Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i8OUjYuToh5tV9nGVU1e3RB9Ca8.cer
File: i8OUjYuToh5tV9nGVU1e3RB9Ca8.cer (raw, json)
Hash identifier: P0lsdS6noRI6zmRKdDmBuY8OnNLPRKmYM83our2gC90=
Subject key identifier: 8B:C3:94:8D:8B:93:A2:1E:6D:57:D9:C6:55:4D:5E:DD:10:7D:09:AF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01946DFB685D31AF9B2D963BEAED23AB1D0C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/i8OUjYuToh5tV9nGVU1e3RB9Ca8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 16 Jan 2025 07:19:40 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 60153
IP: 185.55.196.0/22
IP: 185.182.64.0/24
IP: 2a02:4da0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6d:fb:68:5d:31:af:9b:2d:96:3b:ea:ed:23:ab:1d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 16 07:19:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bc3948d8b93a21e6d57d9c6554d5edd107d09af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:68:25:0f:16:ee:79:4d:a0:7d:bb:9c:90:
00:39:9d:f3:0a:ac:00:a2:69:7a:dd:9f:5a:5c:9b:
86:4c:af:53:14:4e:aa:9f:5e:aa:0a:c4:7c:62:f4:
23:a2:83:52:a5:77:8f:4e:ad:1d:09:1f:ac:06:cc:
60:70:cc:28:a0:2c:21:e2:03:29:9e:91:82:28:0a:
bf:0a:2c:c4:0e:cc:be:26:c0:31:09:52:fa:ed:dd:
1a:c0:bd:bd:5e:05:09:b5:43:ab:d1:50:80:2e:20:
96:75:85:a7:29:c5:30:c5:ce:d9:3c:46:8e:ec:af:
a0:9d:7f:d4:a0:0c:2d:76:8a:b8:be:69:aa:9b:c1:
2a:3e:b4:8c:5a:81:2a:4b:2f:75:75:85:98:99:4a:
e2:e9:7f:c2:ab:97:9d:99:59:65:5a:c3:66:fd:21:
9b:8e:bf:9c:d8:f9:d3:1d:9d:03:d3:54:1a:ce:d8:
a1:a0:3c:bf:a8:9b:1d:4d:05:a2:c6:26:99:22:15:
2f:bc:d6:a4:ac:d1:ee:39:ba:28:75:f2:23:bb:e5:
27:df:fd:bd:ec:27:f9:1c:59:41:8a:a1:83:56:be:
6c:2d:06:0a:aa:04:06:20:77:fc:c4:84:f2:90:2c:
f2:ef:cb:af:e8:90:97:89:8b:c8:88:31:51:29:99:
b1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C3:94:8D:8B:93:A2:1E:6D:57:D9:C6:55:4D:5E:DD:10:7D:09:AF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/i8OUjYuToh5tV9nGVU1e3RB9Ca8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.196.0/22
185.182.64.0/24
IPv6:
2a02:4da0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60153
Signature Algorithm: sha256WithRSAEncryption
22:d3:e0:b1:15:d3:78:b1:64:d8:55:16:ce:f0:91:ab:73:57:
23:0d:e6:f8:10:a8:5e:94:ca:83:bd:b6:8c:9a:d9:c7:b9:d4:
73:6a:26:c0:31:bf:60:ea:17:16:9a:9a:fd:d1:1a:db:e5:16:
0f:55:ad:5f:ca:14:a0:ca:09:a4:db:78:10:2a:73:d2:d0:7a:
18:9b:b1:bf:35:2c:c6:a6:5c:0e:08:ee:3e:d9:e1:22:d7:b5:
3e:6a:bb:42:2f:a8:24:57:16:70:d6:40:48:0c:c7:96:c1:f5:
90:b3:5e:8d:9e:3b:c5:a7:df:22:bb:4d:b9:7f:97:b8:ce:3d:
ee:e6:49:3e:c3:2a:c1:d3:c5:52:59:ce:55:c2:d2:88:20:20:
23:46:29:12:48:27:69:ff:f0:ec:25:c1:9d:6d:d6:34:f4:e3:
85:a6:9d:44:cc:27:58:75:67:20:70:2b:cc:8b:8e:90:32:32:
dd:d6:76:5c:d7:1e:23:05:63:f9:b3:36:db:86:70:97:7e:22:
0d:e2:34:4d:a2:23:94:35:6c:d3:31:21:a7:35:f8:73:db:d5:
11:0f:43:4e:60:d3:b5:77:ea:0b:2e:e7:c2:d3:b7:03:07:73:
57:a8:43:32:26:03:83:a0:b9:e0:0c:54:3b:fb:68:2e:08:be:
bf:72:75:51
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZRt+2hdMa+bLZY76u0jqx0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTE2MDcxOTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmMzOTQ4ZDhiOTNhMjFlNmQ1N2Q5YzY1NTRkNWVkZDEwN2QwOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZxoJQ8W7nlNoH27nJAAOZ3zCqwA
oml63Z9aXJuGTK9TFE6qn16qCsR8YvQjooNSpXePTq0dCR+sBsxgcMwooCwh4gMp
npGCKAq/CizEDsy+JsAxCVL67d0awL29XgUJtUOr0VCALiCWdYWnKcUwxc7ZPEaO
7K+gnX/UoAwtdoq4vmmqm8EqPrSMWoEqSy91dYWYmUri6X/Cq5edmVllWsNm/SGb
jr+c2PnTHZ0D01QaztihoDy/qJsdTQWixiaZIhUvvNakrNHuOboodfIju+Un3/29
7Cf5HFlBiqGDVr5sLQYKqgQGIHf8xITykCzy78uv6JCXiYvIiDFRKZmx7wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFIvDlI2Lk6IebVfZxlVNXt0QfQmvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QyLzUxMGU1
Ny0zOGRhLTQ5NGQtODIwMC04OTFmYTIxYzZmMGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIvNTEwZTU3
LTM4ZGEtNDk0ZC04MjAwLTg5MWZhMjFjNmYwYi8xL2k4T1VqWXVUb2g1dFY5bkdW
VTFlM1JCOUNhOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuTfEAwQAubZAMA0EAgACMAcDBQAqAk2gMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDq+TANBgkqhkiG9w0BAQsFAAOCAQEAItPg
sRXTeLFk2FUWzvCRq3NXIw3m+BCoXpTKg722jJrZx7nUc2omwDG/YOoXFpqa/dEa
2+UWD1WtX8oUoMoJpNt4ECpz0tB6GJuxvzUsxqZcDgjuPtnhIte1Pmq7Qi+oJFcW
cNZASAzHlsH1kLNejZ47xaffIrtNuX+XuM497uZJPsMqwdPFUlnOVcLSiCAgI0Yp
Ekgnaf/w7CXBnW3WNPTjhaadRMwnWHVnIHArzIuOkDIy3dZ2XNceIwVj+bM224Zw
l34iDeI0TaIjlDVs0zEhpzX4c9vVEQ9DTmDTtXfqCy7nwtO3AwdzV6hDMiYDg6C5
4AxUO/toLgi+v3J1UQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:59:52 2025 by rpki-client