Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/erqgtAKPBzwFZKZYtPuIhsvI0-s.cer
File: erqgtAKPBzwFZKZYtPuIhsvI0-s.cer (raw, json)
Hash identifier: ft6FLkZGSvp4a9W/ixID0VU7dnJjJzker+u3Sbf1HBE=
Subject key identifier: 7A:BA:A0:B4:02:8F:07:3C:05:64:A6:58:B4:FB:88:86:CB:C8:D3:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194B2B32AE1CBB281A475A72593ACB401C3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/6df7ec-2afe-4532-b40a-baedc79ae7e1/1/erqgtAKPBzwFZKZYtPuIhsvI0-s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/6df7ec-2afe-4532-b40a-baedc79ae7e1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 29 Jan 2025 15:34:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 213508
IP: 94.231.220.0/24
IP: 2a14:db00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:b3:2a:e1:cb:b2:81:a4:75:a7:25:93:ac:b4:01:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 29 15:34:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7abaa0b4028f073c0564a658b4fb8886cbc8d3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5a:14:05:e5:dc:d6:da:9d:40:a1:f2:91:5b:
2b:52:00:7e:a3:d2:0d:bd:24:bb:56:31:ff:64:6b:
ed:22:a1:3d:30:78:f2:60:49:e3:fc:ef:6d:1c:68:
76:13:23:c4:9c:7a:76:97:7b:de:2f:af:1e:69:ee:
94:86:7d:e5:ca:0f:63:0a:b5:48:b9:5a:88:04:d9:
71:0f:eb:4d:8f:5c:45:8c:61:87:3a:b4:cf:c0:9a:
b8:6f:63:33:97:fe:0c:5c:86:67:c4:89:2b:17:57:
3e:2a:f2:68:d3:07:ae:48:52:f2:23:2f:37:29:fe:
8b:9f:0f:a2:cf:7d:6d:6d:70:65:e8:50:66:ac:40:
76:00:62:50:74:24:83:fc:ca:93:24:a8:40:9b:42:
95:eb:56:00:a6:49:69:c1:a9:96:4a:14:99:4e:09:
d5:f1:73:1b:1c:f7:7d:01:d5:c1:ee:b8:e8:1d:5d:
f4:9a:49:08:4f:94:fb:12:9f:ed:01:d6:a0:8c:68:
d1:22:b6:dc:26:b2:12:0f:58:e4:1d:00:ef:3e:8a:
7c:b8:1f:33:15:ea:33:9c:a3:0d:44:fe:aa:b8:f4:
5f:30:ec:66:8e:35:34:0f:27:0c:f5:33:d8:ce:6d:
a9:32:af:f2:eb:bb:59:4a:e0:42:66:9c:a2:95:81:
4d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BA:A0:B4:02:8F:07:3C:05:64:A6:58:B4:FB:88:86:CB:C8:D3:EB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6df7ec-2afe-4532-b40a-baedc79ae7e1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6df7ec-2afe-4532-b40a-baedc79ae7e1/1/erqgtAKPBzwFZKZYtPuIhsvI0-s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.220.0/24
IPv6:
2a14:db00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213508
Signature Algorithm: sha256WithRSAEncryption
87:6b:93:6e:b7:e1:e0:aa:65:fa:b9:4b:50:8d:09:94:f4:5d:
64:55:a8:96:c7:1c:f0:12:f4:1a:8c:1b:8d:51:d3:a3:40:5f:
60:6f:56:87:56:5e:a7:a7:62:84:cc:32:e6:1b:7d:e6:6f:46:
3b:a7:c9:1e:8d:4e:a5:ad:d3:43:50:ee:32:50:e8:5c:57:3c:
e8:15:3d:79:2f:9f:0b:d6:65:17:84:cd:38:09:10:cf:66:6a:
bf:72:10:b2:f8:6e:20:dd:22:7a:aa:f4:90:20:a0:ee:c3:42:
f5:1e:e7:e5:dc:97:b9:2e:2e:72:e8:ed:64:08:5b:cf:77:1f:
92:a7:d4:c5:57:38:a7:34:6d:21:53:f1:19:07:28:d6:46:ef:
e4:3e:d2:13:e0:78:af:04:c7:d1:29:4b:21:51:c2:a5:b1:29:
b3:31:76:e2:ef:8c:5f:81:db:22:6a:b7:ab:f6:da:04:04:ab:
fa:bd:ee:1e:ac:58:f5:0f:e8:f3:cb:ba:85:90:9f:e3:77:5c:
b7:01:40:7c:f3:53:68:4b:1f:0e:79:04:17:9e:55:4b:d1:91:
71:2a:d9:8b:d2:eb:6e:89:2a:ec:af:08:16:1c:d8:da:d0:f7:
91:89:44:d0:50:e3:8d:f9:96:9f:c9:dd:e6:31:d0:36:f1:6c:
78:ea:73:3b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZSysyrhy7KBpHWnJZOstAHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTI5MTUzNDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJhYTBiNDAyOGYwNzNjMDU2NGE2NThiNGZiODg4NmNiYzhkM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1oUBeXc1tqdQKHykVsrUgB+o9IN
vSS7VjH/ZGvtIqE9MHjyYEnj/O9tHGh2EyPEnHp2l3veL68eae6Uhn3lyg9jCrVI
uVqIBNlxD+tNj1xFjGGHOrTPwJq4b2Mzl/4MXIZnxIkrF1c+KvJo0weuSFLyIy83
Kf6Lnw+iz31tbXBl6FBmrEB2AGJQdCSD/MqTJKhAm0KV61YApklpwamWShSZTgnV
8XMbHPd9AdXB7rjoHV30mkkIT5T7Ep/tAdagjGjRIrbcJrISD1jkHQDvPop8uB8z
FeoznKMNRP6quPRfMOxmjjU0DycM9TPYzm2pMq/y67tZSuBCZpyilYFNKwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHq6oLQCjwc8BWSmWLT7iIbLyNPrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhLzZkZjdl
Yy0yYWZlLTQ1MzItYjQwYS1iYWVkYzc5YWU3ZTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvNmRmN2Vj
LTJhZmUtNDUzMi1iNDBhLWJhZWRjNzlhZTdlMS8xL2VycWd0QUtQQnp3RlpLWll0
UHVJaHN2STAtcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAXufcMA0EAgACMAcDBQMqFNsAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNCBDANBgkqhkiG9w0BAQsFAAOCAQEAh2uTbrfh4Kpl
+rlLUI0JlPRdZFWolscc8BL0GowbjVHTo0BfYG9Wh1Zep6dihMwy5ht95m9GO6fJ
Ho1Opa3TQ1DuMlDoXFc86BU9eS+fC9ZlF4TNOAkQz2Zqv3IQsvhuIN0ieqr0kCCg
7sNC9R7n5dyXuS4ucujtZAhbz3cfkqfUxVc4pzRtIVPxGQco1kbv5D7SE+B4rwTH
0SlLIVHCpbEpszF24u+MX4HbImq3q/baBASr+r3uHqxY9Q/o88u6hZCf43dctwFA
fPNTaEsfDnkEF55VS9GRcSrZi9Lrbokq7K8IFhzY2tD3kYlE0FDjjfmWn8nd5jHQ
NvFseOpzOw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:41:51 2025 by rpki-client