Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
File: lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer (raw, json)
Hash identifier: 0IwkV5R9ghSQK2D38kp8ukufP9Gx3BSioLRPvzk5B5w=
Subject key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01946F44ED299AF218D96A55A9FE6A74198E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 16 Jan 2025 13:19:35 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 216256
IP: 45.112.192.0/22
IP: 103.102.228.0/22
IP: 185.37.103.0/24
IP: 203.55.81.0/24
IP: 2a13:c7c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:44:ed:29:9a:f2:18:d9:6a:55:a9:fe:6a:74:19:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 16 13:19:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cc:50:a4:53:a6:ff:a0:1b:dc:b6:d4:c0:eb:
35:d4:21:23:af:c8:56:fd:e5:98:cf:c3:53:5e:51:
4d:66:2a:ef:19:31:55:74:b5:72:e8:5b:64:0a:bd:
63:44:ee:38:30:e3:42:33:a2:34:29:17:a5:0d:9e:
21:ae:9a:bf:3e:87:3a:ea:ce:60:e4:01:1c:b6:f6:
4c:77:1e:2b:99:ae:db:9e:4e:36:ec:ff:8f:1c:fd:
b9:4a:49:dd:73:ba:26:4f:5c:79:0d:4c:7c:7c:0d:
bb:3a:03:4e:80:a4:5f:1c:7a:61:42:5e:49:9a:b3:
9d:c3:2a:ea:8e:6c:00:57:9a:8e:23:7d:bf:71:67:
d1:c2:30:f1:d1:23:c9:1f:be:71:77:db:1b:30:47:
26:eb:87:46:24:a4:11:c8:79:85:1f:cd:98:65:62:
c3:94:fd:7a:b7:bc:eb:02:6a:66:0f:fc:ad:13:03:
ea:96:e1:50:de:3b:aa:19:5f:18:b3:42:fa:ee:7e:
24:78:1d:b7:75:be:7d:a9:68:9d:00:4c:4a:56:d3:
db:c1:d0:c8:a0:9a:3f:d2:88:4d:52:ef:47:93:33:
18:23:38:03:25:b6:4b:3f:17:e7:01:7a:92:4d:98:
2b:23:6f:ed:77:3e:50:91:50:d3:21:ab:ff:27:c3:
ec:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.112.192.0/22
103.102.228.0/22
185.37.103.0/24
203.55.81.0/24
IPv6:
2a13:c7c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
216256
Signature Algorithm: sha256WithRSAEncryption
19:e9:49:3d:55:86:a1:4c:71:e4:c8:94:00:52:e4:7b:68:5e:
5d:f6:b7:7f:8b:c0:df:7e:58:33:ed:0e:bc:1e:bc:9d:5c:24:
e0:6f:9c:92:b9:f7:01:91:64:1b:33:ad:d9:5d:45:02:08:40:
08:b7:1a:ce:aa:07:23:ad:fe:05:47:c5:b4:f4:a3:a8:85:1d:
b7:d9:a9:f9:ab:c7:c5:52:39:03:78:4e:ac:5d:0b:d6:9b:e2:
ac:9e:59:e8:66:4f:24:1a:b6:ad:d9:65:dc:5d:f3:52:ad:c3:
cc:a4:c9:c6:01:cf:12:d9:c2:19:44:be:f2:73:9b:9b:27:80:
5d:c4:2a:70:4f:8b:53:45:7c:1d:bc:22:16:4d:6e:21:60:73:
08:a4:8d:50:cd:60:60:9b:02:22:9d:c4:b4:96:8c:60:32:b5:
37:db:df:de:c2:74:25:e4:e7:af:cc:b5:87:27:66:d3:15:7b:
50:6e:4a:bf:fb:e4:92:7d:39:fe:da:ff:4e:93:71:a4:c3:56:
3a:c3:96:2f:95:e9:7e:22:7c:2b:57:39:c6:61:00:b7:71:8a:
9a:c0:21:d1:98:36:9b:51:86:73:84:26:73:45:8b:57:f4:a2:
e7:be:2b:0d:20:25:19:3f:e3:16:45:fe:ec:45:44:35:19:18:
57:a1:d0:70
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZRvRO0pmvIY2WpVqf5qdBmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTE2MTMxOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIyYWI2NzkyMmNlMDI3NWU4YzYxYWJmYTgyZDJhNzU0YWY2ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8xQpFOm/6Ab3LbUwOs11CEjr8hW
/eWYz8NTXlFNZirvGTFVdLVy6FtkCr1jRO44MONCM6I0KRelDZ4hrpq/Poc66s5g
5AEctvZMdx4rma7bnk427P+PHP25Skndc7omT1x5DUx8fA27OgNOgKRfHHphQl5J
mrOdwyrqjmwAV5qOI32/cWfRwjDx0SPJH75xd9sbMEcm64dGJKQRyHmFH82YZWLD
lP16t7zrAmpmD/ytEwPqluFQ3juqGV8Ys0L67n4keB23db59qWidAExKVtPbwdDI
oJo/0ohNUu9HkzMYIzgDJbZLPxfnAXqSTZgrI2/tdz5QkVDTIav/J8Ps7QIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFJUiq2eSLOAnXoxhq/qC0qdUr23EMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YzLzY4OTE4
ZS1lOWRhLTQwNmItOTkzMS1lNTI2YTk0MDlmYjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvNjg5MThl
LWU5ZGEtNDA2Yi05OTMxLWU1MjZhOTQwOWZiOC8xL2xTS3JaNUlzNENkZWpHR3It
b0xTcDFTdmJjUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQCLXDAAwQCZ2bkAwQAuSVnAwQAyzdRMA0EAgAC
MAcDBQMqE8fAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwNMwDANBgkqhkiG9w0B
AQsFAAOCAQEAGelJPVWGoUxx5MiUAFLke2heXfa3f4vA335YM+0OvB68nVwk4G+c
krn3AZFkGzOt2V1FAghACLcazqoHI63+BUfFtPSjqIUdt9mp+avHxVI5A3hOrF0L
1pvirJ5Z6GZPJBq2rdll3F3zUq3DzKTJxgHPEtnCGUS+8nObmyeAXcQqcE+LU0V8
HbwiFk1uIWBzCKSNUM1gYJsCIp3EtJaMYDK1N9vf3sJ0JeTnr8y1hydm0xV7UG5K
v/vkkn05/tr/TpNxpMNWOsOWL5XpfiJ8K1c5xmEAt3GKmsAh0Zg2m1GGc4Qmc0WL
V/Si574rDSAlGT/jFkX+7EVENRkYV6HQcA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:20:17 2025 by rpki-client