Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
File: lNmOj-xoB3WhVyZuDGt4sUGjT14.cer (raw, json)
Hash identifier: m/gYinBCcRD52/3kGeejf2JtUsuth4tkLjEoFezzhoI=
Subject key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FC97DEA727C36085E8FBB5E53ABF59
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:48:18 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8254
AS: 15626
AS: 21100
AS: 34787
AS: 50979
AS: 59729
AS: 204957
IP: 5.34.176.0/21
IP: 45.90.56.0/22
IP: 46.28.64.0/21
IP: 62.233.57.0/24
IP: 82.117.252.0/22
IP: 82.118.16.0/21
IP: 85.90.196.0/22
IP: 185.14.28.0/22
IP: 185.82.216.0/22
IP: 193.238.152.0/22
IP: 195.123.208.0 -- 195.123.247.255
IP: 195.211.96.0/22
IP: 217.12.192.0/19
IP: 2a02:27a8::/29
IP: 2a05:9400::/29
IP: 2a12:6fc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:97:de:a7:27:c3:60:85:e8:fb:b5:e5:3a:bf:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:db:f1:68:de:c8:af:5a:98:b2:aa:9f:6c:8e:
85:09:8a:56:64:5d:45:a9:ad:cc:1d:38:0b:02:c3:
72:de:8e:b7:a7:e5:da:57:9c:6d:1a:e6:b5:c2:b5:
bf:44:c8:22:1d:bf:60:b6:9a:0d:a4:26:a1:88:de:
c4:5b:ca:ca:ec:66:30:31:08:ab:92:a7:46:f6:2e:
01:78:80:60:23:55:80:58:bc:16:fd:a7:80:a8:7f:
6e:39:d0:df:92:29:b9:73:16:f0:20:e6:a4:32:4a:
2e:17:6e:9a:cf:1b:cf:6a:d7:b4:c7:99:a0:6b:30:
c5:ba:36:e6:a6:7a:1b:3e:b9:0a:25:ad:33:f7:a2:
22:69:54:82:67:b0:99:33:17:c0:c2:74:b5:f3:5e:
28:69:d3:a6:a7:58:b6:15:89:4f:b7:a6:ea:f9:b2:
5e:e9:59:32:00:85:8b:ea:d3:b7:20:58:06:f1:3e:
0c:90:70:83:98:dd:26:24:56:ea:73:2e:f0:8b:2e:
da:0e:9a:b3:54:a0:f9:a7:10:26:6a:ad:1a:a9:a9:
47:dd:33:b8:60:85:92:31:e8:c3:95:b9:04:f4:4c:
32:e2:00:b4:b4:b6:52:b0:26:9d:19:54:0e:51:21:
92:d4:a9:be:51:49:df:c7:c6:b8:37:f8:59:98:c4:
19:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/21
45.90.56.0/22
46.28.64.0/21
62.233.57.0/24
82.117.252.0/22
82.118.16.0/21
85.90.196.0/22
185.14.28.0/22
185.82.216.0/22
193.238.152.0/22
195.123.208.0-195.123.247.255
195.211.96.0/22
217.12.192.0/19
IPv6:
2a02:27a8::/29
2a05:9400::/29
2a12:6fc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8254
15626
21100
34787
50979
59729
204957
Signature Algorithm: sha256WithRSAEncryption
9a:68:f1:ef:ab:2f:9e:f2:6d:8c:d3:26:4b:f5:ef:62:9a:12:
34:6b:d5:c5:20:6d:f4:f2:6c:1b:d5:1c:5e:a0:e9:71:d3:bb:
4b:7a:72:fb:a0:34:ef:6d:36:db:7c:f2:1e:32:58:cb:9a:03:
