Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_xukAAfM3NCTDxor3EsC4plFdno.cer
File: _xukAAfM3NCTDxor3EsC4plFdno.cer (raw, json)
Hash identifier: Ve5qClqEJLIUOpo81jDldWqTNPn+ooCkYu/7fvrfJUw=
Subject key identifier: FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5E90628634366504DAE72AE63CD01
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:47:57 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.104.136.0/22
IP: 217.65.132.0/22
IP: 2a10:97c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e9:06:28:63:43:66:50:4d:ae:72:ae:63:cd:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff1ba40007ccdcd0930f1a2bdc4b02e29945767a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0b:1c:46:d0:c4:3f:31:93:a4:89:09:e3:d0:
77:e1:47:63:14:66:b7:3e:9d:90:a9:0a:e2:19:de:
7a:43:f5:00:ad:99:64:bb:57:e6:87:35:5c:f2:35:
5c:04:29:41:81:4c:03:3f:f1:80:c9:6c:f7:30:59:
c8:9a:0e:be:08:91:18:e1:b3:10:94:dd:33:73:2e:
bf:3c:bb:2a:be:78:ff:4d:9c:a3:7e:0a:0a:ed:01:
94:57:33:81:87:75:da:af:48:e6:bf:e3:e5:5f:e5:
3e:47:6d:a1:6b:7a:a8:92:8d:73:da:d4:72:ef:9b:
1c:b7:94:19:72:19:4b:e4:ac:4b:5b:29:01:bb:a5:
83:c3:82:ea:5e:7b:6f:af:e8:74:1c:6d:d8:90:47:
3b:dc:22:46:95:0d:d0:bd:0d:a4:9b:11:02:02:14:
5a:b8:9f:59:12:f5:16:68:16:88:5c:dc:f2:1d:59:
03:68:4e:0e:56:ba:c4:37:08:25:48:4b:ea:8c:34:
74:56:14:b1:d1:14:cf:88:19:b4:41:cf:a1:41:8f:
06:77:da:b9:4f:43:21:9a:95:e3:53:b4:aa:25:61:
85:d2:8c:38:79:d6:3a:28:e8:a7:60:c0:0f:9d:6f:
77:f7:09:47:86:83:73:86:43:e2:ce:e5:7c:0e:2d:
f5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.136.0/22
217.65.132.0/22
IPv6:
2a10:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:4f:cf:0e:e5:b0:d8:45:a3:f8:4f:14:a6:05:af:64:dc:c6:
ca:0c:92:b4:43:99:f1:6a:3a:69:c1:f7:9c:c0:10:4d:7b:0b:
15:49:0b:b8:40:e6:ba:a6:b4:8e:f9:74:42:e0:7b:d3:bf:33:
13:46:47:f4:5a:a9:66:84:79:87:2e:d2:5e:f7:04:38:59:05:
e2:f8:13:e3:20:92:47:59:1a:ef:93:a8:2d:e5:5d:a8:d2:5e:
d5:be:49:11:ca:e5:9c:88:e3:b5:b0:e1:3b:68:ff:c2:21:43:
e6:8c:3c:18:9a:23:9a:17:68:11:f7:0e:3b:c3:34:b9:09:d2:
73:7c:01:c9:d8:07:55:07:8a:62:6e:61:5f:98:71:19:6d:88:
ca:3d:7e:7c:03:a0:5b:8b:36:2b:00:1a:3d:23:3d:4b:f7:2a:
ac:75:4e:6b:6b:04:ce:10:96:46:44:bc:95:03:2e:97:f7:b9:
42:7d:30:b1:ca:ee:37:05:92:d7:45:a2:db:35:31:15:d2:5e:
ca:a7:96:43:c8:68:4a:81:33:3f:a3:85:de:2a:70:41:eb:11:
45:87:79:23:25:d7:9f:d1:be:45:95:9f:d0:73:33:f6:2e:e4:
1d:e5:88:2c:c2:15:67:cf:b6:af:56:67:69:f0:f5:61:85:72:
90:dc:b1:26
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQg1ekGKGNDZlBNrnKuY80BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFiYTQwMDA3Y2NkY2QwOTMwZjFhMmJkYzRiMDJlMjk5NDU3NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAscRtDEPzGTpIkJ49B34UdjFGa3
Pp2QqQriGd56Q/UArZlku1fmhzVc8jVcBClBgUwDP/GAyWz3MFnImg6+CJEY4bMQ
lN0zcy6/PLsqvnj/TZyjfgoK7QGUVzOBh3Xar0jmv+PlX+U+R22ha3qoko1z2tRy
75sct5QZchlL5KxLWykBu6WDw4LqXntvr+h0HG3YkEc73CJGlQ3QvQ2kmxECAhRa
uJ9ZEvUWaBaIXNzyHVkDaE4OVrrENwglSEvqjDR0VhSx0RTPiBm0Qc+hQY8Gd9q5
T0MhmpXjU7SqJWGF0ow4edY6KOinYMAPnW939wlHhoNzhkPizuV8Di310wIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFP8bpAAHzNzQkw8aK9xLAuKZRXZ6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzA2MDcy
MC03MzIwLTQ5YjUtODlhYi04ZDJhNjUzYmE5OTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvMDYwNzIw
LTczMjAtNDliNS04OWFiLThkMmE2NTNiYTk5OS8xL194dWtBQWZNM05DVER4b3Iz
RXNDNHBsRmRuby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuWiIAwQC2UGEMA0EAgACMAcDBQMqEJfAMA0G
CSqGSIb3DQEBCwUAA4IBAQA4T88O5bDYRaP4TxSmBa9k3MbKDJK0Q5nxajppwfec
wBBNewsVSQu4QOa6prSO+XRC4HvTvzMTRkf0WqlmhHmHLtJe9wQ4WQXi+BPjIJJH
WRrvk6gt5V2o0l7VvkkRyuWciOO1sOE7aP/CIUPmjDwYmiOaF2gR9w47wzS5CdJz
fAHJ2AdVB4pibmFfmHEZbYjKPX58A6BbizYrABo9Iz1L9yqsdU5rawTOEJZGRLyV
Ay6X97lCfTCxyu43BZLXRaLbNTEV0l7Kp5ZDyGhKgTM/o4XeKnBB6xFFh3kjJdef
0b5FlZ/QczP2LuQd5YgswhVnz7avVmdp8PVhhXKQ3LEm
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:23:42 2025 by rpki-client