Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jn_O1PNOfzfnUbW0XzC5nGMR-X4.cer
File: jn_O1PNOfzfnUbW0XzC5nGMR-X4.cer (raw, json)
Hash identifier: 26reAAV+1FAvGESK6ngXFuNtxP+fwihNDaAXBD3uB/0=
Subject key identifier: 8E:7F:CE:D4:F3:4E:7F:37:E7:51:B5:B4:5F:30:B9:9C:63:11:F9:7E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D65CEFBBAD622420F6C6299E6B0C7D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/jn_O1PNOfzfnUbW0XzC5nGMR-X4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 198126
IP: 91.231.228.0/24
IP: 2001:678:3bc::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5c:ef:bb:ad:62:24:20:f6:c6:29:9e:6b:0c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e7fced4f34e7f37e751b5b45f30b99c6311f97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:9e:b8:aa:01:bb:3b:89:13:d4:ac:fe:3f:72:
6d:02:f0:27:60:da:84:f1:26:fa:45:14:34:44:d9:
8b:da:db:47:29:b6:b1:38:d8:06:5c:52:b3:76:a9:
37:ef:3a:20:53:90:98:25:92:ca:b8:c2:7d:2a:e4:
c1:9a:f9:59:59:be:2c:c5:03:13:ff:c4:ec:83:76:
d9:4f:7a:78:f2:77:5e:5d:1e:69:0d:0f:a7:c9:01:
d5:97:00:28:a1:ef:e0:91:b5:7d:9b:2d:39:41:01:
a4:1b:f2:ce:d6:2c:12:1b:4d:96:8a:98:f6:7e:ef:
d3:46:f5:8c:23:68:b6:0b:e9:c1:04:fd:26:2f:29:
68:9c:37:c7:c5:5c:60:c5:e6:09:11:2b:93:cd:f1:
4f:00:86:bd:b6:16:4c:dd:d6:b3:8f:47:90:7a:4e:
0a:97:b3:8c:09:07:df:ad:3e:a9:2c:94:f2:f3:cf:
92:f0:d9:85:f2:3b:41:c6:f4:e7:ed:fa:4d:b0:47:
11:76:ef:f2:f0:b6:80:0d:72:e0:17:e3:d6:d3:a8:
9f:6e:76:7b:a7:7f:58:77:d3:f7:54:55:9d:29:70:
16:17:07:6a:2b:60:cc:6d:fe:c7:ce:5c:59:18:e8:
e6:14:81:94:75:4c:88:b7:c2:e9:96:52:73:60:e9:
b5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7F:CE:D4:F3:4E:7F:37:E7:51:B5:B4:5F:30:B9:9C:63:11:F9:7E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/jn_O1PNOfzfnUbW0XzC5nGMR-X4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.228.0/24
IPv6:
2001:678:3bc::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198126
Signature Algorithm: sha256WithRSAEncryption
4a:a2:8d:cb:f9:c9:77:f7:00:55:09:d2:5c:70:7e:6c:ff:57:
45:37:58:d4:27:65:6c:47:2e:3e:5c:09:77:d8:54:2e:69:fa:
58:d4:c0:d6:bf:cc:b3:7a:a2:b7:ce:24:d8:02:ca:de:96:27:
b9:86:29:2b:4d:56:8e:4b:d3:cb:ea:2b:b7:38:c8:d7:0d:d3:
a1:71:4d:85:bd:be:fb:b1:9a:4c:c9:85:9d:58:1e:d2:a4:fd:
5a:e2:5a:71:9c:1e:71:d0:68:b8:8d:ab:71:6a:76:02:8d:f8:
b6:5b:aa:3e:62:ee:ce:58:7d:3f:0e:69:7b:9e:74:92:8e:85:
7c:f2:ff:e6:d9:a2:1a:16:a9:3d:86:ee:7c:9e:a8:a0:d2:1d:
a7:75:69:6e:e6:77:cc:10:bb:04:f0:50:99:07:99:e7:c6:ba:
28:91:7f:14:c2:46:ea:82:0b:71:c0:c9:bb:39:2c:69:de:9a:
71:c8:e9:d7:0d:f7:cc:11:ab:6d:2e:7f:ef:90:56:c4:42:48:
91:f1:08:21:36:e3:2d:4b:23:19:b6:30:9d:29:a8:9a:da:c0:
37:0a:45:01:e5:2b:a2:96:c8:0c:86:e3:b6:b7:db:4b:cd:88:
34:2a:cd:c2:90:3a:59:3e:6d:fb:f6:ea:22:a4:2e:45:92:1e:
7f:26:d2:2d
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZQg1lzvu61iJCD2ximeawx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdmY2VkNGYzNGU3ZjM3ZTc1MWI1YjQ1ZjMwYjk5YzYzMTFmOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/p64qgG7O4kT1Kz+P3JtAvAnYNqE
8Sb6RRQ0RNmL2ttHKbaxONgGXFKzdqk37zogU5CYJZLKuMJ9KuTBmvlZWb4sxQMT
/8Tsg3bZT3p48ndeXR5pDQ+nyQHVlwAooe/gkbV9my05QQGkG/LO1iwSG02Wipj2
fu/TRvWMI2i2C+nBBP0mLylonDfHxVxgxeYJESuTzfFPAIa9thZM3dazj0eQek4K
l7OMCQffrT6pLJTy88+S8NmF8jtBxvTn7fpNsEcRdu/y8LaADXLgF+PW06ifbnZ7
p39Yd9P3VFWdKXAWFwdqK2DMbf7HzlxZGOjmFIGUdUyIt8LpllJzYOm1vQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFI5/ztTzTn8351G1tF8wuZxjEfl+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzkxM2Nk
Ny01OTNmLTRlOTktYjVlZS0wZDA1MDM1OGU2NTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvOTEzY2Q3
LTU5M2YtNGU5OS1iNWVlLTBkMDUwMzU4ZTY1Ni8xL2puX08xUE5PZnpmblViVzBY
ekM1bkdNUi1YNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAW+fkMA8EAgACMAkDBwAgAQZ4A7wwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAwXuMA0GCSqGSIb3DQEBCwUAA4IBAQBKoo3L+cl3
9wBVCdJccH5s/1dFN1jUJ2VsRy4+XAl32FQuafpY1MDWv8yzeqK3ziTYAsrelie5
hikrTVaOS9PL6iu3OMjXDdOhcU2Fvb77sZpMyYWdWB7SpP1a4lpxnB5x0Gi4jatx
anYCjfi2W6o+Yu7OWH0/Dml7nnSSjoV88v/m2aIaFqk9hu58nqig0h2ndWlu5nfM
ELsE8FCZB5nnxrookX8UwkbqggtxwMm7OSxp3ppxyOnXDffMEattLn/vkFbEQkiR
8QghNuMtSyMZtjCdKaia2sA3CkUB5SuilsgMhuO2t9tLzYg0Ks3CkDpZPm379uoi
pC5Fkh5/JtIt
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:52:19 2025 by rpki-client