Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer
File: ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer (raw, json)
Hash identifier: zXHIl8AB66FMXLxXDALf6uBL3AA8h2csnLB0+AKRe7M=
Subject key identifier: 8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942369042FC2D2DD9A7EF38EA7A3424163
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:47:52 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41549
IP: 88.84.0.0/19
IP: 89.186.208.0/21
IP: 146.185.0.0/21
IP: 178.21.224.0/21
IP: 185.37.72.0/22
IP: 194.11.218.0/23
IP: 195.20.64.0/19
IP: 213.159.144.0/20
IP: 217.67.128.0/20
IP: 2a01:aec0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:04:2f:c2:d2:dd:9a:7e:f3:8e:a7:a3:42:41:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4000101ad393cadf7fc8fd63daad3c6dae124f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:07:e2:23:bb:09:9d:7b:fe:32:ad:fb:33:
7e:3a:00:bc:ec:27:5b:f4:3e:d5:4c:69:23:c8:5e:
32:91:10:26:e4:8c:3f:94:b6:4e:8f:55:bb:a7:48:
bd:5a:19:12:50:b7:c0:07:f6:d6:5d:ff:a1:fe:66:
67:64:95:ba:9a:70:f6:c4:63:92:dd:69:f9:4f:4d:
91:b1:ed:49:ce:c1:5d:04:1d:8f:a2:da:39:cf:8d:
c5:da:18:ca:28:b9:9c:67:1b:4b:a8:b7:9e:1f:7d:
7f:64:9e:59:a1:d3:00:c1:f3:c7:fc:33:e6:78:21:
9b:24:6c:df:ec:9a:c0:20:e0:e7:13:5d:9c:50:db:
b3:ea:e9:9c:ad:f4:c6:3a:1d:41:99:37:b9:50:04:
c6:43:87:3f:b5:52:74:39:6d:ff:01:0c:68:58:15:
69:dd:1a:03:72:2c:06:e9:e5:17:aa:c8:81:e4:b7:
6d:48:3f:86:3f:b0:6d:bc:98:fd:32:1f:1c:2f:31:
8f:57:b7:0f:7f:93:61:b1:a3:44:12:bd:98:77:b8:
67:17:45:27:94:9a:b7:d5:b6:6b:98:4c:37:fb:2e:
8c:8a:54:31:a0:ad:c4:46:d7:5f:d1:db:15:1b:a4:
06:ad:86:b4:b2:75:b1:91:9f:7c:f5:3f:19:b2:a3:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.0.0/19
89.186.208.0/21
146.185.0.0/21
178.21.224.0/21
185.37.72.0/22
194.11.218.0/23
195.20.64.0/19
213.159.144.0/20
217.67.128.0/20
IPv6:
2a01:aec0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41549
Signature Algorithm: sha256WithRSAEncryption
50:88:80:10:f3:6f:f0:d0:bf:ca:77:8f:77:be:e3:a6:54:29:
71:5d:9b:05:32:c7:f9:2c:cd:ef:19:73:bf:6b:dd:2b:27:74:
e9:ac:f4:76:18:19:b5:6c:9a:ac:62:67:4b:bb:cd:93:bd:f7:
e6:ae:64:b5:16:40:ac:b9:30:82:dd:07:dd:41:70:78:8f:76:
1d:55:28:c4:bf:11:85:43:bf:94:4e:58:c5:58:b9:0d:0a:a3:
4c:20:2d:09:d4:57:d1:68:31:4d:95:a2:22:68:83:98:87:4c:
89:0e:de:8b:0c:0a:63:69:ed:98:3c:00:f3:1f:6f:ff:62:84:
62:d3:d2:c6:fa:14:1b:4a:1d:0a:02:fb:52:6f:57:9a:d6:6c:
c7:83:c3:02:38:35:d9:d5:17:39:a7:60:62:fc:3b:ef:a7:06:
0f:0f:39:9d:a5:95:d5:b6:32:0b:ee:5b:00:74:b7:0c:3f:f0:
75:47:cb:4b:a3:fd:1f:bd:83:db:5c:54:33:6b:97:2d:dc:66:
24:83:12:65:0e:bc:32:6d:89:e7:00:22:ab:fe:71:3f:d6:71:
2b:69:29:68:5e:cb:e1:d1:b9:b4:3f:43:20:4d:75:56:e8:06:
7b:a7:c9:37:fe:d6:e3:68:1d:4e:d2:92:bc:4b:18:0e:1c:e0:
90:17:20:36
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZQjaQQvwtLdmn7zjqejQkFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQwMDAxMDFhZDM5M2NhZGY3ZmM4ZmQ2M2RhYWQzYzZkYWUxMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZkH4iO7CZ17/jKt+zN+OgC87Cdb
9D7VTGkjyF4ykRAm5Iw/lLZOj1W7p0i9WhkSULfAB/bWXf+h/mZnZJW6mnD2xGOS
3Wn5T02Rse1JzsFdBB2Poto5z43F2hjKKLmcZxtLqLeeH31/ZJ5ZodMAwfPH/DPm
eCGbJGzf7JrAIODnE12cUNuz6umcrfTGOh1BmTe5UATGQ4c/tVJ0OW3/AQxoWBVp
3RoDciwG6eUXqsiB5LdtSD+GP7BtvJj9Mh8cLzGPV7cPf5NhsaNEEr2Yd7hnF0Un
lJq31bZrmEw3+y6MilQxoK3ERtdf0dsVG6QGrYa0snWxkZ989T8ZsqMZ5QIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFIpAABAa05PK33/I/WParTxtrhJPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZjL2IyN2Jk
MC0zZDM5LTRkNzgtYWEyYy0xZjNjY2ZhNjFhYWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvYjI3YmQw
LTNkMzktNGQ3OC1hYTJjLTFmM2NjZmE2MWFhYy8xL2lrQUFFQnJUazhyZmY4ajlZ
OXF0UEcydUVrOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQFWFQAAwQDWbrQAwQDkrkAAwQDshXgAwQCuSVI
AwQBwgvaAwQFwxRAAwQE1Z+QAwQE2UOAMA0EAgACMAcDBQAqAa7AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCiTTANBgkqhkiG9w0BAQsFAAOCAQEAUIiAEPNv8NC/
ynePd77jplQpcV2bBTLH+SzN7xlzv2vdKyd06az0dhgZtWyarGJnS7vNk7335q5k
tRZArLkwgt0H3UFweI92HVUoxL8RhUO/lE5YxVi5DQqjTCAtCdRX0WgxTZWiImiD
mIdMiQ7eiwwKY2ntmDwA8x9v/2KEYtPSxvoUG0odCgL7Um9XmtZsx4PDAjg12dUX
OadgYvw776cGDw85naWV1bYyC+5bAHS3DD/wdUfLS6P9H72D21xUM2uXLdxmJIMS
ZQ68Mm2J5wAiq/5xP9ZxK2kpaF7L4dG5tD9DIE11VugGe6fJN/7W42gdTtKSvEsY
DhzgkBcgNg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:32 2025 by rpki-client