Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
File: j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer (raw, json)
Hash identifier: jgQ3T5co+F/dLEmnyzVorf6cccXvbCwRZglqKskWHKo=
Subject key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D633A34D84935D356D844CF4573604
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:16 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2.57.168.0/22
IP: 5.253.226.0/24
IP: 45.8.16.0/22
IP: 45.14.180.0/22
IP: 45.80.168.0/22
IP: 45.83.4.0/22
IP: 45.90.20.0/22
IP: 45.95.236.0/22
IP: 45.131.76.0/22
IP: 45.157.128.0/22
IP: 79.110.236.0/24
IP: 91.242.245.0/24
IP: 146.19.26.0/24
IP: 146.19.160.0/24
IP: 176.126.100.0/24
IP: 194.99.112.0/24
IP: 194.104.1.0/24
IP: 194.104.85.0/24
IP: 212.52.12.0/24
IP: 217.119.142.0/24
IP: 2a05:e900::/29
IP: 2a0a:82c0::/29
IP: 2a0d:3bc0::/29
IP: 2a0e:3e00::/29
IP: 2a10:2940::/29
IP: 2a10:29c0::/29
IP: 2a10:2a40::/29
IP: 2a10:2ac0::/29
IP: 2a10:2b40::/29
IP: 2a10:2bc0::/29
IP: 2a10:2c40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:33:a3:4d:84:93:5d:35:6d:84:4c:f4:57:36:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:33:6a:fa:2d:76:73:06:45:c3:4b:d3:e9:5f:
1e:44:da:d1:82:0b:fe:3e:7f:a7:1e:4a:14:aa:a7:
34:e3:8a:6e:07:d9:2d:ca:de:b2:af:b0:8a:8b:c0:
2b:93:30:02:df:a2:11:06:46:df:a4:47:ec:b3:6e:
89:6c:78:a7:80:ec:36:df:9e:65:d0:72:a5:57:9d:
af:9a:cf:aa:90:9a:37:2e:f4:bf:93:5b:ab:db:6f:
c3:14:0b:75:6a:46:0f:ea:7e:51:5c:9a:93:22:e6:
69:42:07:4c:7a:5f:eb:18:c6:49:98:79:23:40:57:
20:e4:6f:61:c3:6e:d5:f0:3a:30:77:2d:a9:d3:91:
60:d1:5e:5c:82:30:c7:af:c8:b3:cd:9a:e9:0d:52:
f4:fc:24:65:cf:b5:c0:b1:b1:da:0b:1d:e3:84:bc:
4b:13:94:ff:2e:0b:90:22:db:24:48:d9:ef:93:23:
d6:1c:97:83:2f:77:46:ba:e5:8b:43:09:04:80:db:
12:48:d4:36:e3:12:ee:e2:3d:8d:b4:b7:3b:16:32:
d6:75:3b:48:d5:c6:c6:ee:37:e4:b3:79:6e:81:2f:
69:29:7c:21:61:59:0a:79:65:c2:af:64:e0:51:54:
dc:76:57:ac:8c:56:93:c6:b4:f5:99:23:2f:d3:ce:
3e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.168.0/22
5.253.226.0/24
45.8.16.0/22
45.14.180.0/22
45.80.168.0/22
45.83.4.0/22
45.90.20.0/22
45.95.236.0/22
45.131.76.0/22
45.157.128.0/22
79.110.236.0/24
91.242.245.0/24
146.19.26.0/24
146.19.160.0/24
176.126.100.0/24
194.99.112.0/24
194.104.1.0/24
194.104.85.0/24
212.52.12.0/24
217.119.142.0/24
IPv6:
2a05:e900::/29
2a0a:82c0::/29
2a0d:3bc0::/29
2a0e:3e00::/29
2a10:2940::/29
2a10:29c0::/29
2a10:2a40::/29
2a10:2ac0::/29
2a10:2b40::/29
2a10:2bc0::/29
2a10:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
