Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
File: ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer (raw, json)
Hash identifier: QviJQUGnGTgO3TyvesJA65hwfN1uhr2nEGC7oSCHEVs=
Subject key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221F723BCAD55F14946A950CD73D0244
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:47:53 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 57293
IP: 5.197.0.0/16
IP: 149.255.144.0/20
IP: 185.146.112.0/22
IP: 2a0b:f9c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:72:3b:ca:d5:5f:14:94:6a:95:0c:d7:3d:02:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:39:42:e4:e1:5e:dd:cb:09:bd:80:ae:2a:35:
37:35:85:87:5c:cc:e9:3c:22:5a:c3:46:9e:9f:70:
00:1c:1d:b2:99:05:d7:24:71:76:8b:a6:c9:05:39:
15:2b:e6:0f:a1:d3:e1:57:cf:9e:b1:9a:f3:b1:87:
d3:23:84:3c:02:5c:c6:c6:98:f0:1e:84:64:ee:34:
77:97:f6:8b:9b:02:b3:db:83:08:11:09:ea:01:16:
a7:5f:0b:4b:95:5d:80:9e:0b:ea:fd:b7:90:21:1b:
2a:11:8c:94:eb:39:50:d7:26:e9:71:6e:a1:28:e7:
40:6c:b0:5b:fa:10:94:da:4c:a1:20:ac:53:22:18:
ec:88:cd:26:33:75:5d:63:71:a0:30:40:3a:33:98:
b1:e2:bb:6a:30:cb:90:30:32:41:97:1b:0c:dd:be:
90:8e:2c:98:60:3c:c3:99:61:ce:b3:51:bc:0f:d2:
50:1d:9f:db:81:47:61:1b:87:a0:83:55:14:1f:0d:
0c:fc:14:1d:1d:49:c5:71:0c:c9:be:5a:2f:db:3e:
e9:35:a0:0c:84:17:b0:a9:c3:37:cf:89:6a:fb:44:
58:7f:fa:c1:56:57:b2:da:91:82:c7:88:6d:c7:25:
f3:b5:cc:45:05:91:77:7d:aa:51:6f:d9:29:ee:4c:
d7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.197.0.0/16
149.255.144.0/20
185.146.112.0/22
IPv6:
2a0b:f9c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57293
Signature Algorithm: sha256WithRSAEncryption
a3:9b:23:33:97:51:9e:5d:0c:ca:8c:15:0d:68:13:19:70:ee:
30:11:13:ff:dc:75:7e:21:6b:fb:ec:bb:60:98:75:0f:bf:e9:
58:72:08:5d:e7:c9:82:5d:e2:82:dc:19:9c:0b:e9:25:e5:62:
67:b1:a4:1c:52:2f:c7:dd:5b:91:2e:03:69:7b:62:db:40:c1:
92:2d:b0:f5:9d:2f:8d:6a:e0:3b:bc:f3:3b:13:d3:fb:00:17:
1b:aa:b7:9a:a0:d2:e1:80:5d:c7:33:31:7e:98:f4:6e:13:a9:
63:a8:03:6d:7e:dc:96:1d:bb:06:8f:25:5a:c2:0a:fc:d9:90:
42:0e:01:0e:45:f3:8a:fb:67:4b:e4:b0:9b:51:31:97:1c:e9:
79:57:0f:31:6e:f9:b6:62:cf:3f:ea:2f:b0:30:ad:fd:48:44:
80:07:cc:d1:17:e9:48:ec:79:43:64:70:88:9e:09:ff:5a:80:
52:34:5e:23:e5:84:6e:ce:88:c3:2e:0b:37:25:0e:6e:54:6b:
68:95:59:00:81:53:fe:f0:6e:13:ea:12:78:ae:d4:bd:87:3b:
3a:a8:02:81:97:82:da:08:95:5f:99:7f:f7:24:ee:a1:48:7a:
80:5c:08:f6:4d:18:ae:52:d2:0c:3e:7e:e4:47:29:b3:6b:d6:
51:1b:50:f0
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZQiH3I7ytVfFJRqlQzXPQJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIwODE4YjE4NmIwYjljYjA5YWY1NDIwZDFlNWFlMzM0ZmUzOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jlC5OFe3csJvYCuKjU3NYWHXMzp
PCJaw0aen3AAHB2ymQXXJHF2i6bJBTkVK+YPodPhV8+esZrzsYfTI4Q8AlzGxpjw
HoRk7jR3l/aLmwKz24MIEQnqARanXwtLlV2Angvq/beQIRsqEYyU6zlQ1ybpcW6h
KOdAbLBb+hCU2kyhIKxTIhjsiM0mM3VdY3GgMEA6M5ix4rtqMMuQMDJBlxsM3b6Q
jiyYYDzDmWHOs1G8D9JQHZ/bgUdhG4egg1UUHw0M/BQdHUnFcQzJvlov2z7pNaAM
hBewqcM3z4lq+0RYf/rBVley2pGCx4htxyXztcxFBZF3fapRb9kp7kzX+QIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFGsggYsYawucsJr1Qg0eWuM0/jl0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlhLzAyZjk1
ZS01ZmU1LTRjOWEtODRkNy1lNWM5YzJlOGU5YmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvMDJmOTVl
LTVmZTUtNGM5YS04NGQ3LWU1YzljMmU4ZTliZi8xL2F5Q0JpeGhyQzV5d212VkNE
UjVhNHpULU9YUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUF
BwEHAQH/BCowKDAXBAIAATARAwMABcUDBASV/5ADBAK5knAwDQQCAAIwBwMFAyoL
+cAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAN/NMA0GCSqGSIb3DQEBCwUAA4IB
AQCjmyMzl1GeXQzKjBUNaBMZcO4wERP/3HV+IWv77LtgmHUPv+lYcghd58mCXeKC
3BmcC+kl5WJnsaQcUi/H3VuRLgNpe2LbQMGSLbD1nS+NauA7vPM7E9P7ABcbqrea
oNLhgF3HMzF+mPRuE6ljqANtftyWHbsGjyVawgr82ZBCDgEORfOK+2dL5LCbUTGX
HOl5Vw8xbvm2Ys8/6i+wMK39SESAB8zRF+lI7HlDZHCIngn/WoBSNF4j5YRuzojD
Lgs3JQ5uVGtolVkAgVP+8G4T6hJ4rtS9hzs6qAKBl4LaCJVfmX/3JO6hSHqAXAj2
TRiuUtIMPn7kRymza9ZRG1Dw
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:57:04 2025 by rpki-client