Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer
File: nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer (raw, json)
Hash identifier: trS9MeBTEipPycdhf14wMcI4QxeE5medvbnEdwmp7wg=
Subject key identifier: 9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942143F1437B39C7960F0434F30D575D6B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/nGIPMbSZfHNFvGa0a0PWhr8Akxo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:08 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 20618
IP: 213.132.0.0/19
IP: 2a02:4bc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f1:43:7b:39:c7:96:0f:04:34:f3:0d:57:5d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c620f31b4997c7345bc66b46b43d686bf00931a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d0:50:3d:af:95:ed:ad:2e:ef:09:08:70:61:
31:b4:d6:f7:4d:52:fb:be:56:72:9f:95:15:16:cc:
3f:a9:40:e3:63:5a:4e:64:e3:74:89:d3:6e:49:93:
e9:70:c8:3f:59:48:76:a2:2f:3f:16:f6:62:bd:96:
36:35:dc:85:11:18:84:01:a2:1e:9f:a4:b7:e4:6b:
97:5f:28:0f:05:7c:c8:4b:6a:a9:b6:6f:01:fc:5b:
e2:d6:7f:46:fe:38:25:0e:2b:7c:be:d5:ad:59:61:
a9:bd:ec:28:f6:fd:14:4b:b0:5e:00:a0:73:d3:17:
1f:14:5f:fe:54:d7:63:cc:b4:8a:89:aa:1d:68:f8:
64:ee:27:26:45:9a:cf:c4:08:7d:22:fa:5c:30:1d:
28:42:b1:87:8a:85:0b:55:02:f8:2a:52:66:de:3d:
ca:bb:6c:69:c0:58:59:06:10:44:bc:ad:02:19:ef:
d4:6d:5b:5d:d8:df:37:2b:b7:53:f5:9f:a2:0d:b6:
97:20:34:40:b4:c9:a0:68:22:b2:34:72:f1:82:0d:
73:b9:99:6b:cd:b4:2c:9a:a1:c5:e1:84:60:42:6c:
d6:75:e4:f1:bd:a3:a1:da:bf:c3:1a:c9:d2:63:66:
1f:a3:2c:f0:f5:d0:26:35:0b:ae:72:61:c3:66:c0:
05:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/nGIPMbSZfHNFvGa0a0PWhr8Akxo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.132.0.0/19
IPv6:
2a02:4bc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20618
Signature Algorithm: sha256WithRSAEncryption
74:f7:2b:57:d7:bf:2d:fd:a8:ea:aa:f1:6d:86:83:c5:9c:c6:
79:3d:ca:e5:e5:75:e9:7b:8c:c9:a1:1b:79:d2:a8:2f:fe:5f:
87:13:f4:e5:c3:30:b3:11:37:bb:58:f1:2c:e8:03:80:de:f2:
d2:4d:09:c9:1e:ff:29:2c:35:b5:4a:8b:aa:83:dc:50:03:50:
d6:d1:db:14:33:13:3a:3d:18:71:b7:8c:ed:2c:89:fd:04:ab:
2e:e2:e4:fc:b3:cc:82:b9:4a:89:18:4d:b5:15:76:10:8b:b8:
ca:a4:a4:69:54:8d:aa:a7:33:f6:61:95:0e:8c:02:8b:9d:30:
63:0e:e8:88:f7:25:a0:32:43:b3:f2:32:b7:16:20:d4:46:4f:
97:bb:dc:82:d2:3f:a5:ad:52:5e:99:d7:f7:5b:4d:1c:8e:3d:
9c:a2:b5:a1:36:4f:a0:d0:33:5f:5d:84:03:15:90:61:5f:9c:
75:bc:e1:03:ee:f8:7b:48:37:41:39:c1:df:de:27:19:a1:1b:
5e:39:42:67:1e:c7:8f:bb:29:0c:d0:87:7f:eb:a9:41:0b:e5:
e3:11:e4:a8:d9:38:0b:2b:95:8f:97:de:5c:0c:ae:6e:73:b6:
cc:6b:17:04:0b:4d:4f:29:b9:7d:fe:18:96:15:c4:96:55:0f:
02:48:c6:3c
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZQhQ/FDeznHlg8ENPMNV11rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYyMGYzMWI0OTk3YzczNDViYzY2YjQ2YjQzZDY4NmJmMDA5MzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNBQPa+V7a0u7wkIcGExtNb3TVL7
vlZyn5UVFsw/qUDjY1pOZON0idNuSZPpcMg/WUh2oi8/FvZivZY2NdyFERiEAaIe
n6S35GuXXygPBXzIS2qptm8B/Fvi1n9G/jglDit8vtWtWWGpvewo9v0US7BeAKBz
0xcfFF/+VNdjzLSKiaodaPhk7icmRZrPxAh9IvpcMB0oQrGHioULVQL4KlJm3j3K
u2xpwFhZBhBEvK0CGe/UbVtd2N83K7dT9Z+iDbaXIDRAtMmgaCKyNHLxgg1zuZlr
zbQsmqHF4YRgQmzWdeTxvaOh2r/DGsnSY2Yfoyzw9dAmNQuucmHDZsAFfQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFJxiDzG0mXxzRbxmtGtD1oa/AJMaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2Lzg5Mjhm
MS04NjE4LTRjMTktOWYzZC00Yjg3OTNkYjc0NjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYvODkyOGYx
LTg2MTgtNGMxOS05ZjNkLTRiODc5M2RiNzQ2MC8xL25HSVBNYlNaZkhORnZHYTBh
MFBXaHI4QWt4by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQF1YQAMA0EAgACMAcDBQMqAkvAMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAlCKMA0GCSqGSIb3DQEBCwUAA4IBAQB09ytX178t/ajq
qvFthoPFnMZ5Pcrl5XXpe4zJoRt50qgv/l+HE/TlwzCzETe7WPEs6AOA3vLSTQnJ
Hv8pLDW1Souqg9xQA1DW0dsUMxM6PRhxt4ztLIn9BKsu4uT8s8yCuUqJGE21FXYQ
i7jKpKRpVI2qpzP2YZUOjAKLnTBjDuiI9yWgMkOz8jK3FiDURk+Xu9yC0j+lrVJe
mdf3W00cjj2corWhNk+g0DNfXYQDFZBhX5x1vOED7vh7SDdBOcHf3icZoRteOUJn
HsePuykM0Id/66lBC+XjEeSo2TgLK5WPl95cDK5uc7bMaxcEC01PKbl9/hiWFcSW
VQ8CSMY8
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:50:18 2025 by rpki-client