Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
File: YninaMkQutzVxK73wXKp8GFUfow.cer (raw, json)
Hash identifier: 8cUUODI03d09elb2CpsXnvl1irQivg9tdoCynmI6CLI=
Subject key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426513CD321F32A6FD287AFD21B7F7CC0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:20:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 6700
AS: 15982
AS: 50693
AS: 56452
IP: 62.108.96.0/19
IP: 62.193.128.0/19
IP: 85.222.160.0/23
IP: 91.148.64.0/18
IP: 91.223.162.0/24
IP: 178.20.205.0/24
IP: 178.20.207.0/24
IP: 185.47.208.0/22
IP: 194.106.160.0/19
IP: 195.252.64.0/18
IP: 213.244.228.0 -- 213.244.239.255
IP: 217.26.64.0/20
IP: 2001:8c8::/32
IP: 2a02:e40::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:51:3c:d3:21:f3:2a:6f:d2:87:af:d2:1b:7f:7c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:20:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:f0:53:e5:0c:24:5e:db:01:de:7c:fe:d8:
9b:48:a0:4a:b6:36:0a:a1:23:5d:71:26:e9:46:32:
97:1c:fe:94:ca:c0:55:e9:57:5a:39:5a:21:3d:47:
a9:f8:fe:95:60:ed:bf:25:48:87:96:8c:d9:d0:77:
5c:e9:9a:87:bd:0d:c3:a4:70:95:32:9b:86:82:a9:
2a:55:98:05:4f:26:2b:7f:e6:f6:f2:c3:8c:44:70:
de:d7:12:3e:16:f9:b7:1b:b4:fd:44:65:13:ab:d4:
be:96:e8:51:a4:a5:58:05:b3:9d:5d:db:a8:bd:6f:
5e:76:f8:69:17:09:1f:99:2e:8e:e9:bb:7a:9d:c9:
25:ec:55:1b:95:d9:f6:70:7d:c2:7c:6a:4e:86:69:
2e:c7:4b:ea:5a:bf:32:31:0c:26:b8:d8:41:f4:fd:
63:67:04:0d:74:83:5f:f1:7b:a7:79:6e:a1:97:6e:
42:11:cf:b7:c3:6a:ff:61:22:15:52:ec:a2:01:35:
46:aa:39:2c:da:e0:8c:1f:fe:6f:47:e4:9b:58:a6:
11:a7:52:a4:88:2f:8c:f7:83:d0:d2:0e:33:db:8d:
1c:1a:65:70:ee:1d:71:e3:7b:15:fe:34:76:7c:e0:
2e:66:df:d4:ad:18:00:9a:86:db:3e:f5:c6:4c:0e:
24:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/23
91.148.64.0/18
91.223.162.0/24
178.20.205.0/24
178.20.207.0/24
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.228.0-213.244.239.255
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
6700
15982
50693
56452
Signature Algorithm: sha256WithRSAEncryption
7e:02:39:9b:88:42:43:0b:8d:24:68:78:1f:60:16:f0:73:80:
98:53:1d:ae:a5:5a:68:97:c5:e2:f0:27:e9:1a:06:d2:06:db:
3e:0f:f3:ae:00:da:a4:e2:ae:ba:c5:48:b3:0e:74:8a:fa:91:
84:b8:c1:a3:7a:9c:82:cf:93:50:73:f6:6c:93:47:f9:65:bf:
9a:6f:5f:38:db:fe:14:27:c8:d1:32:4d:29:37:d4:be:5e:37:
9d:09:1e:f3:65:bd:a4:ba:ac:c4:95:08:f9:eb:90:23:cd:29:
92:97:df:5f:dc:91:ac:ad:51:e1:f4:37:72:2a:9c:34:b6:24:
5d:aa:0d:b0:9d:3e:7e:12:2e:7b:dc:cc:41:28:fc:39:9b:5c:
b3:bc:8e:cd:ec:95:17:5b:7c:90:78:31:15:f0:1e:bf:e0:74:
7f:58:f3:27:1d:2a:4e:ba:42:86:10:63:4c:08:6e:6b:e3:b5:
b3:61:2f:f5:18:e6:35:5a:50:2c:8a:4f:55:66:4f:35:fa:83:
a5:e3:4e:1c:c9:9b:ca:86:13:79:bb:cf:3b:b5:30:94:ff:a7:
7d:2a:58:38:41:30:99:6d:b1:1e:89:25:79:36:f8:1a:40:b2:
73:3a:66:a3:56:7d:06:0f:1f:da:d1:8f:53:7d:15:b9:14:cd:
ec:eb:4d:f4
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZQmUTzTIfMqb9KHr9Ibf3zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDkyMDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprLwU+UMJF7bAd58/tibSKBKtjYK
oSNdcSbpRjKXHP6UysBV6VdaOVohPUep+P6VYO2/JUiHlozZ0Hdc6ZqHvQ3DpHCV
MpuGgqkqVZgFTyYrf+b28sOMRHDe1xI+Fvm3G7T9RGUTq9S+luhRpKVYBbOdXduo
vW9edvhpFwkfmS6O6bt6nckl7FUbldn2cH3CfGpOhmkux0vqWr8yMQwmuNhB9P1j
ZwQNdINf8XuneW6hl25CEc+3w2r/YSIVUuyiATVGqjks2uCMH/5vR+SbWKYRp1Kk
iC+M94PQ0g4z240cGmVw7h1x43sV/jR2fOAuZt/UrRgAmobbPvXGTA4kAQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFGJ4p2jJELrc1cSu98FyqfBhVH6MMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBiLzQyZGZj
MC1hNzY0LTRkNWQtYTYzNC0zNDU0ZjQ5MGZkOTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIvNDJkZmMw
LWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6VnhLNzN3
WEtwOEdGVWZvdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBWBAIAATBQAwQFPmxgAwQFPsGAAwQBVd6gAwQGW5RAAwQAW9+i
AwQAshTNAwQAshTPAwQCuS/QAwQFwmqgAwQGw/xAMAwDBALV9OQDBATV9OADBATZ
GkAwFAQCAAIwDgMFACABCMgDBQAqAg5AMCcGCCsGAQUFBwEIAQH/BBgwFqAUMBIC
AhosAgI+bgIDAMYFAgMA3IQwDQYJKoZIhvcNAQELBQADggEBAH4COZuIQkMLjSRo
eB9gFvBzgJhTHa6lWmiXxeLwJ+kaBtIG2z4P864A2qTirrrFSLMOdIr6kYS4waN6
nILPk1Bz9myTR/llv5pvXzjb/hQnyNEyTSk31L5eN50JHvNlvaS6rMSVCPnrkCPN
KZKX31/ckaytUeH0N3IqnDS2JF2qDbCdPn4SLnvczEEo/DmbXLO8js3slRdbfJB4
MRXwHr/gdH9Y8ycdKk66QoYQY0wIbmvjtbNhL/UY5jVaUCyKT1VmTzX6g6XjThzJ
m8qGE3m7zzu1MJT/p30qWDhBMJltsR6JJXk2+BpAsnM6ZqNWfQYPH9rRj1N9FbkU
zezrTfQ=
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:34:47 2025 by rpki-client