Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
File: fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer (raw, json)
Hash identifier: olazM2u+vpsIOP/X6FWXD0AWvzwd3Y3FZtxHSWXeQuY=
Subject key identifier: 7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194266C4184578A7065DC69674081538841
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:50:16 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 5.57.224.0/21
IP: 146.255.16.0/21
IP: 185.2.148.0/22
IP: 185.47.12.0/22
IP: 185.57.172.0/22
IP: 185.99.184.0/22
IP: 185.103.36.0/22
IP: 185.104.132.0/22
IP: 185.105.220.0/22
IP: 2a00:de40::/32
IP: 2a01:8ae0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:41:84:57:8a:70:65:dc:69:67:40:81:53:88:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:25:51:de:5a:bf:5c:a1:24:4b:8e:e0:0e:3c:
86:a2:e4:8c:f5:f9:15:42:a8:b8:f6:33:22:ae:9a:
53:9c:b0:22:1d:f0:40:61:86:81:75:59:86:37:e6:
0e:6b:3a:4d:c2:27:db:b4:67:2e:7b:e5:70:09:1d:
42:91:87:39:3a:ef:68:46:2a:f5:ba:90:6e:1a:0c:
15:a0:e0:ca:c9:ef:0b:29:a1:79:c0:ce:0d:cc:0c:
bf:43:b5:56:18:0b:f5:bf:fb:18:6a:bf:b4:ac:40:
01:11:cb:fe:13:ed:cc:f5:e8:32:46:2c:66:3d:e7:
ae:c1:ce:7a:42:37:0e:fe:b3:12:6b:8d:32:7a:dc:
c5:ce:a5:ec:1d:dd:73:13:bf:16:e7:98:49:4d:d2:
bb:85:16:18:35:22:ed:6a:c4:a2:a1:41:19:fc:de:
80:73:5c:72:97:85:c1:20:95:9e:66:d1:14:00:e9:
f2:bb:55:9c:31:4a:ef:cf:b7:65:2c:ba:b1:b4:ff:
ed:b8:b0:7a:8e:94:50:dd:4c:6e:e1:8a:2b:51:1a:
4a:b1:36:a9:9c:a2:ec:35:27:cc:6f:b2:a5:97:5e:
9b:27:6a:2e:23:30:67:3f:05:4f:ec:86:72:57:a5:
31:39:07:bb:65:8e:6a:a1:6b:2e:40:ed:4d:ea:34:
c6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.224.0/21
146.255.16.0/21
185.2.148.0/22
185.47.12.0/22
185.57.172.0/22
185.99.184.0/22
185.103.36.0/22
185.104.132.0/22
185.105.220.0/22
IPv6:
2a00:de40::/32
2a01:8ae0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:06:2f:1e:8a:d2:0e:05:1e:90:64:9b:50:c5:7a:c8:5c:04:
55:03:66:d5:08:a2:c6:78:37:72:0f:c9:e9:73:78:d9:2e:98:
19:89:43:7e:ad:5a:d9:d6:77:97:c0:9d:26:9a:48:6c:4b:43:
44:10:d2:42:2e:27:b0:8e:63:b5:f8:be:95:67:b8:ff:02:5f:
b9:77:8e:72:25:06:7c:a0:5f:18:2e:29:f8:12:14:c1:42:2e:
12:3d:ba:39:92:40:86:c5:06:7d:5b:eb:41:d7:bd:a3:d1:65:
e4:5e:a1:83:42:b8:97:d4:0a:85:4f:a9:cb:2f:38:97:cf:1d:
0c:87:45:68:11:13:35:73:cb:16:65:7d:83:1d:b6:81:67:d0:
d4:68:7d:dc:12:35:1e:98:4d:b8:6f:8f:d3:5b:65:74:5b:42:
29:73:21:0c:90:60:f9:f7:e0:11:73:e0:af:23:b6:4a:f0:3d:
d6:7c:48:36:44:b7:e6:ed:f5:1f:8f:68:2d:cf:b4:ec:cf:5b:
f2:a1:e4:0d:b1:fb:a5:68:39:52:71:25:e0:0b:e3:77:85:ad:
88:3f:c9:d8:b0:37:ae:76:bb:a5:bd:47:a4:f6:57:17:7e:e6:
92:c8:5b:ae:b2:00:fa:1f:6d:38:d1:81:07:a0:23:f6:65:dc:
ad:99:6b:89
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZQmbEGEV4pwZdxpZ0CBU4hBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjE2ODAyOGVjMGRhYjY2OGE2N2Q1YmY2ZjUzNThjYWFiZTMzN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SVR3lq/XKEkS47gDjyGouSM9fkV
Qqi49jMirppTnLAiHfBAYYaBdVmGN+YOazpNwifbtGcue+VwCR1CkYc5Ou9oRir1
upBuGgwVoODKye8LKaF5wM4NzAy/Q7VWGAv1v/sYar+0rEABEcv+E+3M9egyRixm
Peeuwc56QjcO/rMSa40yetzFzqXsHd1zE78W55hJTdK7hRYYNSLtasSioUEZ/N6A
c1xyl4XBIJWeZtEUAOnyu1WcMUrvz7dlLLqxtP/tuLB6jpRQ3Uxu4YorURpKsTap
nKLsNSfMb7Kll16bJ2ouIzBnPwVP7IZyV6UxOQe7ZY5qoWsuQO1N6jTG/QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFH8WgCjsDatmimfVv29TWMqr4zeoMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2IxNTI4
Ni1mZDRkLTQ5ZmUtYTY5ZS03ZmFkZjUwYTJlMzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvYjE1Mjg2
LWZkNGQtNDlmZS1hNjllLTdmYWRmNTBhMmUzNy8xL2Z4YUFLT3dOcTJhS1o5V19i
MU5ZeXF2ak42Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUGCCsGAQUF
BwEHAQH/BFYwVDA8BAIAATA2AwQDBTngAwQDkv8QAwQCuQKUAwQCuS8MAwQCuTms
AwQCuWO4AwQCuWckAwQCuWiEAwQCuWncMBQEAgACMA4DBQAqAN5AAwUAKgGK4DAN
BgkqhkiG9w0BAQsFAAOCAQEAsgYvHorSDgUekGSbUMV6yFwEVQNm1Qiixng3cg/J
6XN42S6YGYlDfq1a2dZ3l8CdJppIbEtDRBDSQi4nsI5jtfi+lWe4/wJfuXeOciUG
fKBfGC4p+BIUwUIuEj26OZJAhsUGfVvrQde9o9Fl5F6hg0K4l9QKhU+pyy84l88d
DIdFaBETNXPLFmV9gx22gWfQ1Gh93BI1HphNuG+P01tldFtCKXMhDJBg+ffgEXPg
ryO2SvA91nxINkS35u31H49oLc+07M9b8qHkDbH7pWg5UnEl4Avjd4WtiD/J2LA3
rna7pb1HpPZXF37mkshbrrIA+h9tONGBB6Aj9mXcrZlriQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:22:28 2025 by rpki-client