Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
File: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer (raw, json)
Hash identifier: nNsGs1BqUy0nY282ZjM1a4nhokrDkSZBZ0vDcCLoZfI=
Subject key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D6F6C64676997F0DC6D40E1CC7522D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:47:58 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 198815
AS: 211589
IP: 37.152.64.0/21
IP: 2a00:b3c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f6:c6:46:76:99:7f:0d:c6:d4:0e:1c:c7:52:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c8:b9:25:f1:96:ae:ad:60:0d:f0:d2:7f:19:
05:ff:1b:d4:4b:a3:0e:33:1c:e2:f5:c5:82:80:30:
1e:05:db:9b:4d:4b:25:04:8c:34:fe:f0:ac:5b:4f:
42:44:03:14:a4:0a:0d:46:59:bf:7d:66:1b:ef:bb:
ab:9e:ad:e1:0e:7b:10:61:65:f8:01:48:80:0d:57:
d6:02:0b:df:7c:a5:9c:d7:d3:46:34:50:91:33:a1:
e9:3e:ae:bc:83:7a:f5:dc:df:60:5a:50:02:08:be:
3a:47:78:d3:68:04:cf:c6:61:d7:57:37:93:8f:09:
06:c0:bb:eb:d7:5d:68:ba:ff:61:6a:f2:a8:dc:36:
20:90:f0:79:cf:f3:3b:88:dc:6f:f2:56:0a:d8:14:
9f:f0:22:6e:37:d0:c5:76:66:44:30:4b:cd:1d:90:
0c:bf:22:e2:e6:aa:ea:cf:42:62:27:93:6f:26:ca:
2b:b1:5b:d8:95:e0:e4:a0:9e:9f:7c:89:6b:8e:09:
da:7a:f3:2b:da:d8:8f:df:1c:f4:8c:24:d8:7c:7e:
51:fd:0d:9c:88:a4:be:db:37:27:85:03:6d:c7:42:
10:ef:39:49:3f:6c:6f:af:a5:61:98:1d:95:54:1e:
6b:87:ac:db:97:63:81:dc:07:01:6f:53:b8:44:97:
da:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.64.0/21
IPv6:
2a00:b3c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198815
211589
Signature Algorithm: sha256WithRSAEncryption
3b:0b:00:41:3f:7c:cd:67:f3:6c:e7:99:8b:5b:c2:7b:d8:c3:
3b:ca:7f:fe:37:b1:90:dc:a7:30:3c:54:86:15:4e:4b:fa:ae:
3f:c6:ed:94:4d:70:d3:bb:86:92:34:5a:53:b9:c4:98:09:64:
a4:05:1a:6c:ae:31:f9:f6:bc:bd:fd:0b:63:1c:50:1c:22:0b:
17:51:c9:71:70:33:60:1b:2a:6e:33:f7:6e:01:fe:51:1e:6a:
77:44:5c:80:e1:95:2d:bb:9c:d9:77:bc:78:9c:04:6b:40:2d:
07:1c:c9:62:ef:06:1a:95:f1:ca:ef:58:fa:8c:0b:83:e7:27:
6b:2b:4c:64:ec:41:f3:19:e5:a8:89:b2:3c:c5:89:eb:88:63:
98:27:d0:92:ce:8b:4e:45:cd:21:82:62:e4:df:b9:e8:0d:80:
a3:8b:51:d8:89:7a:63:a1:e6:64:ff:73:16:6c:e1:70:7c:17:
73:50:28:60:d5:94:b3:56:be:3b:6c:d8:59:41:b6:0b:00:76:
c2:48:10:5b:fa:b6:27:14:0a:e7:13:76:26:1b:15:17:08:02:
80:c3:ea:4f:ab:34:54:f8:4f:45:1a:8f:77:b4:02:87:93:13:
0c:9e:94:b7:ad:dd:08:2f:6c:3c:bb:ea:a2:07:05:a7:52:98:
6d:a5:64:3a
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQj1vbGRnaZfw3G1A4cx1ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUxZTZlYTUyN2RjMzg1YTc5YTNlMDg4MjdkYmY2OTBjOTFjNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkci5JfGWrq1gDfDSfxkF/xvUS6MO
Mxzi9cWCgDAeBdubTUslBIw0/vCsW09CRAMUpAoNRlm/fWYb77urnq3hDnsQYWX4
AUiADVfWAgvffKWc19NGNFCRM6HpPq68g3r13N9gWlACCL46R3jTaATPxmHXVzeT
jwkGwLvr111ouv9havKo3DYgkPB5z/M7iNxv8lYK2BSf8CJuN9DFdmZEMEvNHZAM
vyLi5qrqz0JiJ5NvJsorsVvYleDkoJ6ffIlrjgnaevMr2tiP3xz0jCTYfH5R/Q2c
iKS+2zcnhQNtx0IQ7zlJP2xvr6VhmB2VVB5rh6zbl2OB3AcBb1O4RJfaIQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFGjh5upSfcOFp5o+CIJ9v2kMkcTCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y1LzkzMzFj
OS1lMTY0LTRkMmUtYjgzOS0xN2QwOTdmZjg5YzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUvOTMzMWM5
LWUxNjQtNGQyZS1iODM5LTE3ZDA5N2ZmODljMi8xL2FPSG02bEo5dzRXbm1qNEln
bjJfYVF5UnhNSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDJZhAMA0EAgACMAcDBQAqALPAMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwMInwIDAzqFMA0GCSqGSIb3DQEBCwUAA4IBAQA7CwBB
P3zNZ/Ns55mLW8J72MM7yn/+N7GQ3KcwPFSGFU5L+q4/xu2UTXDTu4aSNFpTucSY
CWSkBRpsrjH59ry9/QtjHFAcIgsXUclxcDNgGypuM/duAf5RHmp3RFyA4ZUtu5zZ
d7x4nARrQC0HHMli7wYalfHK71j6jAuD5ydrK0xk7EHzGeWoibI8xYnriGOYJ9CS
zotORc0hgmLk37noDYCji1HYiXpjoeZk/3MWbOFwfBdzUChg1ZSzVr47bNhZQbYL
AHbCSBBb+rYnFArnE3YmGxUXCAKAw+pPqzRU+E9FGo93tAKHkxMMnpS3rd0IL2w8
u+qiBwWnUphtpWQ6
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:54:52 2025 by rpki-client