Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer (raw, json)
Hash identifier: kWfT6BST/MxPC8gCzeAUuGyCJ63ei/sLFX7SugTEH1A=
Subject key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B23377E07F01F9D0EC98F2C49DB5CB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:34 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 56361
IP: 31.41.184.0/21
IP: 46.175.120.0/21
IP: 176.98.168.0/21
IP: 176.118.128.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:33:77:e0:7f:01:f9:d0:ec:98:f2:c4:9d:b5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a1:06:3f:b1:79:88:31:05:80:7a:5e:e4:67:
a9:ec:2f:c7:ad:6a:97:69:90:87:ff:fa:00:bf:05:
2d:87:19:ff:d2:93:85:4b:e8:ac:0f:bb:b9:82:f1:
25:db:b5:68:37:c8:95:92:7f:05:0a:0d:e2:3d:b9:
6a:80:f1:89:ef:5b:93:80:38:dd:41:fa:47:36:1e:
cc:ac:66:4f:b2:f3:54:2a:e3:24:ef:67:97:28:8d:
ad:5c:7b:b4:a9:42:a9:71:44:61:df:b7:05:87:08:
8a:11:c6:65:31:4e:f4:ce:a3:33:7c:9a:e7:0d:36:
1c:ae:6a:9e:58:ac:7b:65:90:72:e1:95:a3:b1:8e:
07:cd:28:30:d5:c7:6b:89:23:bc:2d:3d:fb:12:1a:
4d:5a:82:a4:a1:c6:85:29:6e:6d:84:9a:f1:cf:76:
a1:fc:7d:5e:75:61:f1:96:87:5e:6d:ef:27:a8:f2:
13:a3:6b:e7:76:4b:bb:10:ce:d0:83:05:aa:67:6f:
8d:67:f1:48:fe:02:3c:4f:2b:c4:09:97:9c:f7:bd:
51:e3:84:96:c6:5d:da:be:be:7a:0a:9a:24:c1:40:
bd:4b:97:4c:38:1b:5b:58:ed:de:c7:70:e3:02:c3:
a9:b2:fd:2b:21:0c:c3:ef:07:2b:7a:00:ef:bb:2a:
d7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.184.0/21
46.175.120.0/21
176.98.168.0/21
176.118.128.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56361
Signature Algorithm: sha256WithRSAEncryption
8c:58:08:b2:2a:ec:97:f2:95:c8:ae:b5:a7:f2:ab:ad:9c:50:
b0:e0:05:89:bb:06:8a:40:e7:82:63:02:d2:5d:2c:ab:5f:20:
2e:c0:1e:cc:17:91:06:cb:1c:ef:80:40:d4:86:99:42:4f:67:
a6:77:ea:84:a1:84:29:a6:ad:9a:5c:af:bd:96:b6:5e:de:65:
7f:33:b7:d0:27:c2:6c:9a:9c:25:bc:8e:53:67:19:24:e7:62:
a7:e8:da:45:39:54:9c:40:0e:57:19:ef:0c:5d:81:87:08:f5:
b8:17:b9:ef:d5:5a:11:14:7c:7d:c4:04:2a:9d:29:1b:cf:9a:
90:66:2c:46:8d:a5:23:dd:25:65:85:ac:48:82:17:22:d6:16:
c2:ee:a1:bc:54:2d:96:45:9e:2c:bb:62:95:2b:41:37:55:04:
4e:c6:86:73:a0:be:25:0a:b9:2b:80:89:06:04:b9:55:86:9e:
bb:0e:d9:53:37:86:b5:38:c5:78:de:14:13:46:34:62:e1:e2:
93:aa:4b:28:9f:b4:9f:b7:7d:44:3b:36:bd:62:d2:82:6b:4d:
58:13:29:89:4f:3a:91:7d:3b:12:c1:8b:4b:a7:0c:fd:82:78:
6b:5a:5d:df:40:f9:9e:5f:3b:31:aa:86:90:ba:bb:01:62:bc:
87:e4:ec:f7
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZQhsjN34H8B+dDsmPLEnbXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmI4N2U1ZmQxYWFkYzFiYmVhMzcyYjQyNjllZWJkMzkzYzVjZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKEGP7F5iDEFgHpe5Gep7C/HrWqX
aZCH//oAvwUthxn/0pOFS+isD7u5gvEl27VoN8iVkn8FCg3iPblqgPGJ71uTgDjd
QfpHNh7MrGZPsvNUKuMk72eXKI2tXHu0qUKpcURh37cFhwiKEcZlMU70zqMzfJrn
DTYcrmqeWKx7ZZBy4ZWjsY4HzSgw1cdriSO8LT37EhpNWoKkocaFKW5thJrxz3ah
/H1edWHxlodebe8nqPITo2vndku7EM7QgwWqZ2+NZ/FI/gI8TyvECZec971R44SW
xl3avr56CpokwUC9S5dMOBtbWO3ex3DjAsOpsv0rIQzD7wcregDvuyrXSQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFJa4fl/RqtwbvqNytCae69OTxc1nMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFiLzZhODhh
Yy1lZmI0LTQ1ZTQtOTE5OS0yYWJkYjIxOTQxYmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIvNmE4OGFj
LWVmYjQtNDVlNC05MTk5LTJhYmRiMjE5NDFiYy8xL2xyaC1YOUdxM0J1LW8zSzBK
cDdyMDVQRnpXYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQDHym4AwQDLq94AwQDsGKoAwQDsHaAMBoGCCsG
AQUFBwEIAQH/BAswCaAHMAUCAwDcKTANBgkqhkiG9w0BAQsFAAOCAQEAjFgIsirs
l/KVyK61p/KrrZxQsOAFibsGikDngmMC0l0sq18gLsAezBeRBssc74BA1IaZQk9n
pnfqhKGEKaatmlyvvZa2Xt5lfzO30CfCbJqcJbyOU2cZJOdip+jaRTlUnEAOVxnv
DF2Bhwj1uBe579VaERR8fcQEKp0pG8+akGYsRo2lI90lZYWsSIIXItYWwu6hvFQt
lkWeLLtilStBN1UETsaGc6C+JQq5K4CJBgS5VYaeuw7ZUzeGtTjFeN4UE0Y0YuHi
k6pLKJ+0n7d9RDs2vWLSgmtNWBMpiU86kX07EsGLS6cM/YJ4a1pd30D5nl87MaqG
kLq7AWK8h+Ts9w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:56:27 2025 by rpki-client