Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
File: bW-_qXU9uNhGQz21NR2ansB8lr0.cer (raw, json)
Hash identifier: EIi9AMRdbOw6/ojQK4q4v4Vph87PRYpIneuJHDtLiUU=
Subject key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F3FEAA9A25F5C4FDF4449D047FAEA5B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
caRepository: rsync://ca.rg.net/rpki/RGnet-OU/
Notify URL: https://ca.rg.net/rrdp/notify.xml
Certificate not before: Wed 01 Jan 2025 00:24:30 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 3130
AS: 3927
AS: 3970
AS: 4128
IP: 45.132.188.0/22
IP: 147.28.0.0/20
IP: 192.83.230.0/24
IP: 198.133.206.0/24
IP: 198.180.150.0 -- 198.180.153.255
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:3f:ea:a9:a2:5f:5c:4f:df:44:49:d0:47:fa:ea:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:24:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:13:f3:7a:84:e2:22:56:f9:b4:8c:cc:c2:7a:
4d:35:5a:9d:ef:29:11:b9:23:38:b9:7b:9d:9a:ca:
6c:bf:83:e9:17:f5:68:53:d6:49:8e:aa:28:6b:fe:
0f:a1:ca:5b:67:9d:92:bb:51:8d:9e:09:d1:ec:2d:
2e:37:f6:34:a0:f3:a3:d2:a8:57:18:75:ea:81:74:
37:8b:02:0d:67:aa:71:13:8f:a1:65:59:47:15:24:
ad:13:be:9e:7e:75:2a:46:9d:50:e5:35:b8:b8:33:
da:70:c1:ad:81:37:f5:95:c2:7a:af:be:bb:bb:e6:
59:e8:c3:55:15:15:ba:4e:96:4d:69:76:80:57:cf:
c1:03:54:46:60:81:a0:f4:f6:1f:80:9a:84:a9:27:
62:a8:ba:17:67:42:f2:04:c8:75:70:57:48:e6:a0:
dd:58:55:ae:c5:40:c8:9a:b1:5d:78:7b:8b:d8:8e:
8e:c5:3d:fa:e7:a8:4f:82:8a:0d:56:4e:ce:f3:a5:
20:24:75:1d:47:2f:0a:35:14:ec:eb:e9:ff:24:e2:
40:a4:2e:df:fe:5e:9b:fd:99:e1:51:f0:1e:8f:cd:
7e:1f:73:a1:e7:48:2d:9c:ae:55:ac:5c:7b:77:6d:
f7:88:fd:11:a8:b2:6e:20:20:1d:ee:b7:36:4d:85:
4e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://ca.rg.net/rpki/RGnet-OU/
RPKI Manifest - URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.188.0/22
147.28.0.0/20
192.83.230.0/24
198.133.206.0/24
198.180.150.0-198.180.153.255
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3130
3927
3970
4128
Signature Algorithm: sha256WithRSAEncryption
4d:6e:5f:80:b7:23:6a:f1:c8:00:46:f8:4f:10:1f:45:c1:f6:
9f:cc:2b:d7:7a:04:e1:36:e3:43:76:f5:d4:cd:03:08:b0:c1:
88:19:02:0b:ef:57:22:b0:33:7c:fb:37:26:3e:5f:fb:3e:86:
08:bb:a3:f0:5f:bd:8a:11:9f:89:33:e8:fc:b6:01:5d:81:78:
19:7b:f3:10:2b:2e:b5:05:22:5b:57:40:26:a8:6c:b5:36:93:
f0:87:9c:f2:f3:e8:0a:f6:d4:3e:9f:bb:7e:c5:12:e6:5b:d9:
c2:6c:7a:25:57:71:43:03:d9:bf:c1:52:81:f7:2e:8b:fb:93:
bd:22:b1:30:df:f6:17:41:1a:05:95:7e:51:09:fd:b4:e4:3a:
08:0d:dc:93:3d:97:ad:89:5f:73:7c:a5:db:49:13:b0:4c:de:
a2:a5:d5:69:fd:4a:f9:37:1e:7f:3f:c1:ab:32:4b:b3:b1:1d:
25:01:09:43:09:3d:23:0f:b8:93:8a:1b:41:55:2f:88:5b:8a:
7a:df:2b:40:ed:d1:bf:4b:05:d9:a8:fc:b1:dd:cb:8f:6f:2c:
a5:c8:a2:83:cd:17:10:88:55:2d:17:86:80:d5:d3:4a:c3:fe:
74:cc:6b:a1:03:d7:3f:e6:09:74:1d:56:44:d8:20:69:9f:34:
eb:ac:71:49
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZQfP+qpol9cT99ESdBH+upbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDAyNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZmYmZhOTc1M2RiOGQ4NDY0MzNkYjUzNTFkOWE5ZWMwN2M5NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BPzeoTiIlb5tIzMwnpNNVqd7ykR
uSM4uXudmspsv4PpF/VoU9ZJjqooa/4PocpbZ52Su1GNngnR7C0uN/Y0oPOj0qhX
GHXqgXQ3iwINZ6pxE4+hZVlHFSStE76efnUqRp1Q5TW4uDPacMGtgTf1lcJ6r767
u+ZZ6MNVFRW6TpZNaXaAV8/BA1RGYIGg9PYfgJqEqSdiqLoXZ0LyBMh1cFdI5qDd
WFWuxUDImrFdeHuL2I6OxT3656hPgooNVk7O86UgJHUdRy8KNRTs6+n/JOJApC7f
/l6b/ZnhUfAej81+H3Oh50gtnK5VrFx7d233iP0RqLJuICAd7rc2TYVOlwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFG1vv6l1PbjYRkM9tTUdmp7AfJa9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgboGCCsGAQUFBwELBIGtMIGqMCwGCCsGAQUFBzAFhiByc3lu
YzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VLzBLBggrBgEFBQcwCoY/cnN5bmM6
Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVOaEdRejIxTlIyYW5z
QjhscjAubWZ0MC0GCCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25v
dGlmeS54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsu
Y3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAu
MCwEAgABMCYDBAIthLwDBASTHAADBADAU+YDBADGhc4wDAMEAca0lgMEAca0mDAl
BggrBgEFBQcBCAEB/wQWMBSgEjAQAgIMOgICD1cCAg+CAgIQIDANBgkqhkiG9w0B
AQsFAAOCAQEATW5fgLcjavHIAEb4TxAfRcH2n8wr13oE4TbjQ3b11M0DCLDBiBkC
C+9XIrAzfPs3Jj5f+z6GCLuj8F+9ihGfiTPo/LYBXYF4GXvzECsutQUiW1dAJqhs
tTaT8Iec8vPoCvbUPp+7fsUS5lvZwmx6JVdxQwPZv8FSgfcui/uTvSKxMN/2F0Ea
BZV+UQn9tOQ6CA3ckz2XrYlfc3yl20kTsEzeoqXVaf1K+Tcefz/BqzJLs7EdJQEJ
Qwk9Iw+4k4obQVUviFuKet8rQO3Rv0sF2aj8sd3Lj28spciig80XEIhVLReGgNXT
SsP+dMxroQPXP+YJdB1WRNggaZ8066xxSQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:34:41 2025 by rpki-client