![](/console.gif)
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/l8S83VMS-KfDPeS311wVtMu8Hdo.cer
File: l8S83VMS-KfDPeS311wVtMu8Hdo.cer (raw, json)
Hash identifier: XR6Ezvg5mY6vk9uGRnXolpF0jmaCSLAXeh5lXQK/BXk=
Subject key identifier: 97:C4:BC:DD:53:12:F8:A7:C3:3D:E4:B7:D7:5C:15:B4:CB:BC:1D:DA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018FC880AB4F5EAA387EE7B7FFCFA0DF49F5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/l8S83VMS-KfDPeS311wVtMu8Hdo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 30 May 2024 07:57:06 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 207255
IP: 185.161.204.0/22
IP: 2a07:c7c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jul 2024 02:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:80:ab:4f:5e:aa:38:7e:e7:b7:ff:cf:a0:df:49:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 30 07:57:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97c4bcdd5312f8a7c33de4b7d75c15b4cbbc1dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:41:c4:cb:2d:6e:9e:b4:80:08:5f:23:78:81:
30:9e:c7:96:56:88:d8:ea:65:24:1f:f4:98:89:af:
10:e3:0a:4c:58:90:e3:83:36:8b:4e:fc:86:89:30:
72:cd:9e:ed:4d:91:8a:5c:0b:53:3a:03:6c:49:36:
f5:4d:0d:60:0a:dc:fa:10:5d:5c:b6:45:38:37:7c:
52:fd:07:e8:4e:78:67:d7:40:ca:ac:8a:9c:3a:9a:
8f:e7:38:6b:61:d2:c0:ee:05:70:76:66:68:a2:07:
3e:5f:81:e1:6b:d5:e2:6b:19:ba:84:b3:7c:e0:4b:
18:78:23:30:74:ca:a9:c9:dd:7d:2b:c3:ae:0d:e5:
c1:ce:15:fd:4e:2c:b5:3f:e3:14:fb:0d:dd:6d:3c:
59:e4:4f:c2:50:fb:00:dc:fa:53:97:54:63:5f:67:
64:70:e4:d5:e1:68:d2:fd:f8:e1:6b:ce:ce:95:89:
ad:59:a4:5e:11:22:ed:f7:09:18:a4:d0:c5:a3:ee:
52:e0:a5:4f:b2:1f:29:dc:35:87:4e:f0:c9:7d:52:
28:80:92:6e:f2:4d:aa:cd:8e:63:d1:b0:61:55:e6:
28:27:b4:42:4e:c3:6a:51:59:61:d4:95:48:4e:1d:
27:e1:d6:9e:19:4a:f2:fb:a9:20:da:75:28:0a:95:
c7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C4:BC:DD:53:12:F8:A7:C3:3D:E4:B7:D7:5C:15:B4:CB:BC:1D:DA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/l8S83VMS-KfDPeS311wVtMu8Hdo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.204.0/22
IPv6:
2a07:c7c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207255
Signature Algorithm: sha256WithRSAEncryption
32:41:5d:41:c0:ea:a8:94:f3:ed:be:18:e7:05:54:7b:e8:87:
3d:89:07:8b:b1:b5:22:4b:d6:79:9b:1b:f1:bf:af:c2:55:30:
9d:bd:12:3a:0f:77:11:42:e7:9d:22:4c:f2:cc:45:13:5e:24:
8c:d8:e6:95:78:6a:0a:40:59:2e:c9:66:f2:aa:7a:de:e8:f4:
85:b2:cf:fb:e2:24:9b:da:3e:bb:47:b8:34:d7:e1:c3:f9:75:
87:e8:20:a0:03:d9:cc:ec:07:8a:60:cc:a4:91:c2:81:f2:83:
24:c4:eb:a9:9a:8a:5d:2d:52:7b:b3:69:00:63:5b:48:64:10:
64:b0:fb:51:ff:25:55:55:dc:6f:ca:d7:f8:86:f0:68:b9:6a:
6f:45:9d:c5:96:0f:9e:72:34:c6:39:3c:44:b0:b3:64:39:88:
68:91:4a:47:64:21:41:89:5c:47:4f:f6:73:e3:e6:e3:ba:66:
eb:69:a8:1f:71:7b:60:9d:fb:1f:34:a3:28:5b:2c:d3:d5:11:
7f:19:ae:34:84:b6:b3:1f:d0:f9:08:ee:0e:76:a9:b7:3b:6a:
bc:b8:fb:53:55:45:1d:61:b1:cf:96:34:55:f7:b2:1e:5e:89:
40:e6:98:46:de:0b:be:f1:b3:79:f5:2c:51:12:1e:eb:b7:32:
2e:58:88:1c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY/IgKtPXqo4fue3/8+g30n1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTMwMDc1NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M0YmNkZDUzMTJmOGE3YzMzZGU0YjdkNzVjMTViNGNiYmMxZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0HEyy1unrSACF8jeIEwnseWVojY
6mUkH/SYia8Q4wpMWJDjgzaLTvyGiTByzZ7tTZGKXAtTOgNsSTb1TQ1gCtz6EF1c
tkU4N3xS/QfoTnhn10DKrIqcOpqP5zhrYdLA7gVwdmZoogc+X4Hha9Xiaxm6hLN8
4EsYeCMwdMqpyd19K8OuDeXBzhX9Tiy1P+MU+w3dbTxZ5E/CUPsA3PpTl1RjX2dk
cOTV4WjS/fjha87OlYmtWaReESLt9wkYpNDFo+5S4KVPsh8p3DWHTvDJfVIogJJu
8k2qzY5j0bBhVeYoJ7RCTsNqUVlh1JVITh0n4daeGUry+6kg2nUoCpXHqQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJfEvN1TEvinwz3kt9dcFbTLvB3aMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzQ0Nzc1
Zi0zN2E2LTRhODYtOWZlNS1lOTNiZGI4ZDljODUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvNDQ3NzVm
LTM3YTYtNGE4Ni05ZmU1LWU5M2JkYjhkOWM4NS8xL2w4UzgzVk1TLUtmRFBlUzMx
MXdWdE11OEhkby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuaHMMA0EAgACMAcDBQMqB8fAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMplzANBgkqhkiG9w0BAQsFAAOCAQEAMkFdQcDqqJTz
7b4Y5wVUe+iHPYkHi7G1IkvWeZsb8b+vwlUwnb0SOg93EULnnSJM8sxFE14kjNjm
lXhqCkBZLslm8qp63uj0hbLP++Ikm9o+u0e4NNfhw/l1h+ggoAPZzOwHimDMpJHC
gfKDJMTrqZqKXS1Se7NpAGNbSGQQZLD7Uf8lVVXcb8rX+IbwaLlqb0WdxZYPnnI0
xjk8RLCzZDmIaJFKR2QhQYlcR0/2c+Pm47pm62moH3F7YJ37HzSjKFss09URfxmu
NIS2sx/Q+QjuDnaptztqvLj7U1VFHWGxz5Y0VfeyHl6JQOaYRt4LvvGzefUsURIe
67cyLliIHA==
-----END CERTIFICATE-----
Generated at Fri Jul 5 10:29:26 2024 by rpki-client on console-ams.rpki-client.org