Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
File: cfxj7vZnTya1A6gwpd-pU9L_qr4.cer (raw, json)
Hash identifier: 6rSfpfZD/oPWJJUnh8HP3qidgsLM2384+l3qrYeVs04=
Subject key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194266BD90F46CBE2A6D45729CDC79D8481
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:49:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 59536
AS: 209065
IP: 213.178.156.0/22
IP: 2a0e:7e00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d9:0f:46:cb:e2:a6:d4:57:29:cd:c7:9d:84:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:10:db:d2:86:e3:9f:91:0a:a2:67:ef:3d:
ee:72:f7:de:2c:6e:94:42:70:49:04:49:3a:a8:50:
81:c8:b5:65:be:5b:52:54:3c:07:4a:8d:20:15:5a:
63:89:72:b3:d7:01:16:95:d3:e0:df:a7:54:96:16:
65:06:73:18:15:12:ab:3b:c6:70:dd:7a:08:f4:88:
ac:76:e5:c6:5e:d5:df:01:91:8a:16:30:38:68:b3:
cf:e8:5c:21:c7:f0:a8:82:75:b5:c4:b7:cb:06:56:
4c:cf:4d:de:c9:e6:13:5d:6f:58:cc:d9:4f:a0:f3:
12:dd:e2:64:71:dd:bd:41:cc:ea:79:66:2c:e1:c4:
bd:f3:51:e4:d7:cb:78:0d:75:cf:c7:81:4f:71:aa:
c1:6f:4b:f2:9e:aa:b0:93:9d:09:d9:d7:1a:1a:24:
60:cc:ad:73:19:bc:23:59:95:34:38:ef:43:50:6b:
e2:51:a0:55:71:ba:09:3f:7e:62:af:e9:36:ed:2c:
8e:cf:52:e5:a9:b3:0f:2a:c7:a3:fb:73:61:e8:73:
de:c9:62:a1:d6:d5:8f:e1:87:71:7d:a3:79:0b:b2:
5a:01:07:41:fb:55:56:8b:7d:41:c9:6d:85:2a:73:
86:ae:37:9b:1c:d3:b2:63:52:1a:e4:51:24:88:b1:
62:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.178.156.0/22
IPv6:
2a0e:7e00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59536
209065
Signature Algorithm: sha256WithRSAEncryption
8f:e2:83:2c:03:8b:1a:f3:c2:50:9a:69:24:19:a3:47:39:6d:
9b:06:74:c7:b7:be:fb:ae:1f:54:eb:db:6f:35:5a:f1:99:c4:
05:c0:b1:e7:5c:2f:ed:6a:89:46:9d:32:a8:3d:c3:b9:78:c9:
ef:c5:95:35:60:8c:fb:0f:1e:87:8c:96:ba:2c:ec:69:26:40:
76:74:3e:99:53:81:bb:ba:7e:67:2a:fa:9f:31:5b:6e:2c:d1:
ed:14:80:2a:66:c4:22:fe:18:64:cd:18:45:73:6a:08:44:cb:
46:69:0e:e6:4b:b2:3b:a4:a3:a4:ac:f2:39:3f:bb:b7:89:18:
c6:48:a8:61:4a:e6:bc:17:6f:fb:13:9e:27:a0:72:a4:e8:fc:
f2:47:85:e2:91:0e:24:f7:ad:16:0e:9b:20:01:9e:8c:06:be:
03:a2:5b:30:04:c5:68:21:b7:45:3e:63:fa:08:e4:e5:6f:89:
fb:76:48:e5:7d:ff:3a:94:cc:0a:a5:a9:05:7f:a7:8d:63:e8:
2a:49:52:08:54:3c:6d:4d:66:92:b2:f2:02:c3:a5:93:0b:1f:
fb:e3:cf:13:a9:f7:89:33:c1:47:c2:29:c6:3c:5c:cd:76:66:
0d:c4:0b:f1:a1:28:d0:39:34:82:09:bf:66:30:5d:06:c4:84:
a8:83:39:40
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQma9kPRsviptRXKc3HnYSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZjNjNlZWY2Njc0ZjI2YjUwM2E4MzBhNWRmYTk1M2QyZmZhYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshIQ29KG45+RCqJn7z3ucvfeLG6U
QnBJBEk6qFCByLVlvltSVDwHSo0gFVpjiXKz1wEWldPg36dUlhZlBnMYFRKrO8Zw
3XoI9IisduXGXtXfAZGKFjA4aLPP6Fwhx/CognW1xLfLBlZMz03eyeYTXW9YzNlP
oPMS3eJkcd29QczqeWYs4cS981Hk18t4DXXPx4FPcarBb0vynqqwk50J2dcaGiRg
zK1zGbwjWZU0OO9DUGviUaBVcboJP35ir+k27SyOz1LlqbMPKsej+3Nh6HPeyWKh
1tWP4YdxfaN5C7JaAQdB+1VWi31ByW2FKnOGrjebHNOyY1Ia5FEkiLFiaQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFHH8Y+72Z08mtQOoMKXfqVPS/6q+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5L2Y4MDEw
ZS02YTNmLTRmZjAtOTVlNy1kNDE4MjQ4ZTU3MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvZjgwMTBl
LTZhM2YtNGZmMC05NWU3LWQ0MTgyNDhlNTcyOC8xL2NmeGo3dlpuVHlhMUE2Z3dw
ZC1wVTlMX3FyNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQC1bKcMA0EAgACMAcDBQMqDn4AMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwDokAIDAzCpMA0GCSqGSIb3DQEBCwUAA4IBAQCP4oMs
A4sa88JQmmkkGaNHOW2bBnTHt777rh9U69tvNVrxmcQFwLHnXC/taolGnTKoPcO5
eMnvxZU1YIz7Dx6HjJa6LOxpJkB2dD6ZU4G7un5nKvqfMVtuLNHtFIAqZsQi/hhk
zRhFc2oIRMtGaQ7mS7I7pKOkrPI5P7u3iRjGSKhhSua8F2/7E54noHKk6PzyR4Xi
kQ4k960WDpsgAZ6MBr4DolswBMVoIbdFPmP6COTlb4n7dkjlff86lMwKpakFf6eN
Y+gqSVIIVDxtTWaSsvICw6WTCx/7488TqfeJM8FHwinGPFzNdmYNxAvxoSjQOTSC
Cb9mMF0GxISogzlA
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:59:41 2025 by rpki-client