872-14afae91336d/1/YZz5qeC2RhrYM4dawRaPiSP9VQs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.201.0/24
IPv6:
2a13:680::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200410
Signature Algorithm: sha256WithRSAEncryption
57:1d:e7:90:5c:a1:a9:a0:c2:d4:1b:89:63:53:1d:74:48:f9:
22:e2:8a:20:8f:41:77:dd:18:63:bc:26:05:fc:8e:82:e5:6d:
ed:de:28:2c:63:4a:b1:d8:6c:32:64:6f:92:f6:1b:df:a9:2b:
b8:8f:8a:d8:9c:f1:4a:3d:86:94:f9:78:22:ce:aa:ec:83:6f:
f6:8b:dc:8c:c8:22:5a:1d:5d:f2:c3:df:fa:47:b5:0a:a0:f0:
fe:18:38:06:80:90:02:37:ed:77:44:9d:9f:9e:26:4b:4b:0e:
47:8e:b9:f8:02:ef:4b:b2:94:68:86:85:b9:57:ae:52:e5:da:
30:fa:4a:2c:92:51:42:79:f7:5c:8c:14:b3:53:92:a9:f2:26:
67:8a:7d:3c:b3:bf:bd:62:a9:28:f8:70:d8:cc:e4:b8:11:ff:
04:cb:5d:9c:78:21:c8:87:1a:80:21:51:69:ab:47:d9:7a:ef:
3b:c9:10:b9:c0:36:48:b4:15:8b:22:58:90:8c:f7:60:c8:b9:
37:35:17:03:6a:8b:97:0b:5b:eb:e4:cd:1c:4f:4d:86:04:4b:
b1:0a:d8:4d:f2:c9:69:f6:59:60:8b:18:1d:bb:d2:2e:b9:ef:
d3:3f:c6:ea:35:0f:35:c8:2e:5d:64:b3:96:df:e5:07:5f:52:
e8:d9:a7:4a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQgaEBPgnxNkwcjTguB5MoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTljZjlhOWUwYjY0NjFhZDgzMzg3NWFjMTE2OGY4OTIzZmQ1NTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR2lTlsInE6bL3byzNd58sv8dft2
5k40sagRJFJPKzVs3vFgfz02stTHOlt0SMFWloBxxgvxQIlxsumDNLEizbmyY/6R
k4xfjsasrftfU5m0xxYz7N4OQhWBwUnzhZGcNhcbFCOHuFDIybRp1mU+8Esdd7G4
zMEsWizufkbr9SCy/4bgN3A5ElIfDTRzRuE2kkUqzYAmeF4afYUXnuxVdQHz8Xlb
+UUhChJG3QjjUhMnO0j9qsj1rbJZNYgeIHmKyrYBQdLXPpDQUjsFmozISgHUBDFv
zcYs2G0tgPIDnT1mj6PRYXSwFExw1RQpGeaD1VPbKUi9s1lU4zy4vI1EEwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGGc+angtkYa2DOHWsEWj4kj/VULMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZjL2Q2YmZh
Yi1lYWM2LTRhNDItODg3Mi0xNGFmYWU5MTMzNmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMvZDZiZmFi
LWVhYzYtNGE0Mi04ODcyLTE0YWZhZTkxMzM2ZC8xL1laejVxZUMyUmhyWU00ZGF3
UmFQaVNQOVZRcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAThjJMA0EAgACMAcDBQMqEwaAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMO2jANBgkqhkiG9w0BAQsFAAOCAQEAVx3nkFyhqaDC
1BuJY1MddEj5IuKKII9Bd90YY7wmBfyOguVt7d4oLGNKsdhsMmRvkvYb36kruI+K
2JzxSj2GlPl4Is6q7INv9ovcjMgiWh1d8sPf+ke1CqDw/hg4BoCQAjftd0Sdn54m
S0sOR465+ALvS7KUaIaFuVeuUuXaMPpKLJJRQnn3XIwUs1OSqfImZ4p9PLO/vWKp
KPhw2MzkuBH/BMtdnHghyIcagCFRaatH2XrvO8kQucA2SLQViyJYkIz3YMi5NzUX
A2qLlwtb6+TNHE9NhgRLsQrYTfLJafZZYIsYHbvSLrnv0z/G6jUPNcguXWSzlt/l
B19S6NmnSg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:56:43 2025 by rpki-client