Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
File: bds4s0PaLRGTCe2qGceniHAyfr4.cer (raw, json)
Hash identifier: 8tgU1inbBAtmWNKT6K9vkPn4w1Ok3sebiD3qCrOF5+4=
Subject key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194CAC97FF3846B82FC707003E71DE4C56E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 03 Feb 2025 07:49:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 198357
IP: 5.159.48.0/21
IP: 45.94.212.0/22
IP: 89.44.240.0/22
IP: 89.46.216.0/22
IP: 109.122.240.0/20
IP: 185.3.200.0/22
IP: 185.239.0.0/22
IP: 188.212.96.0/22
IP: 188.240.196.0/24
IP: 188.240.212.0/24
IP: 2a02:6040::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 18:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:c9:7f:f3:84:6b:82:fc:70:70:03:e7:1d:e4:c5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 3 07:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:6d:8e:38:a0:62:a0:a3:4d:94:85:4c:65:
88:33:39:fc:1d:06:f0:ab:20:d1:5d:6d:b4:58:74:
fa:86:40:63:07:8b:cd:18:61:35:1c:ab:bc:69:8d:
79:04:18:13:79:43:13:e2:9c:62:d8:35:88:93:82:
a5:53:7e:f6:49:42:87:a2:af:f3:a2:11:5e:2e:7d:
9f:03:9f:77:95:3d:96:98:44:8c:42:96:d1:82:a7:
87:2f:88:ec:cf:0b:e6:9b:3d:1f:b9:02:cf:a5:68:
9a:b7:e5:9a:e2:a6:2b:a4:db:55:28:2a:02:66:8e:
1d:9a:b9:2a:63:b1:6b:07:31:fe:e1:40:67:2d:09:
84:3b:81:14:00:68:5d:c9:bd:64:dc:31:54:fe:b4:
2f:dc:ce:71:03:25:45:a6:c7:4f:43:47:79:ea:e0:
72:8a:bd:42:47:3f:13:d7:1a:06:7e:0b:f1:a7:a6:
d8:13:e9:3a:e1:e2:31:a8:04:1a:34:65:e4:15:eb:
3c:36:e2:a5:f2:ee:17:89:30:6d:8e:bc:01:11:83:
65:2b:1d:8e:0d:07:2e:8b:36:0e:1d:1b:a4:45:7e:
00:75:e2:24:c4:1b:08:91:f5:6b:45:e2:89:18:28:
9e:47:a9:f3:98:10:c5:d5:af:26:a2:a9:c4:26:32:
3b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.48.0/21
45.94.212.0/22
89.44.240.0/22
89.46.216.0/22
109.122.240.0/20
185.3.200.0/22
185.239.0.0/22
188.212.96.0/22
188.240.196.0/24
188.240.212.0/24
IPv6:
2a02:6040::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198357
Signature Algorithm: sha256WithRSAEncryption
05:ac:41:71:a1:62:c5:4e:97:2a:61:e3:6e:30:fb:d6:0c:65:
11:18:4a:1b:ac:83:05:b1:ba:d9:d6:66:fd:bc:a4:e2:64:bb:
5d:b2:e3:84:52:ae:d3:a2:e2:6d:79:a2:19:d3:b8:50:92:45:
dd:e7:98:a8:cc:c3:2b:8f:be:8f:f4:15:5a:3b:8c:d8:7b:ac:
3b:a8:d7:7a:6b:ef:87:05:ca:0d:f7:e6:ae:6b:7f:97:f4:28:
cc:c3:23:fc:d7:b5:44:5f:83:96:07:e3:41:bd:a2:10:ec:7d:
10:59:07:f7:bf:8b:65:ea:25:ca:dc:ac:ad:07:59:98:54:c8:
c6:7a:f3:34:a5:bf:d3:2c:74:e0:a8:e3:80:d7:ee:f6:a4:36:
2a:96:de:b4:fc:c0:98:2b:5d:0e:f9:57:d4:4c:4c:0d:dc:22:
45:46:3c:02:df:fa:18:bd:81:48:28:9c:66:5c:88:a7:e2:0a:
1e:dc:1a:99:6b:c4:c4:0c:1f:9a:c5:37:5f:26:02:cb:62:0f:
83:32:d5:6c:37:78:9c:5d:48:9e:9d:0b:16:d4:ed:25:3c:8c:
57:cd:2f:f0:3f:4f:a1:c1:19:de:6e:e9:3b:d6:78:7d:c3:b6:
21:6a:1d:6f:a8:34:84:c0:fd:0f:0d:97:30:90:94:ef:76:66:
87:9a:37:fb
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAZTKyX/zhGuC/HBwA+cd5MVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMjAzMDc0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRiMzhiMzQzZGEyZDExOTMwOWVkYWExOWM3YTc4ODcwMzI3ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGFtjjigYqCjTZSFTGWIMzn8HQbw
qyDRXW20WHT6hkBjB4vNGGE1HKu8aY15BBgTeUMT4pxi2DWIk4KlU372SUKHoq/z
ohFeLn2fA593lT2WmESMQpbRgqeHL4jszwvmmz0fuQLPpWiat+Wa4qYrpNtVKCoC
Zo4dmrkqY7FrBzH+4UBnLQmEO4EUAGhdyb1k3DFU/rQv3M5xAyVFpsdPQ0d56uBy
ir1CRz8T1xoGfgvxp6bYE+k64eIxqAQaNGXkFes8NuKl8u4XiTBtjrwBEYNlKx2O
DQcuizYOHRukRX4AdeIkxBsIkfVrReKJGCieR6nzmBDF1a8moqnEJjI7awIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFG3bOLND2i0RkwntqhnHp4hwMn6+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUyL2M5NjFh
MC00ZjUzLTQyMmEtYjdkZC0zZGZhNTEwZDZiMTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIvYzk2MWEw
LTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8xL2JkczRzMFBhTFJHVENlMnFH
Y2VuaUhBeWZyNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGCCsGAQUF
BwEHAQH/BFUwUzBCBAIAATA8AwQDBZ8wAwQCLV7UAwQCWSzwAwQCWS7YAwQEbXrw
AwQCuQPIAwQCue8AAwQCvNRgAwQAvPDEAwQAvPDUMA0EAgACMAcDBQAqAmBAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMG1TANBgkqhkiG9w0BAQsFAAOCAQEABaxB
caFixU6XKmHjbjD71gxlERhKG6yDBbG62dZm/byk4mS7XbLjhFKu06LibXmiGdO4
UJJF3eeYqMzDK4++j/QVWjuM2HusO6jXemvvhwXKDffmrmt/l/QozMMj/Ne1RF+D
lgfjQb2iEOx9EFkH97+LZeolytysrQdZmFTIxnrzNKW/0yx04KjjgNfu9qQ2Kpbe
tPzAmCtdDvlX1ExMDdwiRUY8At/6GL2BSCicZlyIp+IKHtwamWvExAwfmsU3XyYC
y2IPgzLVbDd4nF1Inp0LFtTtJTyMV80v8D9PocEZ3m7pO9Z4fcO2IWodb6g0hMD9
Dw2XMJCU73Zmh5o3+w==
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:18:54 2025 by rpki-client