Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
File: Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer (raw, json)
Hash identifier: 6Sj99n0YGOilzvRt6l68jPawt5wdMn2ss6/MUSFCfUo=
Subject key identifier: 63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FC0C617B207C1F58406998922CF1D6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 39892
IP: 185.79.196.0/22
IP: 2a05:7780::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0c:61:7b:20:7c:1f:58:40:69:98:92:2c:f1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63f97267e7c00795309509f1e8d3d9cde0a76c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:87:59:f5:24:4d:27:21:f5:ef:c9:ce:07:c5:
c2:19:a9:c2:5f:ea:ce:16:35:51:b6:1e:5b:fe:3c:
2f:63:60:5a:f1:f9:0b:33:b0:ea:2c:67:09:7c:86:
f5:53:c2:cd:c3:c2:67:db:66:fa:9a:42:2d:ec:f3:
fb:5a:2b:06:a8:96:6f:5f:f2:79:ab:37:72:c0:ee:
4d:39:f2:c1:dd:a9:7e:13:37:3b:96:d6:53:c4:21:
48:67:2d:0f:cb:7f:9b:19:64:a9:09:86:fe:fb:bb:
25:f4:9f:4e:29:bd:f2:b2:59:0d:f9:ae:63:a7:22:
bf:83:53:fa:a9:a2:3f:f7:d0:43:6d:21:8e:fa:a9:
25:cb:99:30:8d:6c:51:f9:db:c8:23:ad:61:5d:d5:
76:ce:d7:5f:47:fc:52:32:af:13:d4:d3:bf:b6:65:
55:8d:4f:59:6b:39:29:3e:9a:89:03:2e:f8:3f:0c:
d4:54:64:fe:ff:a0:31:a5:e2:d6:5a:9c:ed:1f:89:
56:31:fe:b1:f3:04:f2:31:d1:cb:57:07:2b:82:67:
38:03:42:34:36:64:4d:6c:f6:05:35:b7:95:c1:a8:
a5:13:44:2f:03:1a:e9:75:db:7d:9a:ba:79:e7:30:
04:cc:ab:4d:53:b9:82:b5:68:3c:0c:09:ec:62:48:
69:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.196.0/22
IPv6:
2a05:7780::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39892
Signature Algorithm: sha256WithRSAEncryption
77:9a:28:ff:db:d5:cf:6b:c1:56:75:bf:99:8b:05:39:de:8a:
68:52:4c:1b:53:43:ea:f8:71:ec:f4:4d:bc:f9:a6:56:f2:d4:
f5:de:2d:52:d1:10:a9:16:b1:6f:00:b4:91:c6:ff:4d:58:9e:
06:5a:fd:d2:59:61:21:a8:58:c2:43:84:63:12:60:57:48:fd:
39:36:e6:7a:e3:94:18:ed:b4:e6:d2:de:3f:c3:f9:49:f0:5a:
1d:95:46:75:f3:9e:38:4b:5b:90:52:70:ef:eb:41:a6:6d:70:
87:5f:c3:02:ce:fd:43:27:ad:17:3a:59:e8:d1:37:1f:04:94:
7e:e4:bc:4e:0d:d5:8b:34:67:67:79:08:09:3a:22:38:20:7b:
bd:f8:79:96:62:b5:46:22:37:f2:97:f7:36:cd:11:3e:0a:2b:
f0:2f:25:bf:75:15:33:0d:85:03:c6:5f:b1:ff:c7:dd:c1:07:
31:21:ac:61:c9:7c:1e:d9:18:47:9a:8c:68:ed:98:c8:b7:3d:
ff:5d:7b:3a:b0:a0:05:86:79:69:e2:fb:f7:2e:52:1f:97:f9:
4a:0d:ec:59:aa:95:d5:e1:45:43:54:74:e1:5a:38:0f:fa:dd:
04:31:59:a2:60:b4:f1:5b:23:a8:df:a3:d2:6a:58:ca:e0:45:
18:f4:03:7b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQi/AxheyB8H1hAaZiSLPHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y5NzI2N2U3YzAwNzk1MzA5NTA5ZjFlOGQzZDljZGUwYTc2YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnodZ9SRNJyH178nOB8XCGanCX+rO
FjVRth5b/jwvY2Ba8fkLM7DqLGcJfIb1U8LNw8Jn22b6mkIt7PP7WisGqJZvX/J5
qzdywO5NOfLB3al+Ezc7ltZTxCFIZy0Py3+bGWSpCYb++7sl9J9OKb3yslkN+a5j
pyK/g1P6qaI/99BDbSGO+qkly5kwjWxR+dvII61hXdV2ztdfR/xSMq8T1NO/tmVV
jU9ZazkpPpqJAy74PwzUVGT+/6AxpeLWWpztH4lWMf6x8wTyMdHLVwcrgmc4A0I0
NmRNbPYFNbeVwailE0QvAxrpddt9mrp55zAEzKtNU7mCtWg8DAnsYkhp2wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGP5cmfnwAeVMJUJ8ejT2c3gp2xOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y1LzdhMWMy
ZS03NWZiLTQ0YzYtYTgzYy0xNDY3M2M3MmExZGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUvN2ExYzJl
LTc1ZmItNDRjNi1hODNjLTE0NjczYzcyYTFkZi8xL1lfbHlaLWZBQjVVd2xRbng2
TlBaemVDbmJFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuU/EMA0EAgACMAcDBQMqBXeAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCb1DANBgkqhkiG9w0BAQsFAAOCAQEAd5oo/9vVz2vB
VnW/mYsFOd6KaFJMG1ND6vhx7PRNvPmmVvLU9d4tUtEQqRaxbwC0kcb/TVieBlr9
0llhIahYwkOEYxJgV0j9OTbmeuOUGO205tLeP8P5SfBaHZVGdfOeOEtbkFJw7+tB
pm1wh1/DAs79QyetFzpZ6NE3HwSUfuS8Tg3VizRnZ3kICToiOCB7vfh5lmK1RiI3
8pf3Ns0RPgor8C8lv3UVMw2FA8Zfsf/H3cEHMSGsYcl8HtkYR5qMaO2YyLc9/117
OrCgBYZ5aeL79y5SH5f5Sg3sWaqV1eFFQ1R04Vo4D/rdBDFZomC08VsjqN+j0mpY
yuBFGPQDew==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:53:12 2025 by rpki-client