Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/avtfHyEUagk_P9rQxr_3V3avN8Y.cer
File: avtfHyEUagk_P9rQxr_3V3avN8Y.cer (raw, json)
Hash identifier: 7CAkXkkrRh2fVlegygHzOBrWuxduFMrv/JhhU5CyXAc=
Subject key identifier: 6A:FB:5F:1F:21:14:6A:09:3F:3F:DA:D0:C6:BF:F7:57:76:AF:37:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D949E0F9B9FF62BF1C6C6B4C575C38
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/avtfHyEUagk_P9rQxr_3V3avN8Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:21 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 202034
IP: 185.222.204.0/22
IP: 2a0c:e800::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:49:e0:f9:b9:ff:62:bf:1c:6c:6b:4c:57:5c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6afb5f1f21146a093f3fdad0c6bff75776af37c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ec:a7:c0:0d:64:68:c5:d1:1f:e3:da:34:ad:
91:3c:5a:f2:15:f8:07:6d:d4:3e:88:a0:b1:d3:3f:
37:7b:b7:29:16:78:73:45:e9:cf:b2:b0:5a:c7:fa:
d2:c0:3a:46:ba:9b:78:af:85:e9:a7:2a:fa:8b:ca:
ec:98:2b:e7:48:13:a3:f5:26:2b:a5:a7:77:e9:c7:
36:a1:72:10:6c:0c:be:dc:b1:e6:95:46:63:e2:5e:
d6:a4:72:71:a4:7c:a3:e4:8c:e3:e0:34:55:b8:93:
d5:b1:44:72:4f:fc:e1:a2:3b:4c:c9:b1:d5:d8:cb:
6a:11:be:4a:27:53:eb:b3:b5:b5:90:2e:4b:fb:94:
35:3b:2e:b0:aa:80:a3:e1:28:d3:14:8f:88:f9:5d:
fe:df:9f:a0:7b:84:0b:f1:91:5f:df:ee:be:53:ec:
82:ef:7f:42:5d:17:3e:2e:7f:22:24:a4:ca:7e:f9:
48:77:30:26:6a:57:95:16:e9:22:88:d9:cc:64:2f:
e1:9b:4a:c9:9f:fe:a3:bd:47:22:4d:eb:a1:dc:c8:
3f:38:40:59:bf:8a:b7:0d:02:d0:6c:4c:14:34:6d:
3c:1d:fa:ca:ee:d5:ce:7b:0d:38:10:38:97:21:2d:
24:16:de:52:c5:65:a9:83:e6:30:ae:11:a4:ed:b9:
56:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FB:5F:1F:21:14:6A:09:3F:3F:DA:D0:C6:BF:F7:57:76:AF:37:C6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/avtfHyEUagk_P9rQxr_3V3avN8Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.204.0/22
IPv6:
2a0c:e800::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202034
Signature Algorithm: sha256WithRSAEncryption
45:1c:4d:6a:d4:e8:c4:9a:34:70:53:04:ad:b3:c7:71:18:f2:
fa:d2:87:9d:e5:ba:19:66:30:18:ec:3d:59:9f:4a:3a:b4:52:
85:bc:a4:7d:84:87:2d:65:51:b6:43:bd:67:2f:c7:48:f3:ed:
e7:67:98:58:ff:96:d3:54:ae:14:0c:f3:f6:66:67:27:12:28:
0e:82:7b:53:24:13:c0:8b:27:3d:4b:a5:b8:35:e1:fb:7a:48:
86:cb:a2:38:48:73:cc:bf:de:98:92:af:f9:08:22:8a:19:54:
ed:35:b8:56:e8:bb:6e:53:0b:31:f5:fb:df:d8:15:b1:de:6e:
07:06:b2:0b:f2:a1:0b:4c:d6:b6:cb:24:21:55:7e:ff:75:34:
66:52:58:31:10:00:fb:9e:93:51:24:6c:87:01:d0:87:3a:65:
54:e3:e3:17:85:a9:94:ff:7e:f1:19:44:e8:45:7e:d0:45:77:
84:83:f7:0d:14:f6:9d:71:2e:4b:7a:0c:17:0e:25:77:9d:db:
de:df:dc:ff:b4:ea:79:1e:2a:a4:e4:87:10:2d:35:e9:d8:70:
fc:cd:3d:33:75:8e:f8:49:88:01:a8:8c:7e:9e:d3:3a:ff:12:
a0:23:18:fa:58:ad:9a:b1:0d:86:a3:a3:aa:b7:0d:44:9d:c1:
b3:31:f8:1d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQm2Ung+bn/Yr8cbGtMV1w4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZiNWYxZjIxMTQ2YTA5M2YzZmRhZDBjNmJmZjc1Nzc2YWYzN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuynwA1kaMXRH+PaNK2RPFryFfgH
bdQ+iKCx0z83e7cpFnhzRenPsrBax/rSwDpGupt4r4Xppyr6i8rsmCvnSBOj9SYr
pad36cc2oXIQbAy+3LHmlUZj4l7WpHJxpHyj5Izj4DRVuJPVsURyT/zhojtMybHV
2MtqEb5KJ1Prs7W1kC5L+5Q1Oy6wqoCj4SjTFI+I+V3+35+ge4QL8ZFf3+6+U+yC
739CXRc+Ln8iJKTKfvlIdzAmaleVFukiiNnMZC/hm0rJn/6jvUciTeuh3Mg/OEBZ
v4q3DQLQbEwUNG08HfrK7tXOew04EDiXIS0kFt5SxWWpg+YwrhGk7blWawIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGr7Xx8hFGoJPz/a0Ma/91d2rzfGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2UzYzBj
MC0yMzgzLTQ4ZDUtODYxOC1mOThiOWQyMjdhOTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvZTNjMGMw
LTIzODMtNDhkNS04NjE4LWY5OGI5ZDIyN2E5NC8xL2F2dGZIeUVVYWdrX1A5clF4
cl8zVjNhdk44WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCud7MMA0EAgACMAcDBQMqDOgAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMVMjANBgkqhkiG9w0BAQsFAAOCAQEARRxNatToxJo0
cFMErbPHcRjy+tKHneW6GWYwGOw9WZ9KOrRShbykfYSHLWVRtkO9Zy/HSPPt52eY
WP+W01SuFAzz9mZnJxIoDoJ7UyQTwIsnPUuluDXh+3pIhsuiOEhzzL/emJKv+Qgi
ihlU7TW4Vui7blMLMfX739gVsd5uBwayC/KhC0zWtsskIVV+/3U0ZlJYMRAA+56T
USRshwHQhzplVOPjF4WplP9+8RlE6EV+0EV3hIP3DRT2nXEuS3oMFw4ld53b3t/c
/7TqeR4qpOSHEC016dhw/M09M3WO+EmIAaiMfp7TOv8SoCMY+litmrENhqOjqrcN
RJ3BszH4HQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:00:17 2025 by rpki-client