Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fXBZY4QR4yMedZ50qBO_k3Ygnnc.cer
File: fXBZY4QR4yMedZ50qBO_k3Ygnnc.cer (raw, json)
Hash identifier: wUxeF1CR/c+xW4BQ5zy5Gb/ewjMYiTu8/Dbky99MvX4=
Subject key identifier: 7D:70:59:63:84:11:E3:23:1E:75:9E:74:A8:13:BF:93:76:20:9E:77
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C5B13AE7C2EE610D5BD9F3AF148D5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/6/7D7059638411E3231E759E74A813BF9376209E77.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/6/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:47:59 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 215849
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5b:13:ae:7c:2e:e6:10:d5:bd:9f:3a:f1:48:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d7059638411e3231e759e74a813bf9376209e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:6c:45:0b:5c:c5:7e:4f:4a:94:7e:f0:5a:
59:9a:f7:4b:b3:a3:3a:1f:8a:29:c4:e4:25:34:e8:
7c:8a:81:14:fb:b6:d0:ba:c1:81:4d:8d:5f:f2:2f:
f2:79:99:cc:5c:56:5d:90:d3:25:b2:ea:0a:f7:f5:
89:0f:86:9e:64:08:ee:e8:d2:56:d9:fe:1a:7e:6c:
37:4c:88:76:89:5d:9c:55:06:f2:b4:46:94:f6:c5:
79:cd:77:5a:ed:0e:db:68:30:8a:1e:41:ca:db:d0:
1b:50:ca:f5:d0:e6:ae:a8:ad:b9:4f:62:78:0a:41:
08:e1:79:a4:4a:81:c4:55:de:00:5c:9a:de:ef:0b:
8c:85:43:6d:41:56:e7:61:c3:0d:52:07:94:5c:20:
bf:32:84:23:2e:b7:6f:08:e5:d8:78:d6:1c:7e:5c:
b5:8d:3f:c0:cf:5c:a1:5c:b6:ed:9d:78:94:59:f9:
e5:8c:46:28:06:31:af:2b:7f:e5:ea:61:12:47:ee:
05:7b:76:a5:dd:7c:d9:a2:07:ad:80:75:74:e3:07:
d4:91:17:69:8d:50:8e:18:85:71:e1:d8:44:ca:7c:
e0:e9:b3:48:9a:5d:09:71:c6:a2:7b:3f:73:d2:5c:
f6:76:0c:80:62:db:67:d0:bc:ed:a8:06:39:00:f5:
1e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:70:59:63:84:11:E3:23:1E:75:9E:74:A8:13:BF:93:76:20:9E:77
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/6/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/6/7D7059638411E3231E759E74A813BF9376209E77.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
215849
Signature Algorithm: sha256WithRSAEncryption
ad:e7:6c:6f:42:31:b6:2c:d7:4f:dd:3a:3b:f1:3a:7e:eb:b4:
97:73:58:d8:b7:68:20:da:bb:fd:ae:95:eb:4e:ae:a7:18:35:
2e:7d:3d:43:cc:6a:76:27:b0:e4:52:15:25:1f:60:fc:01:64:
d7:61:55:2a:2e:3b:1b:d3:e5:80:d2:97:fc:f1:cf:dd:62:a4:
48:71:e6:73:da:c1:18:45:e8:37:97:c8:47:9c:35:6a:86:8c:
bf:ca:68:bf:11:3a:07:36:d4:a7:88:50:87:39:2c:70:38:c9:
1e:83:c6:ae:9b:19:07:cd:a6:a7:e3:4a:ab:d7:ae:85:1f:74:
24:01:5f:cb:24:34:2c:ff:bb:0b:7e:02:53:8a:95:84:60:24:
1b:09:ca:dd:d1:ef:31:71:fb:1c:f3:2b:65:a7:73:ed:a5:8f:
28:22:41:25:91:27:a1:36:a7:38:0c:8a:27:98:7e:fc:02:76:
90:4a:0c:9e:e4:a4:fc:19:a7:b1:ef:85:36:89:45:48:0e:04:
fe:2d:74:a1:6a:53:9e:cc:a5:1d:88:33:0a:b1:2a:96:4a:24:
4b:7e:a2:bf:28:a6:57:c6:cc:10:dc:c6:a1:d0:d3:96:bc:9f:
d4:c9:98:4a:20:d1:f3:e5:9d:d2:ff:f6:b3:eb:80:cb:6c:76:
51:4c:11:d2
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZQfjFsTrnwu5hDVvZ868UjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDcwNTk2Mzg0MTFlMzIzMWU3NTllNzRhODEzYmY5Mzc2MjA5ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6JsRQtcxX5PSpR+8FpZmvdLs6M6
H4opxOQlNOh8ioEU+7bQusGBTY1f8i/yeZnMXFZdkNMlsuoK9/WJD4aeZAju6NJW
2f4afmw3TIh2iV2cVQbytEaU9sV5zXda7Q7baDCKHkHK29AbUMr10OauqK25T2J4
CkEI4XmkSoHEVd4AXJre7wuMhUNtQVbnYcMNUgeUXCC/MoQjLrdvCOXYeNYcfly1
jT/Az1yhXLbtnXiUWfnljEYoBjGvK3/l6mESR+4Fe3al3XzZogetgHV04wfUkRdp
jVCOGIVx4dhEynzg6bNIml0Jccaiez9z0lz2dgyAYttn0LztqAY5APUeuQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFH1wWWOEEeMjHnWedKgTv5N2IJ53MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljMGVk
MDQ2LWZhOTUtNDVjMy05MTQ2LTk3MWRiOGE5ZThiYi82LzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWMw
ZWQwNDYtZmE5NS00NWMzLTkxNDYtOTcxZGI4YTllOGJiLzYvN0Q3MDU5NjM4NDEx
RTMyMzFFNzU5RTc0QTgxM0JGOTM3NjIwOUU3Ny5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDSykw
DQYJKoZIhvcNAQELBQADggEBAK3nbG9CMbYs10/dOjvxOn7rtJdzWNi3aCDau/2u
letOrqcYNS59PUPManYnsORSFSUfYPwBZNdhVSouOxvT5YDSl/zxz91ipEhx5nPa
wRhF6DeXyEecNWqGjL/KaL8ROgc21KeIUIc5LHA4yR6Dxq6bGQfNpqfjSqvXroUf
dCQBX8skNCz/uwt+AlOKlYRgJBsJyt3R7zFx+xzzK2Wnc+2ljygiQSWRJ6E2pzgM
iieYfvwCdpBKDJ7kpPwZp7HvhTaJRUgOBP4tdKFqU57MpR2IMwqxKpZKJEt+or8o
plfGzBDcxqHQ05a8n9TJmEog0fPlndL/9rPrgMtsdlFMEdI=
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:27:09 2025 by rpki-client