Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer
File: lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer (raw, json)
Hash identifier: 6gpwc268870q/XOqVax94CeCc3C/hU2MVLzqxZYk9ho=
Subject key identifier: 95:46:1F:BE:E1:C0:6E:3E:AF:AC:0F:2F:95:25:3C:A8:60:3A:CC:F2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221FC2418ECF88E0EF686BB2CC1CA7C0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:14 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.66.196.0/22
IP: 2a03:21e0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c2:41:8e:cf:88:e0:ef:68:6b:b2:cc:1c:a7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95461fbee1c06e3eafac0f2f95253ca8603accf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:dc:66:c5:e1:5a:8c:f7:b3:50:0c:f5:7d:
58:d3:92:a5:d9:d2:03:c3:8f:e7:ac:ae:1f:02:29:
cf:32:fa:de:c7:74:4f:42:b2:af:60:38:52:a5:74:
87:73:15:8e:43:20:3c:96:5c:e9:de:cb:34:b2:f8:
f2:6d:ec:8f:10:a3:29:39:21:7e:e0:35:15:6b:59:
34:b9:70:bc:fc:47:e8:7a:97:dd:29:e9:5e:28:80:
1a:f0:79:1a:53:b0:c5:d2:04:da:03:99:23:92:8d:
a1:71:f8:80:f0:8f:f6:42:3b:9d:39:39:96:7e:ca:
e6:f9:f1:b2:e2:cf:9b:f0:e4:83:25:ac:cb:07:3b:
3e:e9:5e:48:e0:b8:e0:27:b0:cb:1e:33:ab:df:f6:
41:c1:82:17:e9:97:2a:40:70:5f:a9:6b:6f:d9:bc:
7b:d7:35:44:6f:ea:5e:d8:21:8c:e6:4d:23:d9:6b:
32:17:ca:70:da:c6:6c:23:3a:19:f3:64:c5:16:54:
f3:95:ee:be:78:c0:3e:9a:f2:2e:09:33:27:1c:fd:
8d:dd:79:16:9e:2a:e8:12:03:9c:74:06:c0:90:88:
14:b6:39:37:e6:d3:9c:77:36:91:8d:a2:89:50:f5:
1f:a4:72:c7:13:c9:87:a7:e4:23:f4:7b:74:4e:7f:
af:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:46:1F:BE:E1:C0:6E:3E:AF:AC:0F:2F:95:25:3C:A8:60:3A:CC:F2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.196.0/22
IPv6:
2a03:21e0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:d0:d7:61:c4:31:7e:b9:9c:3a:57:b2:ce:46:77:d2:5c:4e:
f4:00:3f:7d:33:3e:7d:9e:fc:b4:7a:f8:79:a1:71:29:3e:b9:
c7:c8:7f:1c:f3:2c:f3:0e:1e:da:57:0f:4c:42:96:c1:70:f8:
dd:d0:0c:5e:7c:73:9f:21:e6:eb:5c:71:5a:68:e8:68:05:fa:
47:cc:a1:df:58:5e:f6:83:de:86:8d:8e:bc:db:ff:74:2c:cc:
a6:cf:d6:54:38:4f:ea:4c:7b:c0:2f:23:67:b7:93:1e:de:37:
1d:58:45:25:b4:c5:15:8d:ee:ea:2a:a8:d6:76:5a:b8:50:42:
70:52:ca:9a:d7:f6:3b:2e:65:0a:df:d4:a6:08:c2:6a:9e:6e:
70:e6:67:ec:7c:96:80:0f:16:ac:14:e8:1f:23:f6:92:1d:bf:
51:2d:fb:57:82:4a:1f:c5:25:0c:69:ff:de:3a:31:98:f9:29:
6c:4d:42:52:7e:9c:48:64:42:aa:b1:6d:2c:09:f3:d3:85:e8:
66:87:f1:6b:da:bc:c3:29:e1:a8:27:e9:e7:2f:2c:51:3c:43:
75:d4:7a:8d:14:18:5e:51:30:4d:a6:c1:e4:55:5d:3e:a0:bb:
99:25:2d:b4:b3:f9:3c:68:28:c9:27:e6:5b:fc:d4:ed:d3:3c:
40:3f:9c:ee
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZQiH8JBjs+I4O9oa7LMHKfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ2MWZiZWUxYzA2ZTNlYWZhYzBmMmY5NTI1M2NhODYwM2FjY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ncZsXhWoz3s1AM9X1Y05Kl2dID
w4/nrK4fAinPMvrex3RPQrKvYDhSpXSHcxWOQyA8llzp3ss0svjybeyPEKMpOSF+
4DUVa1k0uXC8/EfoepfdKeleKIAa8HkaU7DF0gTaA5kjko2hcfiA8I/2QjudOTmW
fsrm+fGy4s+b8OSDJazLBzs+6V5I4LjgJ7DLHjOr3/ZBwYIX6ZcqQHBfqWtv2bx7
1zVEb+pe2CGM5k0j2WsyF8pw2sZsIzoZ82TFFlTzle6+eMA+mvIuCTMnHP2N3XkW
niroEgOcdAbAkIgUtjk35tOcdzaRjaKJUPUfpHLHE8mHp+Qj9Ht0Tn+viQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJVGH77hwG4+r6wPL5UlPKhgOszyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzL2U1Y2U4
Zi01ZWEwLTQ3OWYtOTNlOS04OWQ1YzYwZjUwMWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZTVjZThm
LTVlYTAtNDc5Zi05M2U5LTg5ZDVjNjBmNTAxZi8xL2xVWWZ2dUhBYmo2dnJBOHZs
U1U4cUdBNnpQSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuULEMA0EAgACMAcDBQAqAyHgMA0GCSqGSIb3
DQEBCwUAA4IBAQB/0NdhxDF+uZw6V7LORnfSXE70AD99Mz59nvy0evh5oXEpPrnH
yH8c8yzzDh7aVw9MQpbBcPjd0AxefHOfIebrXHFaaOhoBfpHzKHfWF72g96GjY68
2/90LMymz9ZUOE/qTHvALyNnt5Me3jcdWEUltMUVje7qKqjWdlq4UEJwUsqa1/Y7
LmUK39SmCMJqnm5w5mfsfJaADxasFOgfI/aSHb9RLftXgkofxSUMaf/eOjGY+Sls
TUJSfpxIZEKqsW0sCfPThehmh/Fr2rzDKeGoJ+nnLyxRPEN11HqNFBheUTBNpsHk
VV0+oLuZJS20s/k8aCjJJ+Zb/NTt0zxAP5zu
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:48:50 2025 by rpki-client