Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/k89OeSfhBJZOTJb0QWSc40F0zjo.cer
File: k89OeSfhBJZOTJb0QWSc40F0zjo.cer (raw, json)
Hash identifier: s2jgU1ffGWlv0ODiAydIfwMp/9GHQKxrHm0OYAiPjVI=
Subject key identifier: 93:CF:4E:79:27:E1:04:96:4E:4C:96:F4:41:64:9C:E3:41:74:CE:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D946B38A4DE3E3D9C6CF96F375D448
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:21 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 56349
IP: 46.227.176.0/21
IP: 2a02:6380::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:46:b3:8a:4d:e3:e3:d9:c6:cf:96:f3:75:d4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93cf4e7927e104964e4c96f441649ce34174ce3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:da:53:f1:bc:5a:5b:57:c8:69:c9:8d:c3:d7:
c5:36:c5:8b:16:be:e7:64:ad:17:dc:09:6c:2d:6f:
e0:72:f5:c6:fe:ec:91:bf:8b:ed:61:25:a5:b1:fd:
0b:0a:52:7c:7b:6f:10:ff:2b:38:be:8b:45:01:e6:
06:d7:f8:ec:f6:bb:31:f7:71:81:fe:5a:f9:13:ee:
d9:25:2c:d4:17:fe:e2:bc:6c:02:75:01:13:5d:90:
b5:d7:d6:d7:2e:c7:61:1f:dd:19:be:b4:bf:d3:f8:
f2:a4:aa:37:3c:4e:35:99:eb:3d:43:41:35:46:ee:
95:0e:5e:b5:26:63:e4:e8:10:bf:07:73:27:c8:f0:
15:26:92:9c:b4:f5:26:86:3b:f7:3d:26:ac:8b:33:
0f:cf:69:b1:10:d3:b1:74:b5:86:4c:f0:da:55:e7:
a7:0f:ff:78:2e:b4:5e:e9:60:dd:ce:59:45:61:55:
e1:5a:d1:b4:6b:61:f4:56:73:58:73:89:59:ab:1c:
bf:40:0b:1e:6a:a6:e8:8d:4a:27:63:a5:a8:94:db:
98:f2:79:ae:fe:32:65:68:64:0f:24:1e:bf:f6:b0:
91:43:36:f6:b1:e0:8c:34:43:6a:41:94:3e:97:a1:
42:f3:00:c2:1e:78:15:5a:9b:77:3f:d5:47:38:e1:
a2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CF:4E:79:27:E1:04:96:4E:4C:96:F4:41:64:9C:E3:41:74:CE:3A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.176.0/21
IPv6:
2a02:6380::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56349
Signature Algorithm: sha256WithRSAEncryption
a9:64:87:f0:ae:9d:53:62:41:44:85:d6:63:12:8f:72:b6:a8:
c9:f9:5c:4f:11:b4:e4:01:be:f4:08:ad:12:da:aa:1c:47:1b:
9c:ac:6b:d5:8e:1c:16:b1:73:1a:18:d9:cd:c6:b7:35:73:62:
67:5f:c3:8b:ab:92:4b:14:63:f3:88:51:d1:a9:ba:c1:e3:6f:
dd:49:94:97:60:a6:e9:4c:75:af:1c:04:aa:2a:58:c0:71:5c:
b9:c5:03:ae:81:51:e6:de:21:83:35:cc:d7:9f:32:7f:d2:67:
b9:7d:b6:c1:6e:bd:aa:25:f8:59:c1:68:99:b8:d5:34:5c:08:
bb:ac:1e:ed:9d:d9:ff:93:da:ce:6f:62:6a:54:29:42:e2:7b:
95:3d:f9:a9:73:38:3c:7a:37:b5:c0:13:51:a1:95:ac:78:57:
22:4d:3d:87:2a:60:d3:c6:52:51:74:34:28:51:ac:a6:aa:dc:
32:3d:de:81:4c:b6:a9:e5:5b:9b:f8:3c:4e:ef:5a:64:24:60:
94:ca:7f:39:1d:29:7c:23:8a:e5:44:a3:38:27:c1:4b:aa:82:
09:31:6f:03:58:1d:c4:ca:11:07:3a:28:ec:c9:46:08:3e:27:
23:e5:6e:64:96:da:bb:1d:e6:9d:1e:52:42:ef:12:11:7d:0a:
02:94:e4:8f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQm2Uazik3j49nGz5bzddRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2NmNGU3OTI3ZTEwNDk2NGU0Yzk2ZjQ0MTY0OWNlMzQxNzRjZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9pT8bxaW1fIacmNw9fFNsWLFr7n
ZK0X3AlsLW/gcvXG/uyRv4vtYSWlsf0LClJ8e28Q/ys4votFAeYG1/js9rsx93GB
/lr5E+7ZJSzUF/7ivGwCdQETXZC119bXLsdhH90ZvrS/0/jypKo3PE41mes9Q0E1
Ru6VDl61JmPk6BC/B3MnyPAVJpKctPUmhjv3PSasizMPz2mxENOxdLWGTPDaVeen
D/94LrRe6WDdzllFYVXhWtG0a2H0VnNYc4lZqxy/QAseaqbojUonY6WolNuY8nmu
/jJlaGQPJB6/9rCRQzb2seCMNENqQZQ+l6FC8wDCHngVWpt3P9VHOOGirwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJPPTnkn4QSWTkyW9EFknONBdM46MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2LzBiMDAw
Ny1kMzBhLTQ5OTQtYWIwMC1iZDViNGU1NDcxMmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvMGIwMDA3
LWQzMGEtNDk5NC1hYjAwLWJkNWI0ZTU0NzEyYi8xL2s4OU9lU2ZoQkpaT1RKYjBR
V1NjNDBGMHpqby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDLuOwMA0EAgACMAcDBQAqAmOAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDcHTANBgkqhkiG9w0BAQsFAAOCAQEAqWSH8K6dU2JB
RIXWYxKPcraoyflcTxG05AG+9AitEtqqHEcbnKxr1Y4cFrFzGhjZzca3NXNiZ1/D
i6uSSxRj84hR0am6weNv3UmUl2Cm6Ux1rxwEqipYwHFcucUDroFR5t4hgzXM158y
f9JnuX22wW69qiX4WcFombjVNFwIu6we7Z3Z/5Pazm9ialQpQuJ7lT35qXM4PHo3
tcATUaGVrHhXIk09hypg08ZSUXQ0KFGspqrcMj3egUy2qeVbm/g8Tu9aZCRglMp/
OR0pfCOK5USjOCfBS6qCCTFvA1gdxMoRBzoo7MlGCD4nI+VuZJbaux3mnR5SQu8S
EX0KApTkjw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:57:34 2025 by rpki-client