Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bWUK8XJES1IRanpn10qsffilXhw.cer
File: bWUK8XJES1IRanpn10qsffilXhw.cer (raw, json)
Hash identifier: m5TaL9GOfaNLqKSZtlQDdJGybVa/X3YPNeIJdi37kdo=
Subject key identifier: 6D:65:0A:F1:72:44:4B:52:11:6A:7A:67:D7:4A:AC:7D:F8:A5:5E:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194228D51ED8AE09D50DBCBA74BB1013A1C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/bWUK8XJES1IRanpn10qsffilXhw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 15:47:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 43129
IP: 2a0a:11c0::/29
IP: 2a0d:7a00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:51:ed:8a:e0:9d:50:db:cb:a7:4b:b1:01:3a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d650af172444b52116a7a67d74aac7df8a55e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:15:d4:2a:91:5c:8c:f5:3d:6c:e4:f7:85:
6f:2c:8d:41:aa:fe:05:34:71:e8:e7:42:7f:0f:4d:
ab:1b:45:8f:57:79:88:85:84:9f:d5:f8:94:14:60:
87:9f:6c:f2:6a:91:46:28:35:40:3a:dc:71:e1:74:
11:2b:6b:52:74:97:85:53:4e:db:88:7c:db:9d:ef:
02:0d:47:c0:13:fc:78:95:11:08:aa:26:7e:d7:a9:
71:cc:13:84:96:b3:e8:20:40:19:77:e1:78:b9:3d:
2c:13:7d:18:3c:ec:67:47:e0:dd:6f:29:d3:f9:f0:
f9:6d:52:2b:1a:41:bc:87:32:be:85:3d:65:f8:1a:
3d:10:7c:52:9a:0c:f9:a8:fe:87:a5:ac:fd:36:c0:
3b:b8:b9:4b:e5:1d:12:c5:36:01:e1:89:c3:a5:0f:
5c:a3:05:1b:5f:b0:a6:14:81:89:e2:8e:d8:ab:b4:
58:63:53:c4:bc:e0:96:78:2b:50:49:fd:42:36:a7:
cc:cc:fd:db:4d:88:67:f0:af:1b:a7:db:44:1d:c5:
67:bf:6c:90:5a:8b:ba:e4:a5:0e:d0:cd:4e:3c:93:
0f:2f:3d:00:60:1b:80:dd:e9:e5:7d:ce:f0:fd:e9:
9f:ca:22:17:ad:8d:c0:b9:74:77:b7:e3:49:04:02:
e2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:65:0A:F1:72:44:4B:52:11:6A:7A:67:D7:4A:AC:7D:F8:A5:5E:1C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/bWUK8XJES1IRanpn10qsffilXhw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:11c0::/29
2a0d:7a00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43129
Signature Algorithm: sha256WithRSAEncryption
2e:8a:ee:4d:d9:c4:1e:27:37:4c:e0:6a:10:a5:5b:a6:47:ad:
4d:8c:35:5a:02:ff:d6:11:9a:0f:30:ea:e5:d7:97:b0:02:a1:
58:7c:af:74:9c:86:b1:6d:0d:cb:81:af:b8:e5:f3:59:3b:1c:
33:fa:db:9e:6c:1d:ab:3b:22:eb:b1:f8:93:12:81:bd:09:f2:
68:a2:bc:7f:6d:91:d0:7d:2a:02:64:7f:df:d4:66:f2:88:de:
20:14:3d:c2:61:78:ac:34:34:bf:d7:08:cb:24:8b:ea:d0:6e:
d7:8e:66:a4:bf:4b:8b:8a:6f:82:b5:af:91:58:7f:ff:07:96:
d8:ab:2a:f6:cc:a1:dc:d8:66:83:06:96:08:c4:57:ea:39:61:
07:31:1e:47:06:fa:07:d8:49:33:d7:62:0a:29:b4:63:02:2d:
10:30:7d:5b:0f:40:de:72:90:3d:c2:9a:62:d1:2e:b0:cb:01:
a5:d1:73:f7:f0:16:b0:cb:46:8b:31:16:4f:23:1e:e1:76:c5:
a3:85:ae:90:a2:e4:05:83:4a:4a:c8:55:cd:73:bc:5a:7f:5c:
ba:fa:9d:15:df:87:ba:27:40:54:af:f2:72:51:a0:0a:c0:df:
dd:3c:79:83:e4:04:51:d5:df:08:13:8e:41:94:da:a1:23:1d:
64:b8:33:9e
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZQijVHtiuCdUNvLp0uxATocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDY1MGFmMTcyNDQ0YjUyMTE2YTdhNjdkNzRhYWM3ZGY4YTU1ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+AV1CqRXIz1PWzk94VvLI1Bqv4F
NHHo50J/D02rG0WPV3mIhYSf1fiUFGCHn2zyapFGKDVAOtxx4XQRK2tSdJeFU07b
iHzbne8CDUfAE/x4lREIqiZ+16lxzBOElrPoIEAZd+F4uT0sE30YPOxnR+DdbynT
+fD5bVIrGkG8hzK+hT1l+Bo9EHxSmgz5qP6Hpaz9NsA7uLlL5R0SxTYB4YnDpQ9c
owUbX7CmFIGJ4o7Yq7RYY1PEvOCWeCtQSf1CNqfMzP3bTYhn8K8bp9tEHcVnv2yQ
Wou65KUO0M1OPJMPLz0AYBuA3enlfc7w/emfyiIXrY3AuXR3t+NJBALi/wIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFG1lCvFyREtSEWp6Z9dKrH34pV4cMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIwL2I3Y2E4
OS03MGYyLTQwOGYtYTRlNC1iNGEwY2I4ZWQ4MjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYjdjYTg5
LTcwZjItNDA4Zi1hNGU0LWI0YTBjYjhlZDgyMS8xL2JXVUs4WEpFUzFJUmFucG4x
MHFzZmZpbFhody5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF
BwEHAQH/BBgwFjAUBAIAAjAOAwUDKgoRwAMFAyoNegAwGgYIKwYBBQUHAQgBAf8E
CzAJoAcwBQIDAKh5MA0GCSqGSIb3DQEBCwUAA4IBAQAuiu5N2cQeJzdM4GoQpVum
R61NjDVaAv/WEZoPMOrl15ewAqFYfK90nIaxbQ3Lga+45fNZOxwz+tuebB2rOyLr
sfiTEoG9CfJoorx/bZHQfSoCZH/f1GbyiN4gFD3CYXisNDS/1wjLJIvq0G7Xjmak
v0uLim+Cta+RWH//B5bYqyr2zKHc2GaDBpYIxFfqOWEHMR5HBvoH2Ekz12IKKbRj
Ai0QMH1bD0DecpA9wppi0S6wywGl0XP38Bawy0aLMRZPIx7hdsWjha6QouQFg0pK
yFXNc7xaf1y6+p0V34e6J0BUr/JyUaAKwN/dPHmD5ARR1d8IE45BlNqhIx1kuDOe
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:50:23 2025 by rpki-client