a8:22:1a:42:9a:1c:19:6e:f0:f7:15:e5:ec:be:31:6a:eb:38:
0e:6a:ba:27:d6:ba:52:4b:56:2f:7d:bd:6b:08:e9:aa:dd:af:
f6:60:9f:50:b5:73:39:95:56:83:6a:76:c2:fa:e7:bb:2c:70:
b5:2c:a7:e1:2a:a2:0d:d8:67:0d:8a:00:3d:de:e5:ba:f7:35:
7f:6e:95:37:5d:7c:e6:84:ac:34:8a:89:c3:ef:f3:5d:da:1e:
61:cf:0c:d6:c6:f0:61:ff:46:86:34:8d:9c:a0:0d:8b:51:95:
0b:f3:68:80:d3:1e:b5:cf:a7:aa:f8:28:1a:1a:a3:00:bf:68:
30:ba:1a:41:26:f9:b5:d8:73:71:99:36:ee:8c:a8:9a:cf:62:
24:1f:b8:d4:cd:ff:96:8b:c6:9c:24:98:8a:a1:75:90:25:ab:
fe:7a:0a:a7:a9:f9:f7:ca:30:c3:bf:05:d9:eb:a1:13:91:d9:
d8:36:55:30:2a:eb:db:83:52:c6:f9:96:56:b0:5e:f9:76:3a:
f1:2a:38:75:56:59:3a:21:8f:c9:04:6f:6d:ae:1e:79:57:9e:
96:5c:fe:23:35:47:8c:ac:66:64:29:b2:91:69:5a:35:f1:55:
f1:35:a9:06:c2:37:b7:7e:de:34:cf:c6:4c:40:6a:cb:4c:b2:
7b:b3:af:60
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgISAZQg1jOjTYSTXTVthEz0VzYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM2OTY0NjQ1N2E4YmY4ZWY5NTY5YjliNDI3ZTlmMmM0NjJlNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjNq+i12cwZFw0vT6V8eRNrRggv+
Pn+nHkoUqqc044puB9ktyt6yr7CKi8ArkzAC36IRBkbfpEfss26JbHingOw2355l
0HKlV52vms+qkJo3LvS/k1ur22/DFAt1akYP6n5RXJqTIuZpQgdMel/rGMZJmHkj
QFcg5G9hw27V8Dowdy2p05Fg0V5cgjDHr8izzZrpDVL0/CRlz7XAsbHaCx3jhLxL
E5T/LguQItskSNnvkyPWHJeDL3dGuuWLQwkEgNsSSNQ24xLu4j2NtLc7FjLWdTtI
1cbG7jfks3lugS9pKXwhYVkKeWXCr2TgUVTcdlesjFaTxrT1mSMv084+rwIDAQAB
o4IDTjCCA0owHQYDVR0OBBYEFI/GlkZFeov475VpubQn6fLEYuVuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc3LzlmYWI1
Yy1lMTM4LTRlZjYtODc5OS1iMGIzNWEzNGUzODgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvOWZhYjVj
LWUxMzgtNGVmNi04Nzk5LWIwYjM1YTM0ZTM4OC8xL2o4YVdSa1Y2aV9qdmxXbTV0
Q2ZwOHNSaTVXNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHoBggrBgEF
BQcBBwEB/wSB2DCB1TB+BAIAATB4AwQCAjmoAwQABf3iAwQCLQgQAwQCLQ60AwQC
LVCoAwQCLVMEAwQCLVoUAwQCLV/sAwQCLYNMAwQCLZ2AAwQAT27sAwQAW/L1AwQA
khMaAwQAkhOgAwQAsH5kAwQAwmNwAwQAwmgBAwQAwmhVAwQA1DQMAwQA2XeOMFME
AgACME0DBQMqBekAAwUDKgqCwAMFAyoNO8ADBQMqDj4AAwUDKhApQAMFAyoQKcAD
BQMqECpAAwUDKhAqwAMFAyoQK0ADBQMqECvAAwUDKhAsQDANBgkqhkiG9w0BAQsF
AAOCAQEAqCIaQpocGW7w9xXl7L4xaus4Dmq6J9a6UktWL329awjpqt2v9mCfULVz
OZVWg2p2wvrnuyxwtSyn4SqiDdhnDYoAPd7luvc1f26VN1185oSsNIqJw+/zXdoe
Yc8M1sbwYf9GhjSNnKANi1GVC/NogNMetc+nqvgoGhqjAL9oMLoaQSb5tdhzcZk2
7oyoms9iJB+41M3/lovGnCSYiqF1kCWr/noKp6n598oww78F2euhE5HZ2DZVMCrr
24NSxvmWVrBe+XY68So4dVZZOiGPyQRvba4eeVeellz+IzVHjKxmZCmykWlaNfFV
8TWpBsI3t37eNM/GTEBqy0yye7OvYA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:08:00 2025 by rpki-client