Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
File: knaysJMpLF-nXm4UwqSZrIR-QWs.cer (raw, json)
Hash identifier: n074vIS1bXfGUKdK6e9ETz2TVSR34wOGlkyQJru92SM=
Subject key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942522146B8DA5FDE28399BB9910CE850F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:38 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 25046
IP: 91.90.128.0/20
IP: 194.29.32.0/20
IP: 2001:67c:2840::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:14:6b:8d:a5:fd:e2:83:99:bb:99:10:ce:85:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:32:26:50:33:04:1e:89:3e:53:c9:2e:54:
c7:95:8d:86:a9:82:31:25:db:ea:54:5a:8a:f0:92:
bd:0b:69:62:93:e8:01:25:5e:0c:6c:b0:47:ef:fc:
7b:f6:15:9b:af:85:73:e6:e8:59:64:6f:68:d5:9c:
1c:67:8e:fc:d8:74:fe:b4:34:13:fd:23:c8:a0:e5:
10:34:b9:d4:26:b3:a5:4e:51:59:28:88:2b:40:5c:
b5:a4:b0:24:ae:e5:ee:b9:48:03:c3:88:8e:55:d0:
03:4a:c9:5c:f5:a4:ec:f2:ab:ed:5a:15:d9:d1:f7:
b3:dc:e3:f7:ef:38:f1:67:d1:82:56:44:a7:b4:54:
7d:64:da:bc:4f:80:ab:99:77:1f:55:5c:ce:87:5c:
ef:6d:b0:16:ad:30:45:8e:3e:0d:f4:10:fb:c2:3a:
8b:e3:18:af:dd:8d:84:d0:60:4e:e5:a8:a3:8a:fd:
3f:ad:ca:24:c8:2d:19:15:d3:d3:62:b0:aa:a6:35:
20:08:78:11:91:10:19:ef:bd:b3:51:c9:1b:bb:5a:
df:70:07:ac:e1:99:1e:4c:18:90:22:63:9d:77:01:
6c:04:d8:0d:9c:fd:4e:68:39:3c:52:61:5a:94:1a:
6f:65:a4:05:a5:a5:13:41:bd:ba:de:9c:e7:ad:4e:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.128.0/20
194.29.32.0/20
IPv6:
2001:67c:2840::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
25046
Signature Algorithm: sha256WithRSAEncryption
3a:84:0e:1d:9f:30:f2:09:ba:4c:43:9e:d3:27:e9:0a:36:12:
e4:3c:fd:7e:fd:a3:35:73:96:c8:66:79:31:b1:d1:85:31:3a:
20:f4:94:34:b0:72:ed:46:46:67:aa:f0:d6:10:07:e1:c4:6b:
6f:d7:20:76:13:1f:ee:5b:62:d3:32:d4:6d:a0:5d:51:31:a7:
84:94:b4:b4:c3:77:d5:e9:65:1e:cf:1c:cf:5a:d3:b5:34:13:
47:29:3e:d7:c9:bd:d3:2f:69:53:82:b4:cd:dd:5c:da:34:58:
04:9d:71:62:b5:e7:7f:7c:07:da:cb:eb:c1:33:9b:59:5c:cf:
6f:d0:f7:b2:87:e1:3b:f8:b5:66:6a:8d:af:3c:ed:35:4f:0a:
bc:11:0b:bc:8c:3a:c3:df:30:b1:7f:6c:85:a9:74:8b:8c:04:
dd:83:db:93:f6:23:76:42:1f:33:f1:be:a5:5c:3f:af:ad:5b:
62:d3:b8:ab:08:2c:69:f5:a5:ea:27:f6:70:6b:46:70:b8:c2:
5f:c6:2c:43:10:6c:90:2f:10:2c:f0:3a:b7:18:b4:78:4b:52:
4b:a5:bb:e7:15:7e:cf:2c:6d:d0:01:9f:df:73:66:79:4f:8b:
70:b7:78:6d:68:4f:de:98:87:11:60:46:db:59:9a:d4:88:dc:
50:0f:5c:55
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZQlIhRrjaX94oOZu5kQzoUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc2YjJiMDkzMjkyYzVmYTc1ZTZlMTRjMmE0OTlhYzg0N2U0MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OMyJlAzBB6JPlPJLlTHlY2GqYIx
JdvqVFqK8JK9C2lik+gBJV4MbLBH7/x79hWbr4Vz5uhZZG9o1ZwcZ4782HT+tDQT
/SPIoOUQNLnUJrOlTlFZKIgrQFy1pLAkruXuuUgDw4iOVdADSslc9aTs8qvtWhXZ
0fez3OP37zjxZ9GCVkSntFR9ZNq8T4CrmXcfVVzOh1zvbbAWrTBFjj4N9BD7wjqL
4xiv3Y2E0GBO5aijiv0/rcokyC0ZFdPTYrCqpjUgCHgRkRAZ772zUckbu1rfcAes
4ZkeTBiQImOddwFsBNgNnP1OaDk8UmFalBpvZaQFpaUTQb263pznrU6AxwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJJ2srCTKSxfp15uFMKkmayEfkFrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZlLzNmYTky
Zi1jYWJkLTQxM2ItYWU1Yy02OWI3MzNjYmM1MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUvM2ZhOTJm
LWNhYmQtNDEzYi1hZTVjLTY5YjczM2NiYzUyOC8xL2tuYXlzSk1wTEYtblhtNFV3
cVNacklSLVFXcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQEW1qAAwQEwh0gMA8EAgACMAkDBwAgAQZ8KEAw
GQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICYdYwDQYJKoZIhvcNAQELBQADggEBADqE
Dh2fMPIJukxDntMn6Qo2EuQ8/X79ozVzlshmeTGx0YUxOiD0lDSwcu1GRmeq8NYQ
B+HEa2/XIHYTH+5bYtMy1G2gXVExp4SUtLTDd9XpZR7PHM9a07U0E0cpPtfJvdMv
aVOCtM3dXNo0WASdcWK15398B9rL68Ezm1lcz2/Q97KH4Tv4tWZqja887TVPCrwR
C7yMOsPfMLF/bIWpdIuMBN2D25P2I3ZCHzPxvqVcP6+tW2LTuKsILGn1peon9nBr
RnC4wl/GLEMQbJAvECzwOrcYtHhLUkulu+cVfs8sbdABn99zZnlPi3C3eG1oT96Y
hxFgRttZmtSI3FAPXFU=
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:02:47 2025 by rpki-client