b8:d3:b2:d6:66:55:29:2d:02:4f:21:3b:ce:01:19:71:4b:83:
4d:e0:d6:58:30:0e:ab:b8:7a:75:d1:ed:84:ee:40:01:6f:ac:
fe:b3:81:49:73:dd:9c:c3:14:9f:17:eb:ec:5f:70:ba:91:7b:
9e:d7:78:a7:bf:ac:18:bb:f1:44:a6:31:fc:34:cb:db:4b:05:
ac:bd:49:65:4f:b7:6c:93:cd:9b:0c:c9:e9:02:2e:37:96:41:
9e:6d:e4:08:dc:21:12:0e:d3:42:32:27:80:30:6e:08:5c:ed:
95:60:50:18:e9:ba:60:f1:06:62:6d:62:2c:37:4d:d2:69:6f:
54:c5:89:92:4d:12:a6:12:f7:d8:4b:d4:59:27:de:03:44:38:
af:8b:e4:13:8b:12:0e:21:e4:67:89:51:87:70:91:3c:00:e4:
be:e4:34:bc:71:89:f6:05:b9:45:59:fc:9b:06:1d:bd:05:b2:
9d:c4:e2:51:58:3d:99:8a:33:e2:48:71:69:85:50:51:12:e5:
66:66:8d:42
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAZQl/JfepyfDYIXo+7XlOr9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ5OGU4ZmVjNjgwNzc1YTE1NzI2NmUwYzZiNzhiMTQxYTM0ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidvxaN7Ir1qYsqqfbI6FCYpWZF1F
qa3MHTgLAsNy3o63p+XaV5xtGua1wrW/RMgiHb9gtpoNpCahiN7EW8rK7GYwMQir
kqdG9i4BeIBgI1WAWLwW/aeAqH9uOdDfkim5cxbwIOakMkouF26azxvPate0x5mg
azDFujbmpnobPrkKJa0z96IiaVSCZ7CZMxfAwnS1814oadOmp1i2FYlPt6bq+bJe
6VkyAIWL6tO3IFgG8T4MkHCDmN0mJFbqcy7wiy7aDpqzVKD5pxAmaq0aqalH3TO4
YIWSMejDlbkE9Ewy4gC0tLZSsCadGVQOUSGS1Km+UUnfx8a4N/hZmMQZ5wIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFJTZjo/saAd1oVcmbgxreLFBo09eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcyLzdhZTNj
Ny02N2U0LTQ0ZGUtYjEzOS04N2QxN2RmNzRjN2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvN2FlM2M3
LTY3ZTQtNDRkZS1iMTM5LTg3ZDE3ZGY3NGM3ZS8xL2xObU9qLXhvQjNXaFZ5WnVE
R3Q0c1VHalQxNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGMBggrBgEF
BQcBBwEB/wR9MHswXAQCAAEwVgMEAwUisAMEAi1aOAMEAy4cQAMEAD7pOQMEAlJ1
/AMEA1J2EAMEAlVaxAMEArkOHAMEArlS2AMEAsHumDAMAwQEw3vQAwQDw3vwAwQC
w9NgAwQF2QzAMBsEAgACMBUDBQMqAieoAwUDKgWUAAMFAyoSb8AwNQYIKwYBBQUH
AQgBAf8EJjAkoCIwIAICID4CAj0KAgJSbAIDAIfjAgMAxyMCAwDpUQIDAyCdMA0G
CSqGSIb3DQEBCwUAA4IBAQCaaPHvqy+e8m2M0yZL9e9imhI0a9XFIG308mwb1Rxe
oOlx07tLenL7oDTvbTbbfPIeMljLmgO407LWZlUpLQJPITvOARlxS4NN4NZYMA6r
uHp10e2E7kABb6z+s4FJc92cwxSfF+vsX3C6kXue13inv6wYu/FEpjH8NMvbSwWs
vUllT7dsk82bDMnpAi43lkGebeQI3CESDtNCMieAMG4IXO2VYFAY6bpg8QZibWIs
N03SaW9UxYmSTRKmEvfYS9RZJ94DRDivi+QTixIOIeRniVGHcJE8AOS+5DS8cYn2
BblFWfybBh29BbKdxOJRWD2ZijPiSHFphVBREuVmZo1C
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:21:00 2025 by rpki-client