Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
File: aesALwAL1CbkpkDHHWwCAbUFDjQ.cer (raw, json)
Hash identifier: YHUCSgoRfTWtnfId+ELazuXzvyklTeWJAiytksalQAo=
Subject key identifier: 69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421444A2B05648D0B991AA328CC573E80
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 61967
IP: 45.137.92.0/22
IP: 91.220.244.0/24
IP: 185.20.232.0/22
IP: 2a04:1600::/29
IP: 2a0e:94c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:4a:2b:05:64:8d:0b:99:1a:a3:28:cc:57:3e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c2:0f:b3:b6:73:12:09:10:a8:c4:69:12:8c:
3e:57:15:7d:c3:96:38:55:7b:08:60:6b:5d:f0:95:
10:eb:95:b3:be:9b:a8:9f:08:69:ff:4c:80:52:e4:
59:93:7a:69:a1:88:60:74:ad:3b:dd:f5:57:36:de:
fa:b3:a6:43:af:b3:5b:e9:c8:4f:fd:b9:bb:81:bc:
92:92:87:97:cb:bd:54:13:31:35:cd:44:4c:2d:58:
b9:a7:e8:fc:b9:6d:13:3d:25:b4:33:0d:8f:ad:4b:
c8:51:46:58:73:68:cb:ac:70:7f:08:a5:0e:7b:00:
ed:39:68:92:b0:45:45:b6:89:c6:4d:24:94:eb:29:
2a:04:12:51:19:7a:0d:1b:e2:55:ba:a7:18:98:20:
40:9b:a0:68:db:8f:5f:b4:00:43:2f:8a:1b:20:3f:
2f:66:18:34:73:33:77:4a:05:a5:cc:f9:98:8f:f5:
4e:01:a8:fb:89:f2:4c:d6:f3:1a:6c:90:3e:0c:b1:
e9:b4:96:f6:0f:29:87:e6:db:f3:6f:32:f9:04:2d:
c4:4b:dc:3c:86:82:7d:8c:03:2d:19:25:1c:16:7f:
a2:86:2a:44:ea:3d:b4:e5:ef:e1:f2:7e:a6:1b:1c:
82:11:98:cc:8c:cf:7e:e6:60:60:19:dd:73:c3:9a:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.92.0/22
91.220.244.0/24
185.20.232.0/22
IPv6:
2a04:1600::/29
2a0e:94c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61967
Signature Algorithm: sha256WithRSAEncryption
52:55:e7:af:cb:b1:9c:51:ab:08:f4:a1:4d:11:f8:e8:c1:2f:
4e:3b:c7:da:dd:4b:46:37:71:73:6f:5d:ff:28:5a:d3:03:9a:
24:a2:97:d9:a9:a2:42:3a:91:31:d1:95:06:b7:45:9e:c1:6f:
03:d1:49:3b:66:61:c8:e0:05:66:e5:9c:77:5a:e5:b9:8b:56:
ca:bd:56:cf:43:57:7a:bd:71:21:dd:ef:64:ef:27:83:43:14:
cf:eb:42:4b:40:01:81:96:07:da:0b:f8:69:e7:5a:05:88:8e:
8b:76:14:9f:c0:65:af:1f:6a:d5:dd:fd:7a:e9:19:fd:54:85:
fe:8b:8d:fa:24:dd:40:f2:28:bc:26:9e:40:68:60:46:fa:1f:
28:58:c4:0f:fc:cb:dc:2c:b6:3c:53:e6:b1:6d:3c:5e:0d:55:
43:43:9a:60:a3:2d:57:de:b2:8c:7a:38:06:69:6e:e8:36:7d:
4f:34:50:01:e1:2c:8e:72:17:4b:69:d3:81:50:32:27:cf:3b:
44:0f:e4:aa:99:1f:28:bd:58:a9:ba:95:52:be:8a:67:a8:16:
0c:d4:51:85:70:d6:78:26:0d:3d:15:bc:e6:5b:21:11:50:34:
ae:71:8b:1d:09:e1:0d:b9:52:d8:b7:b8:83:b3:32:4f:be:71:
ce:de:34:8e
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZQhREorBWSNC5kaoyjMVz6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWViMDAyZjAwMGJkNDI2ZTRhNjQwYzcxZDZjMDIwMWI1MDUwZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMIPs7ZzEgkQqMRpEow+VxV9w5Y4
VXsIYGtd8JUQ65Wzvpuonwhp/0yAUuRZk3ppoYhgdK073fVXNt76s6ZDr7Nb6chP
/bm7gbySkoeXy71UEzE1zURMLVi5p+j8uW0TPSW0Mw2PrUvIUUZYc2jLrHB/CKUO
ewDtOWiSsEVFtonGTSSU6ykqBBJRGXoNG+JVuqcYmCBAm6Bo249ftABDL4obID8v
Zhg0czN3SgWlzPmYj/VOAaj7ifJM1vMabJA+DLHptJb2DymH5tvzbzL5BC3ES9w8
hoJ9jAMtGSUcFn+ihipE6j205e/h8n6mGxyCEZjMjM9+5mBgGd1zw5qeTQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFGnrAC8AC9Qm5KZAxx1sAgG1BQ40MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2QzZTY4
Mi0zMzcwLTQyNzEtOTQzNy03ODU0NzVjMjJjOWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvZDNlNjgy
LTMzNzAtNDI3MS05NDM3LTc4NTQ3NWMyMmM5Yi8xL2Flc0FMd0FMMUNia3BrREhI
V3dDQWJVRkRqUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF
BwEHAQH/BDIwMDAYBAIAATASAwQCLYlcAwQAW9z0AwQCuRToMBQEAgACMA4DBQMq
BBYAAwUDKg6UwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA8g8wDQYJKoZIhvcN
AQELBQADggEBAFJV56/LsZxRqwj0oU0R+OjBL047x9rdS0Y3cXNvXf8oWtMDmiSi
l9mpokI6kTHRlQa3RZ7BbwPRSTtmYcjgBWblnHda5bmLVsq9Vs9DV3q9cSHd72Tv
J4NDFM/rQktAAYGWB9oL+GnnWgWIjot2FJ/AZa8fatXd/XrpGf1Uhf6Ljfok3UDy
KLwmnkBoYEb6HyhYxA/8y9wstjxT5rFtPF4NVUNDmmCjLVfesox6OAZpbug2fU80
UAHhLI5yF0tp04FQMifPO0QP5KqZHyi9WKm6lVK+imeoFgzUUYVw1ngmDT0VvOZb
IRFQNK5xix0J4Q25Uti3uIOzMk++cc7eNI4=
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:45:58 2025 by rpki-client