Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.cer (raw, json)
Hash identifier: hhtXFOMgRhSMJE5Mk4SN9AzNsVuWf5o5Bds13RfXAtw=
Subject key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9DA999D45BD63669C0D599702ED1E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:59 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 47648
IP: 152.89.188.0/22
IP: 185.239.196.0/22
IP: 195.68.248.0/23
IP: 195.68.254.0/23
IP: 2a0c:6180::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:da:99:9d:45:bd:63:66:9c:0d:59:97:02:ed:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fce4f396729bf478e636549821f6f6970d893f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d5:f4:51:d1:3d:b8:f8:97:63:b2:db:0f:b8:
eb:26:47:c9:b3:e5:5d:ab:15:9e:3d:73:77:f3:24:
9d:0b:ca:ac:71:0f:cb:ef:27:56:ac:61:c1:ca:dd:
c1:c4:54:c5:08:03:fd:72:c6:53:a1:1c:84:40:e2:
68:58:c2:bd:19:70:e2:8b:76:96:5c:32:43:0a:f9:
70:4b:48:cc:db:63:83:3d:8a:88:95:eb:9d:e3:0d:
f0:3f:1a:fd:d1:bf:93:1c:63:3a:32:6f:eb:3d:84:
93:75:b1:ee:7f:93:dd:d3:b0:1f:49:1c:c1:0a:10:
51:30:a3:2e:79:ac:a8:1e:0a:ec:21:a8:11:ec:05:
f4:9c:34:21:da:4b:c2:bb:c5:d0:5d:de:49:bd:0a:
e2:53:b4:a4:c1:c7:8b:76:77:10:47:98:b2:79:45:
ad:e9:bc:10:9a:47:10:0d:25:ef:51:d9:07:0b:d3:
5f:ff:0b:4e:0d:e9:9e:7a:1e:48:91:29:b1:41:d5:
7b:45:7c:0e:27:5a:0a:5c:0e:86:66:9e:d5:3b:36:
50:53:8e:17:3b:5a:b7:bc:83:80:e8:63:3d:32:8f:
b7:cf:3b:92:5e:14:bf:ae:31:77:21:9e:c8:f7:54:
80:b3:9a:22:5f:b1:c3:78:07:32:8c:53:4e:7f:80:
1c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.188.0/22
185.239.196.0/22
195.68.248.0/23
195.68.254.0/23
IPv6:
2a0c:6180::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47648
Signature Algorithm: sha256WithRSAEncryption
30:4d:9f:0a:1d:7b:f5:b3:35:23:31:e5:56:b6:83:fd:8a:84:
75:bb:3f:5e:7d:05:02:e7:03:7c:a5:ac:61:de:88:cb:23:f4:
9c:6c:6c:32:a3:43:c8:bd:e9:a4:ff:4e:c6:e6:2c:3b:ab:1f:
20:25:94:ff:5b:8d:5e:f0:81:f3:c3:e6:b2:f0:41:20:1a:7b:
40:ff:46:51:09:5b:71:83:f6:bd:a8:62:a6:32:3f:d6:21:41:
7d:f4:37:2d:df:5a:1f:85:87:e8:8e:14:60:fd:e4:db:48:85:
c4:ec:91:e7:4d:d4:e7:c0:bb:86:cb:be:6b:b8:f5:0c:05:07:
57:a2:e7:4a:83:69:87:48:0f:b0:f9:f8:16:4e:ff:57:20:20:
fa:ab:9f:93:4a:31:09:71:13:f0:9d:22:01:c5:12:72:c9:14:
b3:e9:9c:fc:46:a4:d6:27:a6:32:93:e2:58:5e:78:26:07:46:
24:a3:ee:3c:a5:e7:c5:33:9d:5a:d6:02:9c:7a:88:aa:fd:5b:
32:04:12:b5:50:28:26:48:9f:46:9f:69:fa:7a:17:3b:fd:7b:
ed:d0:9d:13:30:f0:09:c5:8f:2a:21:c9:1b:1c:47:d6:df:03:
b3:2a:9c:a1:25:60:9b:e6:2c:93:ff:ae:a6:38:e1:49:aa:f2:
93:1e:e4:5f
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZQm2dqZnUW9Y2acDVmXAu0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2U0ZjM5NjcyOWJmNDc4ZTYzNjU0OTgyMWY2ZjY5NzBkODkzZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NX0UdE9uPiXY7LbD7jrJkfJs+Vd
qxWePXN38ySdC8qscQ/L7ydWrGHByt3BxFTFCAP9csZToRyEQOJoWMK9GXDii3aW
XDJDCvlwS0jM22ODPYqIleud4w3wPxr90b+THGM6Mm/rPYSTdbHuf5Pd07AfSRzB
ChBRMKMueayoHgrsIagR7AX0nDQh2kvCu8XQXd5JvQriU7SkwceLdncQR5iyeUWt
6bwQmkcQDSXvUdkHC9Nf/wtODemeeh5IkSmxQdV7RXwOJ1oKXA6GZp7VOzZQU44X
O1q3vIOA6GM9Mo+3zzuSXhS/rjF3IZ7I91SAs5oiX7HDeAcyjFNOf4AceQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFPzk85Zym/R45jZUmCH29pcNiT9SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYzLzM2Mjc1
ZS02NzU5LTRkNTItYjJkMS04YzcwZGU5ZTliOWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMvMzYyNzVl
LTY3NTktNGQ1Mi1iMmQxLThjNzBkZTllOWI5ZC8xL19PVHpsbktiOUhqbU5sU1lJ
ZmIybHcySlAxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQCmFm8AwQCue/EAwQBw0T4AwQBw0T+MA0EAgAC
MAcDBQMqDGGAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC6IDANBgkqhkiG9w0B
AQsFAAOCAQEAME2fCh179bM1IzHlVraD/YqEdbs/Xn0FAucDfKWsYd6IyyP0nGxs
MqNDyL3ppP9OxuYsO6sfICWU/1uNXvCB88PmsvBBIBp7QP9GUQlbcYP2vahipjI/
1iFBffQ3Ld9aH4WH6I4UYP3k20iFxOyR503U58C7hsu+a7j1DAUHV6LnSoNph0gP
sPn4Fk7/VyAg+qufk0oxCXET8J0iAcUScskUs+mc/Eak1iemMpPiWF54JgdGJKPu
PKXnxTOdWtYCnHqIqv1bMgQStVAoJkifRp9p+noXO/177dCdEzDwCcWPKiHJGxxH
1t8DsyqcoSVgm+Ysk/+upjjhSarykx7kXw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:21 2025 by rpki-client