Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
File: lVcdiLU5ZafQgfOx2CicvCh3W4g.cer (raw, json)
Hash identifier: LDjImw1UAm3rBgxB0PF5bYLL88xGVpUXcRdMmR8T80M=
Subject key identifier: 95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942522363DF7236C38377B3D4B9AAC9AD9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:46 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 202077
IP: 185.68.136.0/22
IP: 2a03:2b20::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:36:3d:f7:23:6c:38:37:7b:3d:4b:9a:ac:9a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c0:9a:5d:d1:18:bb:da:45:7b:fb:6a:9f:91:
e7:3e:d6:17:ec:5a:8a:03:a3:9b:81:73:37:58:c8:
50:8c:d0:b8:9d:84:cb:ad:f9:cd:56:09:47:42:fc:
3d:c6:99:10:e4:1d:f5:d7:a1:d4:db:e2:73:be:35:
ea:c7:22:7b:ee:25:ca:98:6a:f2:64:9d:4e:aa:eb:
a9:46:aa:46:99:cb:5f:ca:ec:e9:0e:6c:6f:45:9a:
4e:3e:ac:c6:ba:2e:cd:88:2f:72:7e:9a:49:86:e3:
52:36:f3:02:4e:19:ce:89:58:2a:be:a5:6b:30:ce:
13:9e:4e:16:38:8f:65:3f:b4:e0:d2:13:a6:43:6a:
29:72:59:79:48:39:11:4f:a3:4e:42:db:7d:5a:f2:
ae:ca:e8:df:44:e1:db:77:65:90:61:15:52:69:ae:
52:d1:30:e3:28:48:8a:5a:2a:60:dc:d8:5d:df:da:
c9:c8:54:5e:94:b9:1c:f9:3e:87:96:d3:9e:08:52:
17:96:0f:e2:7b:06:ba:4a:85:0f:32:ff:9f:da:7d:
3f:ff:2b:af:67:42:e8:2a:b6:bd:67:72:94:c8:6e:
fb:4a:e9:db:54:df:d3:ac:ba:2f:7f:c4:4e:f8:ab:
7d:64:bf:b8:a6:50:07:2a:43:ee:8f:f6:5c:2d:61:
5c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.136.0/22
IPv6:
2a03:2b20::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202077
Signature Algorithm: sha256WithRSAEncryption
6f:bb:53:1e:25:eb:fb:28:78:d5:88:8f:e0:9b:b2:43:62:7e:
40:2b:d2:3e:5c:b5:32:74:3e:76:0b:00:4f:48:d3:b5:43:b7:
61:65:c1:b9:df:1d:86:7c:17:c6:b0:f0:21:41:04:52:ae:89:
c5:12:84:c2:76:a6:b6:f9:4c:74:71:73:ae:a1:c4:eb:ac:09:
17:b6:34:d9:df:79:d6:0d:ba:b5:e4:af:c2:58:6e:7f:99:bd:
75:e2:b3:5a:e1:f0:39:fb:53:ca:9e:1d:df:b2:42:cb:82:9c:
fc:31:dd:42:fd:d4:7b:a0:90:21:b5:d6:86:f8:86:20:81:94:
e0:1f:f5:93:93:96:17:95:58:f4:06:9a:ae:2e:46:c7:ec:9c:
20:d2:b8:a2:4a:b5:c4:4b:0e:cc:2d:f3:4c:b7:41:a6:65:f6:
13:80:25:40:61:65:59:86:6c:43:b9:56:82:11:1e:0a:5e:d1:
66:8f:49:4b:ab:f7:56:83:c9:64:da:16:d4:37:05:a9:15:72:
e1:ef:5f:63:a1:26:cc:22:cc:49:35:18:cd:7f:97:aa:5f:10:
68:e7:d3:ab:e9:a3:28:72:4d:ca:99:68:21:19:69:48:08:a6:
c8:ff:cd:c4:20:bf:6f:68:6e:2e:85:38:05:85:65:42:f4:c5:
7c:b7:34:a9
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQlIjY99yNsODd7PUuarJrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU3MWQ4OGI1Mzk2NWE3ZDA4MWYzYjFkODI4OWNiYzI4Nzc1Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMCaXdEYu9pFe/tqn5HnPtYX7FqK
A6ObgXM3WMhQjNC4nYTLrfnNVglHQvw9xpkQ5B3116HU2+JzvjXqxyJ77iXKmGry
ZJ1OquupRqpGmctfyuzpDmxvRZpOPqzGui7NiC9yfppJhuNSNvMCThnOiVgqvqVr
MM4Tnk4WOI9lP7Tg0hOmQ2opcll5SDkRT6NOQtt9WvKuyujfROHbd2WQYRVSaa5S
0TDjKEiKWipg3Nhd39rJyFRelLkc+T6HltOeCFIXlg/iewa6SoUPMv+f2n0//yuv
Z0LoKra9Z3KUyG77SunbVN/TrLovf8RO+Kt9ZL+4plAHKkPuj/ZcLWFcLQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJVXHYi1OWWn0IHzsdgonLwod1uIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1L2IzZjk5
My1kMDNiLTRiMTMtODFhZi1hYTYyMjk2OTg0NjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvYjNmOTkz
LWQwM2ItNGIxMy04MWFmLWFhNjIyOTY5ODQ2MS8xL2xWY2RpTFU1WmFmUWdmT3gy
Q2ljdkNoM1c0Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuUSIMA0EAgACMAcDBQAqAysgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMVXTANBgkqhkiG9w0BAQsFAAOCAQEAb7tTHiXr+yh4
1YiP4JuyQ2J+QCvSPly1MnQ+dgsAT0jTtUO3YWXBud8dhnwXxrDwIUEEUq6JxRKE
wnamtvlMdHFzrqHE66wJF7Y02d951g26teSvwlhuf5m9deKzWuHwOftTyp4d37JC
y4Kc/DHdQv3Ue6CQIbXWhviGIIGU4B/1k5OWF5VY9Aaari5Gx+ycINK4okq1xEsO
zC3zTLdBpmX2E4AlQGFlWYZsQ7lWghEeCl7RZo9JS6v3VoPJZNoW1DcFqRVy4e9f
Y6EmzCLMSTUYzX+Xql8QaOfTq+mjKHJNyploIRlpSAimyP/NxCC/b2huLoU4BYVl
QvTFfLc0qQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:23:47 2025 by rpki-client