Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
File: hw4qIH9pdyFKlXqOFI0fi1pc0II.cer (raw, json)
Hash identifier: Lv4aKXFxlqOgc8QGTOiU1/Gaq4e0I/86A/fgJsuFj2g=
Subject key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424459E6922C87BAC3D8A3870EBC894BE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 213909
IP: 188.211.169.0/24
IP: 193.163.93.0/24
IP: 2a11:1f40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9e:69:22:c8:7b:ac:3d:8a:38:70:eb:c8:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1c:5c:58:78:30:30:e4:80:d4:c4:5f:83:27:
1a:d1:48:38:cc:da:b3:c9:87:15:4d:7a:df:2f:24:
46:67:10:06:c2:aa:a7:19:a0:cd:0d:e8:48:79:4e:
93:fc:53:cc:8a:28:35:87:0a:d0:42:3b:05:50:25:
18:a2:b1:ea:47:26:7f:69:5a:2a:7e:d4:56:60:09:
93:69:cf:8c:c7:c7:52:66:7a:4b:da:34:0b:1c:86:
4f:46:c6:2b:11:48:da:1e:3b:0d:c3:7a:d7:ac:26:
0f:db:bd:51:0d:e1:5e:61:1d:02:69:57:ef:ab:d9:
f6:05:74:ba:3d:e2:da:bb:ea:ef:06:cf:a8:41:4a:
ae:8a:6b:89:f3:e9:36:23:94:36:b7:34:12:55:34:
cb:7e:36:83:d5:d0:36:7f:40:73:c3:39:a2:3e:ab:
8f:dd:d0:f5:5d:fc:7f:d1:fd:f9:87:cf:3f:23:0b:
88:eb:f6:20:8e:31:76:2e:b2:53:8b:36:26:c9:fe:
19:bf:a8:34:32:06:ed:15:58:bd:07:d2:74:5b:8f:
bd:eb:4c:c9:d0:bf:61:be:6b:4e:ef:67:d1:f3:21:
3a:dc:97:57:df:c1:9b:37:8b:7e:26:d1:41:c6:b2:
7b:ad:11:90:ed:c0:85:41:e8:36:62:f8:2d:0c:77:
27:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.211.169.0/24
193.163.93.0/24
IPv6:
2a11:1f40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213909
Signature Algorithm: sha256WithRSAEncryption
57:d6:59:dc:5e:76:a0:f0:25:12:f6:b8:ce:70:9d:5e:84:60:
73:2a:21:1b:8f:3d:ce:f5:9a:ec:06:05:11:39:0f:af:e2:f7:
c1:38:d2:fe:1c:63:4b:82:c9:af:e8:05:81:6e:1e:e8:19:6c:
45:e9:82:f1:f3:bc:eb:00:9f:e4:36:45:2b:61:9b:c9:c0:59:
81:4f:71:fe:18:17:d2:74:82:96:db:f6:96:ca:44:98:d1:29:
0e:fd:bd:bb:60:10:d0:97:2c:3f:ff:10:6e:75:48:74:1c:42:
c7:30:5f:34:37:4a:27:b6:8a:ee:c2:45:27:1a:83:84:90:e1:
6a:9a:1e:70:e6:b8:25:6a:95:f6:1d:23:20:5b:bb:ac:cd:5a:
52:2d:9d:0e:2c:5a:9b:44:07:00:fa:a7:46:56:ed:df:0e:b0:
c5:bf:50:d0:15:fc:71:2a:48:ae:40:94:f6:9e:34:1d:c5:21:
20:82:76:ad:35:5e:28:41:53:93:8b:9a:08:1b:5e:34:b5:d8:
08:53:c9:97:80:8c:c7:ae:c1:da:cb:61:66:d5:b0:3c:0e:31:
91:5f:81:0b:74:8f:cb:c9:15:47:58:26:47:b5:20:5a:51:60:
4e:e5:bf:5d:7a:a2:46:0d:eb:30:90:23:7e:09:7f:aa:1e:e2:
a5:cf:3a:56
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQkRZ5pIsh7rD2KOHDryJS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzBlMmEyMDdmNjk3NzIxNGE5NTdhOGUxNDhkMWY4YjVhNWNkMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxxcWHgwMOSA1MRfgyca0Ug4zNqz
yYcVTXrfLyRGZxAGwqqnGaDNDehIeU6T/FPMiig1hwrQQjsFUCUYorHqRyZ/aVoq
ftRWYAmTac+Mx8dSZnpL2jQLHIZPRsYrEUjaHjsNw3rXrCYP271RDeFeYR0CaVfv
q9n2BXS6PeLau+rvBs+oQUquimuJ8+k2I5Q2tzQSVTTLfjaD1dA2f0BzwzmiPquP
3dD1Xfx/0f35h88/IwuI6/YgjjF2LrJTizYmyf4Zv6g0MgbtFVi9B9J0W4+960zJ
0L9hvmtO72fR8yE63JdX38GbN4t+JtFBxrJ7rRGQ7cCFQeg2YvgtDHcnvwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFIcOKiB/aXchSpV6jhSNH4taXNCCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FmLzQyMTE1
OC1mMGM2LTQ2MTktYWZhNS04YTk0Njg3ZGJhNmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvNDIxMTU4
LWYwYzYtNDYxOS1hZmE1LThhOTQ2ODdkYmE2Zi8xL2h3NHFJSDlwZHlGS2xYcU9G
STBmaTFwYzBJSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAvNOpAwQAwaNdMA0EAgACMAcDBQMqER9AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwNDlTANBgkqhkiG9w0BAQsFAAOCAQEAV9ZZ
3F52oPAlEva4znCdXoRgcyohG489zvWa7AYFETkPr+L3wTjS/hxjS4LJr+gFgW4e
6BlsRemC8fO86wCf5DZFK2GbycBZgU9x/hgX0nSCltv2lspEmNEpDv29u2AQ0Jcs
P/8QbnVIdBxCxzBfNDdKJ7aK7sJFJxqDhJDhapoecOa4JWqV9h0jIFu7rM1aUi2d
Dixam0QHAPqnRlbt3w6wxb9Q0BX8cSpIrkCU9p40HcUhIIJ2rTVeKEFTk4uaCBte
NLXYCFPJl4CMx67B2sthZtWwPA4xkV+BC3SPy8kVR1gmR7UgWlFgTuW/XXqiRg3r
MJAjfgl/qh7ipc86Vg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:55:32 2025 by rpki-client