Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
File: iOZzGonffpNxq6M-sU1y9h45gLk.cer (raw, json)
Hash identifier: Spyj6ApZH167SQbqTO/NDQt3Rl6BH0By0qIgxbs8Cg0=
Subject key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5D6ABE89602C29FAEB0EB9AA9E669
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:47:52 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 5.134.200.0/21
IP: 5.134.224.0/19
IP: 89.47.80.0/21
IP: 93.113.164.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d6:ab:e8:96:02:c2:9f:ae:b0:eb:9a:a9:e6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:71:8c:7d:12:9b:f5:a2:b3:65:2d:22:35:
56:d8:3c:65:e5:c6:23:1e:8e:6d:00:11:b9:83:15:
69:3a:fb:f1:db:cc:f8:bf:13:4a:e1:bf:02:30:c9:
ff:17:55:12:1f:24:44:fe:cd:57:0b:f1:76:af:95:
09:dc:b1:42:49:6c:af:c4:76:63:c0:5f:c6:59:b7:
17:a0:b9:7a:ba:31:ea:7d:c6:19:89:0c:1c:42:f7:
7a:43:99:91:53:01:a0:f4:80:b5:e9:ee:28:b3:5c:
81:17:40:4f:19:f5:c7:83:85:36:39:a8:fe:05:eb:
d3:b2:f0:03:05:04:2c:55:c3:b3:e6:13:21:cc:4b:
3c:80:ad:82:39:d7:e8:51:1b:a9:2d:23:d2:7a:c9:
92:16:46:ca:11:77:12:dd:4e:58:34:b7:4a:7d:b7:
3b:f0:a1:f3:2e:f7:cd:ba:07:ce:74:96:e2:a3:37:
83:de:ad:83:a2:db:c6:37:af:93:3e:b3:a7:4c:c6:
af:c8:84:2e:94:e7:1b:18:be:77:ed:be:df:14:34:
a9:f3:ee:38:37:ab:d1:70:60:f1:e7:49:b4:18:d0:
01:fb:2d:e6:c8:7a:7a:66:76:f2:ce:75:a6:aa:23:
b3:90:a3:d4:3f:eb:4f:eb:05:73:94:ac:f1:0b:e0:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.200.0/21
5.134.224.0/19
89.47.80.0/21
93.113.164.0/22
Signature Algorithm: sha256WithRSAEncryption
43:6e:3c:e6:9f:2b:36:d5:25:2d:b1:dc:26:78:54:5f:ac:78:
ea:e3:7e:ac:36:4e:29:90:d6:3f:46:11:fc:bf:a7:09:02:20:
9e:31:7b:0d:b0:22:18:09:bf:a3:7e:5b:42:f4:65:3f:c2:e3:
af:20:6f:26:b2:a1:6b:3b:66:65:5a:5e:93:98:e7:27:a1:c8:
34:83:1b:1c:73:f2:51:a6:57:ee:b6:59:4d:1d:9b:2b:eb:55:
18:46:ec:e7:6f:cc:aa:42:28:fc:0f:b7:77:78:96:f6:20:fe:
b7:13:3d:f8:b2:8a:4e:fa:0b:22:64:24:6f:d5:1e:2e:31:dc:
22:5d:a2:be:ac:6c:3a:3c:c2:b2:90:c5:2a:25:94:8f:a8:25:
aa:72:84:8f:a4:84:1a:ed:ca:c8:77:39:77:36:83:f7:66:c1:
44:17:41:f0:93:48:4f:9e:8b:cb:97:a0:50:69:55:40:3c:35:
34:a5:49:79:9d:ef:07:70:3a:29:3b:c5:7f:0f:31:62:4d:2a:
f2:b6:4f:79:28:35:6e:64:33:51:9b:24:a7:12:59:6a:4e:b9:
2d:18:cc:7b:db:63:52:ee:ae:af:02:a4:74:e0:1e:46:76:22:
03:85:48:67:be:ee:c0:68:a0:fe:76:af:ab:1f:39:58:7c:10:
85:42:41:e6
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZQg1dar6JYCwp+usOuaqeZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU2NzMxYTg5ZGY3ZTkzNzFhYmEzM2ViMTRkNzJmNjFlMzk4MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvElxjH0Sm/Wis2UtIjVW2Dxl5cYj
Ho5tABG5gxVpOvvx28z4vxNK4b8CMMn/F1USHyRE/s1XC/F2r5UJ3LFCSWyvxHZj
wF/GWbcXoLl6ujHqfcYZiQwcQvd6Q5mRUwGg9IC16e4os1yBF0BPGfXHg4U2Oaj+
BevTsvADBQQsVcOz5hMhzEs8gK2COdfoURupLSPSesmSFkbKEXcS3U5YNLdKfbc7
8KHzLvfNugfOdJbiozeD3q2DotvGN6+TPrOnTMavyIQulOcbGL537b7fFDSp8+44
N6vRcGDx50m0GNAB+y3myHp6ZnbyznWmqiOzkKPUP+tP6wVzlKzxC+CEiwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFIjmcxqJ336TcaujPrFNcvYeOYC5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2LzMzNmNi
My1mNGY3LTRkOGEtOTVjZS02YmNmNGE0MmFjN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvMzM2Y2Iz
LWY0ZjctNGQ4YS05NWNlLTZiY2Y0YTQyYWM3ZC8xL2lPWnpHb25mZnBOeHE2TS1z
VTF5OWg0NWdMay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQDBYbIAwQFBYbgAwQDWS9QAwQCXXGkMA0GCSqG
SIb3DQEBCwUAA4IBAQBDbjzmnys21SUtsdwmeFRfrHjq436sNk4pkNY/RhH8v6cJ
AiCeMXsNsCIYCb+jfltC9GU/wuOvIG8msqFrO2ZlWl6TmOcnocg0gxscc/JRplfu
tllNHZsr61UYRuznb8yqQij8D7d3eJb2IP63Ez34sopO+gsiZCRv1R4uMdwiXaK+
rGw6PMKykMUqJZSPqCWqcoSPpIQa7crIdzl3NoP3ZsFEF0Hwk0hPnovLl6BQaVVA
PDU0pUl5ne8HcDopO8V/DzFiTSrytk95KDVuZDNRmySnEllqTrktGMx722NS7q6v
AqR04B5GdiIDhUhnvu7AaKD+dq+rHzlYfBCFQkHm
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:42:45 2025 by rpki-client