Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_X0csRSU6ziY8Q09Y1vnXxay3FE.cer
File: _X0csRSU6ziY8Q09Y1vnXxay3FE.cer (raw, json)
Hash identifier: XrPUYUqL3QbCQuXvxKnrS60BLgh9YCNNoNhmU/D9r64=
Subject key identifier: FD:7D:1C:B1:14:94:EB:38:98:F1:0D:3D:63:5B:E7:5F:16:B2:DC:51
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427B5D15A4138255F9EB454ED3FC264C5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/_X0csRSU6ziY8Q09Y1vnXxay3FE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 15:50:14 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 47708
IP: 134.25.0.0/16
IP: 2001:678:330::/48
IP: 2001:67c:d8::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d1:5a:41:38:25:5f:9e:b4:54:ed:3f:c2:64:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 15:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd7d1cb11494eb3898f10d3d635be75f16b2dc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f9:c4:35:0b:6a:e3:fe:e2:a0:c6:cc:93:1e:
5d:81:b7:90:27:8b:17:bc:94:8c:7b:4a:63:e3:70:
aa:36:b3:64:32:58:30:3f:fd:8b:91:87:aa:ed:0c:
9d:a4:94:93:56:c7:38:ff:7b:eb:a1:d7:ce:c6:b7:
63:8c:90:42:29:e5:56:3a:f8:97:b1:63:c4:8b:99:
ed:57:b8:86:62:ae:49:bd:4c:be:d0:6b:15:02:6e:
9a:87:29:1d:14:52:2a:c5:fc:63:45:fd:6a:f9:0e:
52:b4:af:1d:20:0a:d0:71:e3:7d:20:fe:b1:15:da:
a6:fa:5e:93:25:34:13:01:5a:ad:d9:65:03:6a:f1:
df:32:cc:6d:62:a1:dd:c8:17:fb:88:84:8d:b7:02:
fb:ba:dc:9c:d4:38:ac:b1:f0:3d:8c:ce:b4:28:8d:
cf:b7:4a:fa:3f:03:05:a9:88:df:c8:bd:3c:e0:76:
ff:75:d0:39:97:79:ff:49:b7:69:78:e5:30:b0:6c:
23:61:53:d1:b1:6c:e5:b9:69:99:4f:87:e8:70:4a:
a3:99:4a:9c:97:c0:77:cf:2a:74:60:b6:40:00:65:
2c:bf:61:8d:3d:4a:e9:26:d7:08:ec:c6:51:0e:c0:
8d:15:c1:a3:38:fe:02:34:76:9b:db:1c:b3:e9:39:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7D:1C:B1:14:94:EB:38:98:F1:0D:3D:63:5B:E7:5F:16:B2:DC:51
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/_X0csRSU6ziY8Q09Y1vnXxay3FE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.25.0.0/16
IPv6:
2001:678:330::/48
2001:67c:d8::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47708
Signature Algorithm: sha256WithRSAEncryption
9c:0f:7e:2f:eb:78:fa:da:04:d0:10:bd:f2:f3:dc:f1:86:f9:
08:65:71:b4:90:d2:c5:cc:ee:08:8a:bb:01:b0:d0:e2:90:c9:
99:ad:a1:34:ba:0d:a5:67:81:41:79:c2:1e:04:77:35:c0:2e:
a1:56:49:8c:bf:d7:63:c2:2e:48:14:35:96:ac:bb:be:04:08:
64:58:0e:9b:35:af:f4:b7:f4:85:b4:f0:cb:e0:43:27:a7:3a:
01:66:11:31:93:d7:ac:4d:11:ff:0c:2d:c3:be:8f:8a:bc:46:
6c:6c:d7:b7:c8:46:66:c8:0e:95:30:05:e8:90:de:2e:8e:37:
78:d5:9a:c8:ac:a5:c6:cc:1f:63:cd:7b:1f:b1:73:d6:f2:ff:
10:45:a7:12:a0:a0:5b:b5:11:ba:43:d1:65:4d:6b:6a:e8:b3:
44:0a:1a:f3:bc:2f:a5:4e:9c:ee:60:4c:7f:c2:ea:5d:8d:e1:
0c:34:ae:a8:43:4e:6d:09:48:cf:c2:5b:eb:20:67:4b:b8:72:
66:26:4f:1e:85:88:e7:ae:06:6f:d8:7d:5c:a6:d3:fb:cb:0c:
63:4d:ef:51:ed:30:8f:e5:b0:55:93:84:3a:51:ee:b8:b1:c4:
e3:46:6f:e6:10:f6:7d:32:76:99:d3:17:d9:e1:f1:f8:2e:19:
18:46:de:58
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZQntdFaQTglX560VO0/wmTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdkMWNiMTE0OTRlYjM4OThmMTBkM2Q2MzViZTc1ZjE2YjJkYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/nENQtq4/7ioMbMkx5dgbeQJ4sX
vJSMe0pj43CqNrNkMlgwP/2LkYeq7QydpJSTVsc4/3vrodfOxrdjjJBCKeVWOviX
sWPEi5ntV7iGYq5JvUy+0GsVAm6ahykdFFIqxfxjRf1q+Q5StK8dIArQceN9IP6x
Fdqm+l6TJTQTAVqt2WUDavHfMsxtYqHdyBf7iISNtwL7utyc1DissfA9jM60KI3P
t0r6PwMFqYjfyL084Hb/ddA5l3n/SbdpeOUwsGwjYVPRsWzluWmZT4focEqjmUqc
l8B3zyp0YLZAAGUsv2GNPUrpJtcI7MZRDsCNFcGjOP4CNHab2xyz6TmgaQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFP19HLEUlOs4mPENPWNb518WstxRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjL2E2YzE1
Mi0zN2QzLTRmODYtOGY2ZS03NjU5YmY4NmFjNGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvYTZjMTUy
LTM3ZDMtNGY4Ni04ZjZlLTc2NTliZjg2YWM0Yy8xL19YMGNzUlNVNnppWThRMDlZ
MXZuWHhheTNGRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzALBAIAATAFAwMAhhkwGAQCAAIwEgMHACABBngDMAMHACABBnwA
2DAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAulwwDQYJKoZIhvcNAQELBQADggEB
AJwPfi/rePraBNAQvfLz3PGG+QhlcbSQ0sXM7giKuwGw0OKQyZmtoTS6DaVngUF5
wh4EdzXALqFWSYy/12PCLkgUNZasu74ECGRYDps1r/S39IW08MvgQyenOgFmETGT
16xNEf8MLcO+j4q8Rmxs17fIRmbIDpUwBeiQ3i6ON3jVmsispcbMH2PNex+xc9by
/xBFpxKgoFu1EbpD0WVNa2ros0QKGvO8L6VOnO5gTH/C6l2N4Qw0rqhDTm0JSM/C
W+sgZ0u4cmYmTx6FiOeuBm/YfVym0/vLDGNN71HtMI/lsFWThDpR7rixxONGb+YQ
9n0ydpnTF9nh8fguGRhG3lg=
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:47:52 2025 by rpki-client