Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
File: fG3HOVgVrwRQSPTOORDQQAj_Onw.cer (raw, json)
Hash identifier: 6JwWy4ZgMdC2ieA1vWF5L6gg+x8a10UvOmb5+a421IA=
Subject key identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9DE464724CF2E64BF3CE6B7D7CB6F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:59 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 20718
IP: 62.151.160.0/21
IP: 62.151.176.0/21
IP: 82.223.0.0/16
IP: 93.93.112.0/21
IP: 94.143.136.0/21
IP: 185.132.44.0/22
IP: 217.76.128.0/19
IP: 2001:ba0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:de:46:47:24:cf:2e:64:bf:3c:e6:b7:d7:cb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cb:9c:42:c1:e5:d9:64:70:ba:f1:20:01:1b:
3d:40:60:ae:af:bc:d5:e0:45:aa:84:80:5e:7a:34:
be:68:cf:24:cb:29:b0:74:3a:b8:a2:d2:28:39:c0:
84:61:6a:58:cd:95:73:ce:9b:84:33:de:85:ff:04:
2f:c4:f7:f7:6d:76:92:87:14:d9:53:2d:3b:a7:0f:
70:4b:d5:e0:47:f0:3e:7a:39:6b:72:b2:d8:7b:41:
d5:2b:be:f2:ee:94:9b:61:54:69:5a:b1:ed:f4:6f:
d8:ac:c3:d7:43:1e:52:71:4b:d5:44:ab:72:6f:d8:
21:c2:81:e1:4f:af:e5:22:c3:6b:a7:3b:37:ad:d6:
3b:00:41:2b:bf:6a:ce:ec:55:72:b7:65:67:92:97:
a7:a2:2b:6d:4b:7f:f8:f7:f5:1d:9d:1c:17:96:3b:
7b:bf:bc:0a:24:1c:bb:88:3f:8a:69:a6:c6:b3:23:
48:7f:ac:4b:fe:4d:57:42:a3:94:84:89:2c:c1:7a:
a7:df:ce:21:a1:01:25:15:1d:0a:a9:e2:0e:1c:97:
b8:2a:9c:92:4a:cf:29:83:d0:78:6b:0c:1a:b3:83:
eb:a3:85:ce:e9:ca:15:5f:31:63:e8:b9:01:14:67:
87:5d:c0:7d:39:47:fa:53:92:ab:e5:27:b7:d0:89:
3f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.151.160.0/21
62.151.176.0/21
82.223.0.0/16
93.93.112.0/21
94.143.136.0/21
185.132.44.0/22
217.76.128.0/19
IPv6:
2001:ba0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20718
Signature Algorithm: sha256WithRSAEncryption
18:36:e4:f1:d5:22:d8:c0:11:e3:94:83:52:8c:cc:88:59:f0:
54:7e:18:77:84:ab:9c:f6:fb:a9:a4:d6:1c:45:3e:e4:f2:2c:
a1:a5:23:3c:b7:cc:60:82:7b:93:b1:6e:2c:ad:83:88:98:55:
c5:62:62:96:84:1c:02:cd:64:c5:5d:c6:ad:11:17:bd:2e:32:
45:71:e4:47:32:53:7f:05:13:c5:4c:43:d9:36:49:f8:0c:d1:
13:71:90:9e:4b:35:d9:78:0e:f7:23:04:a5:d7:01:68:29:11:
29:cc:41:90:c8:65:d5:dc:31:96:2f:7b:68:61:89:37:f8:aa:
8f:1b:ce:53:9f:86:17:50:8f:6f:06:d7:02:8e:64:93:64:56:
e2:1a:6a:f3:89:97:10:1b:74:a8:8d:e8:6d:bd:f7:1d:91:35:
8e:c4:d2:9c:b3:00:ae:08:c1:05:c0:6b:03:fa:73:77:69:0a:
eb:1a:d0:a6:18:0d:de:b2:3d:16:04:43:e9:3d:66:c2:d1:82:
84:cb:40:5d:e4:11:e7:41:dd:0b:9a:81:a2:ce:58:d2:3c:22:
1f:f1:57:45:f2:03:51:6c:04:5f:2d:7f:1a:ba:71:02:d3:db:
8e:5b:4c:28:15:ab:1c:19:bc:da:92:97:ca:8d:a0:c8:e5:4e:
2c:7c:6a:2b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAZQm2d5GRyTPLmS/POa318tvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZkYzczOTU4MTVhZjA0NTA0OGY0Y2UzOTEwZDA0MDA4ZmYzYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58ucQsHl2WRwuvEgARs9QGCur7zV
4EWqhIBeejS+aM8kyymwdDq4otIoOcCEYWpYzZVzzpuEM96F/wQvxPf3bXaShxTZ
Uy07pw9wS9XgR/A+ejlrcrLYe0HVK77y7pSbYVRpWrHt9G/YrMPXQx5ScUvVRKty
b9ghwoHhT6/lIsNrpzs3rdY7AEErv2rO7FVyt2VnkpenoittS3/49/UdnRwXljt7
v7wKJBy7iD+KaabGsyNIf6xL/k1XQqOUhIkswXqn384hoQElFR0KqeIOHJe4KpyS
Ss8pg9B4awwas4Pro4XO6coVXzFj6LkBFGeHXcB9OUf6U5Kr5Se30Ik/ZwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFHxtxzlYFa8EUEj0zjkQ0EAI/zp8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY0LzU0Njg3
Zi1lZmE1LTQ2MjAtODYxOS0zMTU1YmE4Y2I3NGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQvNTQ2ODdm
LWVmYTUtNDYyMC04NjE5LTMxNTViYThjYjc0Zi8xL2ZHM0hPVmdWcndSUVNQVE9P
UkRRUUFqX09udy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUF
BwEHAQH/BEIwQDAvBAIAATApAwQDPpegAwQDPpewAwMAUt8DBANdXXADBANej4gD
BAK5hCwDBAXZTIAwDQQCAAIwBwMFACABC6AwGQYIKwYBBQUHAQgBAf8ECjAIoAYw
BAICUO4wDQYJKoZIhvcNAQELBQADggEBABg25PHVItjAEeOUg1KMzIhZ8FR+GHeE
q5z2+6mk1hxFPuTyLKGlIzy3zGCCe5Oxbiytg4iYVcViYpaEHALNZMVdxq0RF70u
MkVx5EcyU38FE8VMQ9k2SfgM0RNxkJ5LNdl4DvcjBKXXAWgpESnMQZDIZdXcMZYv
e2hhiTf4qo8bzlOfhhdQj28G1wKOZJNkVuIaavOJlxAbdKiN6G299x2RNY7E0pyz
AK4IwQXAawP6c3dpCusa0KYYDd6yPRYEQ+k9ZsLRgoTLQF3kEedB3QuagaLOWNI8
Ih/xV0XyA1FsBF8tfxq6cQLT245bTCgVqxwZvNqSl8qNoMjlTix8ais=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:39:32 2025 by rpki-client