Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ewGNKlH-8tdsYmAFVsZtV8t-knA.cer
File: ewGNKlH-8tdsYmAFVsZtV8t-knA.cer (raw, json)
Hash identifier: FLaRM66TeTgBbIl/Ifg3ZruqOfGKkOYw2FtFIc8Nc/U=
Subject key identifier: 7B:01:8D:2A:51:FE:F2:D7:6C:62:60:05:56:C6:6D:57:CB:7E:92:70
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FC3CEE36564778B84A003A4080883F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/ewGNKlH-8tdsYmAFVsZtV8t-knA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:49:03 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 201596
IP: 141.195.32.0/19
IP: 185.47.248.0/22
IP: 185.58.136.0/22
IP: 2a01:80e0::/29
IP: 2a02:6420::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3c:ee:36:56:47:78:b8:4a:00:3a:40:80:88:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b018d2a51fef2d76c62600556c66d57cb7e9270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:7e:ac:1e:4a:df:0b:00:d1:bc:54:b8:92:
3c:da:44:fe:bc:c2:13:54:85:35:0e:bd:87:fe:45:
d6:bc:64:f4:e2:e7:20:d2:1c:51:49:0a:b5:66:35:
47:f0:9c:fc:e4:f3:b7:e4:ab:9b:5e:31:b4:19:9a:
a1:2b:19:d5:ba:a2:8e:1f:77:3a:e1:9b:ec:d1:20:
a0:5d:e7:71:de:40:e4:d0:d6:0f:de:59:0f:cd:3f:
d7:23:c4:53:d1:75:28:94:70:55:fa:50:e4:4d:9a:
e0:2b:21:25:81:c7:8d:36:e5:00:25:da:fa:2e:f8:
1f:10:ff:80:97:6d:94:27:90:8a:f4:62:b0:9f:88:
69:2a:e0:dc:29:9d:e2:39:e6:38:a2:87:09:c4:9c:
eb:1b:21:b3:78:c5:6c:71:4f:4a:47:05:cd:b2:ba:
a7:e6:60:a8:85:4c:3b:c5:39:1c:37:9f:c2:69:d9:
ce:ec:68:2a:a2:e0:d0:80:0d:f4:25:f4:ef:92:73:
18:fd:da:96:47:52:7f:2c:c8:a1:70:c1:70:18:90:
c3:a3:81:06:02:c7:be:f8:09:5a:cc:f3:b5:f4:46:
31:0e:02:6e:6b:61:7c:2d:bf:08:3d:83:c6:92:43:
c5:42:01:9d:1a:d3:88:97:59:61:b8:cd:94:37:a9:
ac:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:01:8D:2A:51:FE:F2:D7:6C:62:60:05:56:C6:6D:57:CB:7E:92:70
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/ewGNKlH-8tdsYmAFVsZtV8t-knA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.195.32.0/19
185.47.248.0/22
185.58.136.0/22
IPv6:
2a01:80e0::/29
2a02:6420::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201596
Signature Algorithm: sha256WithRSAEncryption
6c:3a:19:42:4d:b5:21:b4:aa:90:8d:8d:59:50:b5:ea:78:85:
37:96:ca:3a:b7:bf:c3:d6:9f:d6:95:06:1e:86:df:cb:d1:65:
77:d7:86:dc:df:8e:95:89:ac:06:37:05:70:b9:b0:fe:42:6a:
5e:77:44:ad:53:5a:e2:af:5e:dd:d1:41:a9:8d:80:1f:aa:a2:
17:64:0e:27:e9:fc:71:38:b6:df:47:d4:06:50:d1:ec:a5:54:
69:01:c7:a2:24:d1:01:fc:99:22:e2:af:77:da:18:ef:90:9d:
16:a1:0c:75:a1:4f:44:0f:9f:c3:7e:2b:c5:69:ba:b6:a4:ad:
4c:06:cc:72:1c:92:b8:1e:a9:f7:bc:7c:6c:8c:b5:49:17:48:
95:53:85:55:94:fd:d5:76:92:f7:89:fa:9e:fc:19:88:ce:49:
1a:7b:67:ab:74:bf:5a:47:9b:0a:4f:42:f0:fc:5a:cb:55:43:
9c:a4:98:bc:c5:3a:67:0f:66:27:ab:c4:e6:80:00:db:28:a9:
ab:4a:e4:6c:1f:5e:ff:9a:7a:99:1b:95:78:27:be:b1:ab:79:
e2:60:c1:fc:e6:f0:63:54:f1:0d:99:a7:a5:bb:10:66:81:a8:
8d:0a:25:53:e2:78:42:ac:d2:b4:f6:ae:78:9a:e3:31:e6:d9:
6a:14:9a:fc
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZQi/DzuNlZHeLhKADpAgIg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAxOGQyYTUxZmVmMmQ3NmM2MjYwMDU1NmM2NmQ1N2NiN2U5MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3V+rB5K3wsA0bxUuJI82kT+vMIT
VIU1Dr2H/kXWvGT04ucg0hxRSQq1ZjVH8Jz85PO35KubXjG0GZqhKxnVuqKOH3c6
4Zvs0SCgXedx3kDk0NYP3lkPzT/XI8RT0XUolHBV+lDkTZrgKyElgceNNuUAJdr6
LvgfEP+Al22UJ5CK9GKwn4hpKuDcKZ3iOeY4oocJxJzrGyGzeMVscU9KRwXNsrqn
5mCohUw7xTkcN5/CadnO7GgqouDQgA30JfTvknMY/dqWR1J/LMihcMFwGJDDo4EG
Ase++AlazPO19EYxDgJua2F8Lb8IPYPGkkPFQgGdGtOIl1lhuM2UN6msxwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFHsBjSpR/vLXbGJgBVbGbVfLfpJwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2U2ZmQw
ZC1hMDJiLTQ5YzItOWEyYy00ZGMyZGQ1NmQ1N2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvZTZmZDBk
LWEwMmItNDljMi05YTJjLTRkYzJkZDU2ZDU3Zi8xL2V3R05LbEgtOHRkc1ltQUZW
c1p0Vjh0LWtuQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF
BwEHAQH/BDIwMDAYBAIAATASAwQFjcMgAwQCuS/4AwQCuTqIMBQEAgACMA4DBQMq
AYDgAwUAKgJkIDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDE3wwDQYJKoZIhvcN
AQELBQADggEBAGw6GUJNtSG0qpCNjVlQtep4hTeWyjq3v8PWn9aVBh6G38vRZXfX
htzfjpWJrAY3BXC5sP5Cal53RK1TWuKvXt3RQamNgB+qohdkDifp/HE4tt9H1AZQ
0eylVGkBx6Ik0QH8mSLir3faGO+QnRahDHWhT0QPn8N+K8VpurakrUwGzHIckrge
qfe8fGyMtUkXSJVThVWU/dV2kveJ+p78GYjOSRp7Z6t0v1pHmwpPQvD8WstVQ5yk
mLzFOmcPZierxOaAANsoqatK5GwfXv+aepkblXgnvrGreeJgwfzm8GNU8Q2Zp6W7
EGaBqI0KJVPieEKs0rT2rnia4zHm2WoUmvw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:49 2025 by rpki-client