Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
File: Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer (raw, json)
Hash identifier: +lIjx7x/CFjJG/rFnj+0oq3udkRx4NzhMNRQvm+MeI0=
Subject key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194282448E64F244EEFE9FAE344419EFC58
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 17:50:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 198287
IP: 194.126.129.0/24
IP: 2a05:3700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:48:e6:4f:24:4e:ef:e9:fa:e3:44:41:9e:fc:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 17:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8b:77:c5:a8:61:e5:2f:1d:c4:2e:ca:d7:fa:
79:42:22:57:e8:0b:ee:88:ca:1e:c1:09:17:aa:b6:
3f:9c:ba:9c:de:ce:e1:7e:50:84:de:e1:91:39:bd:
d7:da:23:11:4c:85:5d:98:63:2f:48:45:9a:7a:cc:
e5:69:64:37:dd:44:79:e2:fa:23:92:e2:65:c8:54:
08:9a:69:86:15:30:d3:df:24:76:87:8e:f8:90:78:
85:99:19:61:cb:08:0e:44:1f:94:bf:c0:f2:07:1b:
15:02:d0:63:d7:9a:70:ae:a0:b2:38:ec:cd:47:f7:
fd:d9:17:c1:dc:98:9c:c8:a6:9e:4b:30:56:f6:1e:
8c:30:d8:51:47:a8:15:af:bc:a2:cc:4e:38:dc:57:
ea:a7:43:f8:49:ad:00:09:da:94:38:59:71:50:e9:
12:f4:bc:5b:82:97:12:25:87:19:11:60:f2:90:ff:
52:15:f2:73:1e:8f:14:18:b4:c3:8d:2d:86:53:84:
bb:3a:f0:b7:14:33:94:8e:6f:f4:0f:a9:26:14:ec:
fd:37:56:fa:fb:78:3b:7f:17:ad:b6:e0:35:7d:e5:
bd:e2:70:c3:e5:4c:b6:7e:1c:39:60:25:60:f6:03:
a4:6d:bf:30:fc:e1:37:d6:cb:fb:97:a9:7a:45:da:
fe:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.129.0/24
IPv6:
2a05:3700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198287
Signature Algorithm: sha256WithRSAEncryption
66:f3:8d:b8:e0:13:7c:2a:7a:f3:48:1f:28:6a:3d:a1:90:3f:
00:04:32:f3:17:f0:e1:33:2c:f2:96:31:d2:ef:19:65:bb:ec:
c4:28:91:51:9c:6d:80:50:3f:be:fa:2a:07:d7:37:f5:17:07:
f7:cc:a3:40:fc:fe:aa:9c:a9:85:b6:91:c7:9c:2c:1c:ce:01:
1b:29:47:1d:e8:0e:8c:dc:c3:1f:57:50:e7:3a:b0:96:d4:74:
e7:94:0c:77:42:66:78:f5:13:a1:1e:3f:91:49:c0:6c:d5:3e:
ca:56:7d:d5:00:6c:a5:2f:5e:3c:17:71:ba:e2:08:5a:0e:d5:
c9:42:eb:99:c4:81:a1:d0:6b:77:76:26:c0:c0:37:1f:e6:ac:
5b:64:a8:45:fc:43:4c:fa:c1:98:b6:d1:83:cf:7a:5c:9b:5a:
86:dc:51:bc:70:be:38:83:6c:13:6d:6e:d9:55:85:5c:9e:d1:
80:98:1b:03:58:24:e5:fd:25:1f:f6:eb:d7:57:27:cb:19:10:
10:2c:a6:5d:d3:4c:c5:86:19:65:ca:53:dc:db:60:17:7e:82:
96:53:a5:65:55:2b:62:e8:a2:92:dc:ce:0c:01:94:ec:15:e0:
ba:7a:9d:b0:70:6c:39:7b:e9:61:0f:9a:c7:4c:aa:57:2f:1a:
93:53:72:d9
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQoJEjmTyRO7+n640RBnvxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UxY2VkZmUwODI2ZjBmOTc3NWJkZmE4ZTk0MjUzMDBiZGU5ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4t3xahh5S8dxC7K1/p5QiJX6Avu
iMoewQkXqrY/nLqc3s7hflCE3uGROb3X2iMRTIVdmGMvSEWaeszlaWQ33UR54voj
kuJlyFQImmmGFTDT3yR2h474kHiFmRlhywgORB+Uv8DyBxsVAtBj15pwrqCyOOzN
R/f92RfB3JicyKaeSzBW9h6MMNhRR6gVr7yizE443Ffqp0P4Sa0ACdqUOFlxUOkS
9LxbgpcSJYcZEWDykP9SFfJzHo8UGLTDjS2GU4S7OvC3FDOUjm/0D6kmFOz9N1b6
+3g7fxettuA1feW94nDD5Uy2fhw5YCVg9gOkbb8w/OE31sv7l6l6Rdr+XwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzE5ZmE0
YS1mNDFkLTRiYWYtYjllYS1lYzliNzU1MjEyOTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvMTlmYTRh
LWY0MWQtNGJhZi1iOWVhLWVjOWI3NTUyMTI5Ny8xL1otSE8zLUNDYnctWGRiMzZq
cFFsTUF2ZW54TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwn6BMA0EAgACMAcDBQMqBTcAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMGjzANBgkqhkiG9w0BAQsFAAOCAQEAZvONuOATfCp6
80gfKGo9oZA/AAQy8xfw4TMs8pYx0u8ZZbvsxCiRUZxtgFA/vvoqB9c39RcH98yj
QPz+qpyphbaRx5wsHM4BGylHHegOjNzDH1dQ5zqwltR055QMd0JmePUToR4/kUnA
bNU+ylZ91QBspS9ePBdxuuIIWg7VyULrmcSBodBrd3YmwMA3H+asW2SoRfxDTPrB
mLbRg896XJtahtxRvHC+OINsE21u2VWFXJ7RgJgbA1gk5f0lH/br11cnyxkQECym
XdNMxYYZZcpT3NtgF36CllOlZVUrYuiiktzODAGU7BXgunqdsHBsOXvpYQ+ax0yq
Vy8ak1Ny2Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:54:10 2025 by rpki-client