Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
File: Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer (raw, json)
Hash identifier: wfNnY6lHZi+VSTw/GaNWpn7mfkd21K1ReWTqo2oKSr0=
Subject key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427B545B67FAEA22C674B71678578D7BE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 15:49:38 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 48449
IP: 46.20.96.0/20
IP: 185.100.168.0/22
IP: 185.160.192.0/22
IP: 185.169.220.0/22
IP: 2a14:80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:45:b6:7f:ae:a2:2c:67:4b:71:67:85:78:d7:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 15:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67499595a65aab0b53768def08091e31061e9e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:ce:7f:be:26:a0:1a:d4:00:f1:00:c9:0e:
7f:98:2e:c3:96:9b:19:a9:c9:23:bd:55:fa:f8:e5:
54:1a:1b:8f:e7:4c:5b:0b:ad:42:e7:b1:95:44:eb:
d5:82:f5:20:0f:b6:f1:aa:03:93:c1:d3:10:fd:53:
48:c3:6c:82:cf:15:27:68:c9:c8:72:b3:82:4f:0e:
ed:3c:5b:e6:76:0b:1f:f2:a1:23:0a:4f:73:1d:4e:
81:2d:0c:62:b5:65:57:0e:e1:79:36:0a:59:61:d2:
09:c6:fa:34:2c:57:a7:10:62:36:35:cf:8c:d7:b1:
8a:a8:8b:e6:b0:61:ba:3d:b5:64:d5:22:bd:ea:57:
f9:4d:6c:f7:18:53:56:8a:67:a3:aa:e1:95:e2:c5:
7d:54:ad:e3:9c:2e:e3:71:6e:b2:24:f4:fa:ba:4b:
ce:ad:ac:54:de:20:79:db:01:91:ad:79:97:fd:ee:
bd:dc:6d:65:af:f5:1f:70:da:dd:a1:25:a6:a4:85:
a2:46:a0:c1:9f:0a:3b:42:f0:c9:eb:85:ab:aa:dd:
e2:71:aa:e8:47:af:56:51:ab:c9:e9:c6:a6:ae:6c:
49:79:6d:cb:db:a4:27:fa:4f:7a:d6:23:f2:e5:88:
08:78:21:68:79:e1:cc:a9:b7:3a:b5:8b:28:26:f3:
cf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/20
185.100.168.0/22
185.160.192.0/22
185.169.220.0/22
IPv6:
2a14:80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
48449
Signature Algorithm: sha256WithRSAEncryption
54:54:96:20:fd:7f:80:00:3d:fd:3f:5d:c9:96:02:bd:49:8a:
15:ce:57:84:a5:ab:44:47:79:a9:ec:30:b0:f5:db:e2:c3:36:
ab:5d:c8:cd:5a:50:45:ca:cf:1c:92:40:af:e0:8c:39:37:7f:
36:55:8d:5a:8b:f3:cc:19:7f:01:d9:db:b3:e8:b4:ad:0d:ac:
93:c3:08:5a:d6:08:6f:9b:5a:76:8b:09:c2:68:63:d5:31:aa:
1b:28:41:f8:75:44:b0:37:d8:01:19:83:05:ea:27:6d:6e:22:
79:74:f4:fc:46:82:61:27:5a:ac:5a:f9:8f:a2:b2:b1:b1:ca:
4d:af:de:47:8d:4c:20:24:b8:6a:64:51:ae:9d:12:9d:03:b0:
56:5d:77:57:80:8c:12:b9:a5:b1:a5:b1:d3:ac:18:00:f1:30:
e6:67:4b:ac:c5:82:d3:62:4e:9a:c0:d5:e3:58:7f:9d:e6:54:
db:69:f7:85:a3:28:a0:5b:c3:5d:77:1a:00:e0:51:56:0d:cd:
bf:0d:64:af:35:e1:cb:25:34:41:0a:97:7a:82:1f:b4:75:ca:
ef:61:a8:ef:99:45:78:dd:c8:e8:10:f6:22:21:da:f4:e5:b1:
fb:44:bc:df:ef:2b:03:ba:a8:95:34:24:42:8f:c4:b1:fd:d6:
b6:49:e9:4f
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZQntUW2f66iLGdLcWeFeNe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQ5OTU5NWE2NWFhYjBiNTM3NjhkZWYwODA5MWUzMTA2MWU5ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYrOf74moBrUAPEAyQ5/mC7DlpsZ
qckjvVX6+OVUGhuP50xbC61C57GVROvVgvUgD7bxqgOTwdMQ/VNIw2yCzxUnaMnI
crOCTw7tPFvmdgsf8qEjCk9zHU6BLQxitWVXDuF5NgpZYdIJxvo0LFenEGI2Nc+M
17GKqIvmsGG6PbVk1SK96lf5TWz3GFNWimejquGV4sV9VK3jnC7jcW6yJPT6ukvO
raxU3iB52wGRrXmX/e693G1lr/UfcNrdoSWmpIWiRqDBnwo7QvDJ64Wrqt3icaro
R69WUavJ6camrmxJeW3L26Qn+k961iPy5YgIeCFoeeHMqbc6tYsoJvPPQwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFGdJlZWmWqsLU3aN7wgJHjEGHp5lMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmL2I3NDRi
OC1mMzlkLTQ5NWItYjIxNy0zNTUwODA0MTY1MmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvYjc0NGI4
LWYzOWQtNDk1Yi1iMjE3LTM1NTA4MDQxNjUyZC8xL1owbVZsYVphcXd0VGRvM3ZD
QWtlTVFZZW5tVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQELhRgAwQCuWSoAwQCuaDAAwQCuancMA0EAgAC
MAcDBQMqFACAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC9QTANBgkqhkiG9w0B
AQsFAAOCAQEAVFSWIP1/gAA9/T9dyZYCvUmKFc5XhKWrREd5qewwsPXb4sM2q13I
zVpQRcrPHJJAr+CMOTd/NlWNWovzzBl/Adnbs+i0rQ2sk8MIWtYIb5tadosJwmhj
1TGqGyhB+HVEsDfYARmDBeonbW4ieXT0/EaCYSdarFr5j6KysbHKTa/eR41MICS4
amRRrp0SnQOwVl13V4CMErmlsaWx06wYAPEw5mdLrMWC02JOmsDV41h/neZU22n3
haMooFvDXXcaAOBRVg3Nvw1krzXhyyU0QQqXeoIftHXK72Go75lFeN3I6BD2IiHa
9OWx+0S83+8rA7qolTQkQo/Esf3WtknpTw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:34:20 2025 by rpki-client