Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_TrysG9KUBbg5avtGD9GXbFfQdU.cer
File: _TrysG9KUBbg5avtGD9GXbFfQdU.cer (raw, json)
Hash identifier: r9dsHJRl21OjzhYCJPx+VHYRK0yYtOoQD05UK0moO1c=
Subject key identifier: FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425223539BE253B4066C1DB90CBBF73E8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:46 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.145.160.0/22
IP: 2a07:4880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:35:39:be:25:3b:40:66:c1:db:90:cb:bf:73:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd3af2b06f4a5016e0e5abed183f465db15f41d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d1:e4:c3:e1:31:a1:ae:38:71:ca:8d:f4:35:
c2:0f:2d:b1:b2:e9:80:0f:2c:0e:9b:5e:b5:65:e4:
54:93:8d:9e:e9:a1:8a:c4:1f:4c:88:4d:65:9f:71:
e9:e4:e7:7c:65:eb:41:d3:49:aa:95:39:6e:98:15:
ea:ba:38:63:b1:04:7e:58:fc:95:93:bb:ac:c5:ba:
2b:fa:f9:42:e1:74:6f:72:2f:64:46:cd:04:0f:3a:
47:c5:46:9e:73:46:59:6d:62:f3:d5:e0:92:81:7b:
8b:7c:6b:3c:d0:3a:90:71:5f:0d:6e:57:7e:9d:cf:
f1:fe:7d:f4:42:23:26:55:e6:68:1a:e5:df:ed:06:
5f:36:38:8b:d1:40:36:e8:e6:40:b8:84:aa:6f:4b:
16:15:13:08:3e:9c:ab:be:fb:2e:68:cc:95:8e:fc:
b8:ea:8d:fc:b7:36:2e:4a:cb:30:95:85:e2:eb:9f:
50:de:be:29:61:f3:48:51:7b:04:b8:df:91:9b:44:
57:c5:ff:0d:8c:e9:ff:65:3c:ae:05:f7:ee:d6:86:
27:30:69:b5:91:37:6d:48:9e:09:f7:62:8f:15:63:
f5:e0:d3:bb:22:94:ca:0f:c4:37:4a:5a:2d:0d:88:
1c:30:14:d2:ba:74:f9:9b:d2:9c:60:13:7e:c6:8f:
96:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.160.0/22
IPv6:
2a07:4880::/29
Signature Algorithm: sha256WithRSAEncryption
7c:87:fa:68:e4:1c:a9:f3:0b:64:a0:b5:3c:fd:37:3b:7f:14:
86:21:38:20:82:90:fb:fe:f3:08:f2:14:01:ed:2e:ef:f5:79:
1f:a3:76:8a:e3:99:f4:79:2c:18:0d:b8:4b:57:a1:de:4d:0c:
d8:4e:aa:55:35:bf:b1:1f:4a:2e:91:ff:3b:2c:6a:8c:46:57:
de:30:da:d9:cf:46:54:80:7b:b3:fa:57:2c:d4:bb:46:c6:4f:
80:72:55:b5:8d:10:a2:0b:a4:1e:a0:42:5a:fc:90:5b:b9:6a:
fd:2d:9d:13:81:f0:23:c1:4c:b7:50:39:b1:9c:38:b5:c2:fb:
34:a8:db:10:06:0a:45:e4:bd:e3:40:18:24:bd:fd:0e:09:e8:
9c:a1:29:17:14:24:47:ff:58:ff:f7:96:bf:5f:07:c5:d0:e5:
98:8c:24:56:c4:d9:d0:9a:a7:f5:76:c8:71:d4:4d:9a:56:5e:
c2:fe:db:fe:e2:04:be:e1:18:d0:2c:b0:41:48:63:19:5d:ff:
da:4e:2b:ab:24:4a:d6:c3:a2:ee:5a:d2:c1:1b:2b:44:fd:8e:
61:3e:64:77:86:4c:22:b9:88:03:3c:12:67:03:a6:2c:73:e0:
2c:c3:0d:12:2b:76:2d:f1:9e:3f:98:71:59:40:1f:ee:87:56:
6e:d0:12:fc
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZQlIjU5viU7QGbB25DLv3PoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNhZjJiMDZmNGE1MDE2ZTBlNWFiZWQxODNmNDY1ZGIxNWY0MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNHkw+Exoa44ccqN9DXCDy2xsumA
DywOm161ZeRUk42e6aGKxB9MiE1ln3Hp5Od8ZetB00mqlTlumBXqujhjsQR+WPyV
k7usxbor+vlC4XRvci9kRs0EDzpHxUaec0ZZbWLz1eCSgXuLfGs80DqQcV8Nbld+
nc/x/n30QiMmVeZoGuXf7QZfNjiL0UA26OZAuISqb0sWFRMIPpyrvvsuaMyVjvy4
6o38tzYuSsswlYXi659Q3r4pYfNIUXsEuN+Rm0RXxf8NjOn/ZTyuBffu1oYnMGm1
kTdtSJ4J92KPFWP14NO7IpTKD8Q3SlotDYgcMBTSunT5m9KcYBN+xo+WswIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFP068rBvSlAW4OWr7Rg/Rl2xX0HVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1LzkyMjYy
ZS0yMjc2LTRhODgtYTczMy0wNDliZDdiMWUxMTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvOTIyNjJl
LTIyNzYtNGE4OC1hNzMzLTA0OWJkN2IxZTExOS8xL19UcnlzRzlLVUJiZzVhdnRH
RDlHWGJGZlFkVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZGgMA0EAgACMAcDBQMqB0iAMA0GCSqGSIb3
DQEBCwUAA4IBAQB8h/po5Byp8wtkoLU8/Tc7fxSGITgggpD7/vMI8hQB7S7v9Xkf
o3aK45n0eSwYDbhLV6HeTQzYTqpVNb+xH0oukf87LGqMRlfeMNrZz0ZUgHuz+lcs
1LtGxk+AclW1jRCiC6QeoEJa/JBbuWr9LZ0TgfAjwUy3UDmxnDi1wvs0qNsQBgpF
5L3jQBgkvf0OCeicoSkXFCRH/1j/95a/XwfF0OWYjCRWxNnQmqf1dshx1E2aVl7C
/tv+4gS+4RjQLLBBSGMZXf/aTiurJErWw6LuWtLBGytE/Y5hPmR3hkwiuYgDPBJn
A6Ysc+Asww0SK3Yt8Z4/mHFZQB/uh1Zu0BL8
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:17:45 2025 by rpki-client