Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
File: gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer (raw, json)
Hash identifier: tLgYhVBDZWPBWMAHAFR4wDc0tkAIxAjvqtLgXoPSTkE=
Subject key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019566AE3E3C00B7814CE52BBAC1B8B42742
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 05 Mar 2025 14:20:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 211880
AS: 213176
IP: 209.35.224.0/19
IP: 212.59.64.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:ae:3e:3c:00:b7:81:4c:e5:2b:ba:c1:b8:b4:27:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 5 14:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:7d:68:6c:15:98:4f:51:05:f7:eb:19:e7:
46:ed:84:de:bf:85:61:9d:de:3a:11:28:df:fc:10:
33:75:58:fc:43:d1:54:d9:81:66:7b:ca:32:7b:23:
8d:1f:51:4b:a9:bd:e1:a3:20:b3:27:fc:3a:16:36:
65:85:35:84:7e:1d:70:56:df:f8:81:db:c4:a9:fb:
39:5a:0b:ff:4f:08:b8:f7:7e:4b:16:5a:aa:31:d9:
8d:83:cc:af:bc:a7:c0:5f:af:b5:82:49:73:f4:cc:
ce:1e:70:20:a3:bd:14:1a:80:84:71:95:23:1b:09:
5a:af:34:98:f4:77:e3:80:37:78:cd:df:97:5b:68:
94:7d:81:cd:c6:0b:d5:40:90:76:42:a6:b6:c5:20:
8f:14:2f:eb:61:62:09:df:2e:b9:41:72:9b:c2:0d:
74:a8:c9:3a:72:30:95:31:ee:21:5a:23:d0:6a:6d:
22:2d:3a:6d:d6:9d:e2:03:ef:13:65:ff:f9:d5:4c:
a3:44:dc:a1:96:b2:41:a1:f2:d9:f6:cd:b6:fd:b8:
9c:2f:e8:56:e8:b0:1b:3a:bf:1c:b8:0e:4e:07:70:
28:1a:e3:db:13:43:06:9e:be:c8:9f:7a:82:55:bd:
bb:37:a5:bb:ce:f2:a3:99:4c:01:da:1f:56:1b:00:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/19
212.59.64.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
211880
213176
Signature Algorithm: sha256WithRSAEncryption
73:f5:de:ac:8c:ac:1f:94:49:55:96:30:ac:6d:66:05:51:6f:
81:aa:12:23:71:f8:9a:d6:4c:cb:bd:91:e2:9e:f2:19:62:f0:
4b:5e:99:1d:94:73:88:6d:a2:e7:35:63:be:a7:ff:4d:6e:60:
36:13:4e:02:fe:65:d2:6e:e9:30:1c:53:d3:0a:69:aa:14:c6:
6a:c4:bc:d8:56:85:c2:4b:5d:06:37:4c:a2:6f:36:7f:81:2f:
42:10:0b:b8:cb:d1:6c:1a:62:41:c0:b6:6b:c7:fa:7d:24:1c:
84:06:78:44:ed:b7:1a:fb:3b:4f:cf:b3:2d:93:a1:49:56:dd:
86:c6:bf:93:a5:eb:f4:db:8f:86:fe:7b:c7:08:03:7b:1e:bf:
c9:c5:e4:00:d9:68:8e:2e:67:05:ab:75:75:53:40:9a:c5:b4:
30:ec:11:87:84:64:b6:6e:c4:da:35:83:cb:39:ca:21:54:9d:
e7:80:92:87:93:5d:18:ab:bf:ba:cf:f9:df:3a:bf:2c:75:1e:
01:9e:a0:b0:20:df:86:fa:32:ba:33:a6:84:09:d5:31:b2:ae:
19:1e:99:21:7b:2b:ee:6d:99:bf:db:3f:29:d8:7c:b1:af:ba:
f2:e9:44:e5:90:35:ad:63:76:d8:4f:06:4c:de:2f:81:4e:e4:
e6:28:e3:d6
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZVmrj48ALeBTOUrusG4tCdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMzA1MTQyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWEyZDBkY2Q1MGE2ODJmOTc1ZWEzZDhjMzhlNWU2N2JiMDMyMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3V9aGwVmE9RBffrGedG7YTev4Vh
nd46ESjf/BAzdVj8Q9FU2YFme8oyeyONH1FLqb3hoyCzJ/w6FjZlhTWEfh1wVt/4
gdvEqfs5Wgv/Twi4935LFlqqMdmNg8yvvKfAX6+1gklz9MzOHnAgo70UGoCEcZUj
GwlarzSY9HfjgDd4zd+XW2iUfYHNxgvVQJB2Qqa2xSCPFC/rYWIJ3y65QXKbwg10
qMk6cjCVMe4hWiPQam0iLTpt1p3iA+8TZf/51UyjRNyhlrJBofLZ9s22/bicL+hW
6LAbOr8cuA5OB3AoGuPbE0MGnr7In3qCVb27N6W7zvKjmUwB2h9WGwCFjQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFIGi0NzVCmgvl16j2MOOXme7AyL5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyL2QyNWE3
Mi1iYmUzLTRhYjAtOTU2NC1mZTQ1ZDUxNjBjMzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvZDI1YTcy
LWJiZTMtNGFiMC05NTY0LWZlNDVkNTE2MGMzOS8xL2dhTFEzTlVLYUMtWFhxUFl3
NDVlWjdzREl2ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQF0SPgAwQD1DtAMB8GCCsGAQUFBwEIAQH/BBAw
DqAMMAoCAwM7qAIDA0C4MA0GCSqGSIb3DQEBCwUAA4IBAQBz9d6sjKwflElVljCs
bWYFUW+BqhIjcfia1kzLvZHinvIZYvBLXpkdlHOIbaLnNWO+p/9NbmA2E04C/mXS
bukwHFPTCmmqFMZqxLzYVoXCS10GN0yibzZ/gS9CEAu4y9FsGmJBwLZrx/p9JByE
BnhE7bca+ztPz7Mtk6FJVt2Gxr+Tpev024+G/nvHCAN7Hr/JxeQA2WiOLmcFq3V1
U0CaxbQw7BGHhGS2bsTaNYPLOcohVJ3ngJKHk10Yq7+6z/nfOr8sdR4BnqCwIN+G
+jK6M6aECdUxsq4ZHpkheyvubZm/2z8p2Hyxr7ry6UTlkDWtY3bYTwZM3i+BTuTm
KOPW
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:17:48 2025 by rpki-client