Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
File: Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer (raw, json)
Hash identifier: 1Gr3KN266bC6kloPuuRN8Aw5gxV0I52/Gss/ymkL+08=
Subject key identifier: 62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942445A78689BFE65CD686CEDFEB6512CA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:52 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44664
IP: 91.202.144.0/22
IP: 91.225.56.0/22
IP: 91.247.224.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a7:86:89:bf:e6:5c:d6:86:ce:df:eb:65:12:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=620dd5186de65a646dda4b89dd48ed44873af149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:07:c0:67:c7:3c:a3:a5:9f:e5:f1:88:1b:31:
8e:94:0c:3e:e8:32:aa:e3:e4:8b:9a:ab:6a:e8:cb:
64:9d:83:85:19:f3:57:c0:c6:f0:bd:24:83:b1:7e:
fd:2b:ed:b6:5d:1a:92:dc:59:a7:8c:61:fb:c6:f5:
90:9f:04:44:a2:8b:26:3b:9d:8f:6b:8a:cf:f6:31:
bc:32:6b:9e:9d:50:9b:27:f3:ec:b6:fc:e7:38:01:
b7:2a:3e:df:97:0a:5b:90:e6:6c:a6:ce:0a:92:01:
57:e0:e2:5f:80:e2:de:a2:d6:75:be:98:26:45:e4:
93:29:99:5a:f4:0a:78:a1:2d:b5:12:d5:00:30:80:
fb:2d:3d:d5:1c:17:ee:1c:54:29:35:f3:3a:00:72:
88:e0:b4:c5:e7:9e:ac:7b:d6:a8:04:06:78:9a:66:
d3:ca:26:c0:fd:87:99:ee:f4:c6:85:a6:08:fb:f0:
45:10:a9:1e:92:a4:90:58:3b:03:06:8a:d8:e0:f6:
77:60:6b:62:b8:3c:5c:1f:db:56:36:f7:8f:a7:ad:
85:9c:9e:06:24:bd:03:f7:35:8d:f2:59:c1:d3:14:
29:5e:ae:31:de:a9:b2:3c:13:aa:c0:4d:5b:c9:e0:
5e:53:04:61:f2:ca:c4:06:ba:fa:61:6a:ba:0d:81:
a1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.144.0/22
91.225.56.0/22
91.247.224.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44664
Signature Algorithm: sha256WithRSAEncryption
7d:c7:bc:72:bf:1f:4b:4d:ea:80:73:b8:5b:31:11:af:15:fe:
bd:65:d4:7a:db:10:bf:19:b2:c0:84:c4:4d:c1:d4:93:79:3c:
70:68:3c:6a:a8:10:d0:ad:58:57:30:95:75:62:45:2f:c8:88:
5c:70:d1:b8:0a:d6:da:ae:5d:3f:31:2a:c5:bb:e3:cf:69:f9:
27:ef:02:16:eb:47:95:34:76:74:35:74:ed:4e:eb:9d:ad:50:
78:44:1b:e0:98:8b:7b:5e:9f:ed:a7:a2:cb:30:09:4f:9c:45:
8c:57:a4:63:a1:a8:d7:dd:5d:50:c8:35:ea:3e:85:c0:d8:26:
03:4b:7c:1b:d6:06:42:c9:51:82:b6:91:0a:68:dc:4e:8d:10:
6b:53:a6:ac:fb:e4:4c:5e:6f:98:19:5b:1d:c0:71:e0:ae:91:
81:c9:b8:77:e0:1a:08:17:32:02:4e:7f:ed:86:46:1f:ea:17:
24:75:9f:56:ce:13:64:b2:52:d4:59:19:38:fe:e3:50:8b:ac:
bc:c5:9a:05:7d:26:19:62:2c:65:44:f6:3c:f4:65:52:4f:91:
77:35:65:5d:3f:63:36:37:9b:be:1c:10:1c:bf:56:44:07:98:
36:a5:3d:88:0d:43:a9:7b:8e:d1:45:00:14:fe:c0:e0:e5:22:
94:7d:cc:02
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZQkRaeGib/mXNaGzt/rZRLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBkZDUxODZkZTY1YTY0NmRkYTRiODlkZDQ4ZWQ0NDg3M2FmMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAfAZ8c8o6Wf5fGIGzGOlAw+6DKq
4+SLmqtq6MtknYOFGfNXwMbwvSSDsX79K+22XRqS3FmnjGH7xvWQnwREoosmO52P
a4rP9jG8MmuenVCbJ/PstvznOAG3Kj7flwpbkOZsps4KkgFX4OJfgOLeotZ1vpgm
ReSTKZla9Ap4oS21EtUAMID7LT3VHBfuHFQpNfM6AHKI4LTF556se9aoBAZ4mmbT
yibA/YeZ7vTGhaYI+/BFEKkekqSQWDsDBorY4PZ3YGtiuDxcH9tWNvePp62FnJ4G
JL0D9zWN8lnB0xQpXq4x3qmyPBOqwE1byeBeUwRh8srEBrr6YWq6DYGhewIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFGIN1Rht5lpkbdpLid1I7USHOvFJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkL2UyYzMz
YS0yMTQzLTQzZmYtOGZkNi1lNmYzZWNiZjY3NDMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvZTJjMzNh
LTIxNDMtNDNmZi04ZmQ2LWU2ZjNlY2JmNjc0My8xL1lnM1ZHRzNtV21SdDJrdUoz
VWp0UkljNjhVay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQCW8qQAwQCW+E4AwQCW/fgMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwCueDANBgkqhkiG9w0BAQsFAAOCAQEAfce8cr8fS03qgHO4
WzERrxX+vWXUetsQvxmywITETcHUk3k8cGg8aqgQ0K1YVzCVdWJFL8iIXHDRuArW
2q5dPzEqxbvjz2n5J+8CFutHlTR2dDV07U7rna1QeEQb4JiLe16f7aeiyzAJT5xF
jFekY6Go191dUMg16j6FwNgmA0t8G9YGQslRgraRCmjcTo0Qa1OmrPvkTF5vmBlb
HcBx4K6Rgcm4d+AaCBcyAk5/7YZGH+oXJHWfVs4TZLJS1FkZOP7jUIusvMWaBX0m
GWIsZUT2PPRlUk+RdzVlXT9jNjebvhwQHL9WRAeYNqU9iA1DqXuO0UUAFP7A4OUi
lH3MAg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:03:40 2025 by rpki-client