Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nKMZ6lHIADqtlKjifOaUkqouM6g.cer
File: nKMZ6lHIADqtlKjifOaUkqouM6g.cer (raw, json)
Hash identifier: Vjg/GK8FnXvFWGSFQWzGquRoNFA9RxSdhyRNCSzrfDc=
Subject key identifier: 9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196244EF523E844E0D8825310D6327012E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/nKMZ6lHIADqtlKjifOaUkqouM6g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 11 Apr 2025 10:04:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 34578
IP: 159.144.0.0/16
IP: 192.112.254.0/24
IP: 2a00:9480::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 20:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:4e:f5:23:e8:44:e0:d8:82:53:10:d6:32:70:12:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 11 10:04:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ca319ea51c8003aad94a8e27ce69492aa2e33a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2d:e1:b9:99:a3:5f:54:fb:fa:22:a6:e9:03:
bb:27:47:d6:58:66:3d:1d:39:df:87:51:4f:8e:73:
f5:35:d1:c1:48:75:0c:a4:4e:15:e9:f7:cd:ef:67:
e7:f1:27:80:a1:4a:3d:4d:61:45:53:4c:92:82:6e:
ca:58:99:8d:8f:04:a3:3a:e0:4e:6f:e7:64:1e:8c:
a5:ec:ca:53:52:31:d3:f0:d3:30:c6:84:52:83:50:
5f:e9:73:ab:e6:1c:ac:10:59:05:d6:02:0c:22:5c:
c9:b6:ce:75:60:d4:03:12:4a:83:c2:6f:96:b2:a0:
a2:73:ab:d2:0d:5f:47:e4:0d:b1:c2:c7:13:1e:f0:
d0:b6:83:c9:57:e9:24:2e:f0:66:d2:9e:6e:56:2c:
6f:e3:d7:2e:99:41:cf:87:11:8b:fc:2b:44:f1:7f:
f3:47:57:1d:d8:9e:55:70:72:cb:90:43:c9:f0:14:
ab:7e:d2:dc:83:34:6e:c4:ef:79:62:09:29:28:be:
6c:6a:93:0b:41:49:eb:6b:28:74:dc:9b:3d:5a:79:
19:7c:89:64:71:6c:c0:59:2d:b9:b8:44:6c:c4:f6:
ca:ee:32:35:3a:da:c5:ae:17:a5:bc:9c:10:62:f0:
4a:33:4e:ff:eb:88:32:85:53:c8:42:30:6d:77:28:
bb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/nKMZ6lHIADqtlKjifOaUkqouM6g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.144.0.0/16
192.112.254.0/24
IPv6:
2a00:9480::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34578
Signature Algorithm: sha256WithRSAEncryption
3c:56:c7:87:48:e8:2e:f4:27:8c:26:89:79:a7:81:1d:db:c1:
a5:3a:d1:89:8e:69:b2:d6:c8:4e:03:c2:34:7e:61:9d:7f:02:
65:48:82:0d:09:49:e0:d9:ed:db:22:f3:6c:1c:f8:e8:41:77:
81:41:b0:77:a7:f3:d3:2a:87:94:27:94:16:7b:6e:42:5a:4c:
5d:c0:2f:14:a0:bd:73:4a:98:14:2f:86:80:85:12:fc:b2:9e:
4b:6e:c9:15:5b:90:db:69:06:85:54:fd:ab:1c:29:b9:41:60:
0a:01:98:50:36:ec:1f:69:d3:46:16:4b:c1:3f:12:2e:76:84:
c5:46:46:7a:1f:2b:fc:af:e7:76:3a:87:aa:be:63:c1:80:7a:
04:a8:95:84:84:92:d6:8f:fd:19:03:c0:52:e8:e1:ac:d6:d2:
f8:b6:20:f1:29:18:ee:cc:0d:c9:62:9b:f7:96:74:d0:84:80:
4c:ea:78:fb:c7:e5:b7:a1:e8:aa:35:44:13:4b:d4:a5:7b:73:
e6:88:bc:55:f6:cf:37:97:d5:e7:91:7a:6d:48:c3:9d:c3:a5:
0f:cf:79:9f:a5:81:8e:e3:9b:b3:9c:9f:c5:30:02:db:c7:e5:
0b:f2:35:e5:ee:9f:05:fb:4d:d1:93:e1:5d:76:5b:09:dc:34:
2b:8d:c5:fc
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZYkTvUj6ETg2IJTENYycBLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDExMTAwNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2EzMTllYTUxYzgwMDNhYWQ5NGE4ZTI3Y2U2OTQ5MmFhMmUzM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri3huZmjX1T7+iKm6QO7J0fWWGY9
HTnfh1FPjnP1NdHBSHUMpE4V6ffN72fn8SeAoUo9TWFFU0ySgm7KWJmNjwSjOuBO
b+dkHoyl7MpTUjHT8NMwxoRSg1Bf6XOr5hysEFkF1gIMIlzJts51YNQDEkqDwm+W
sqCic6vSDV9H5A2xwscTHvDQtoPJV+kkLvBm0p5uVixv49cumUHPhxGL/CtE8X/z
R1cd2J5VcHLLkEPJ8BSrftLcgzRuxO95YgkpKL5sapMLQUnrayh03Js9WnkZfIlk
cWzAWS25uERsxPbK7jI1OtrFrhelvJwQYvBKM07/64gyhVPIQjBtdyi7twIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFJyjGepRyAA6rZSo4nzmlJKqLjOoMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MwLzYxNDk0
Yy0wNzQ0LTQ5OTEtYWI2Ny0wYWQzYzc5NjJjMDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvNjE0OTRj
LTA3NDQtNDk5MS1hYjY3LTBhZDNjNzk2MmMwOS8xL25LTVo2bEhJQURxdGxLamlm
T2FVa3FvdU02Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUF
BwEHAQH/BCQwIjARBAIAATALAwMAn5ADBADAcP4wDQQCAAIwBwMFACoAlIAwGgYI
KwYBBQUHAQgBAf8ECzAJoAcwBQIDAIcSMA0GCSqGSIb3DQEBCwUAA4IBAQA8VseH
SOgu9CeMJol5p4Ed28GlOtGJjmmy1shOA8I0fmGdfwJlSIINCUng2e3bIvNsHPjo
QXeBQbB3p/PTKoeUJ5QWe25CWkxdwC8UoL1zSpgUL4aAhRL8sp5LbskVW5DbaQaF
VP2rHCm5QWAKAZhQNuwfadNGFkvBPxIudoTFRkZ6Hyv8r+d2OoeqvmPBgHoEqJWE
hJLWj/0ZA8BS6OGs1tL4tiDxKRjuzA3JYpv3lnTQhIBM6nj7x+W3oeiqNUQTS9Sl
e3PmiLxV9s83l9XnkXptSMOdw6UPz3mfpYGO45uznJ/FMALbx+UL8jXl7p8F+03R
k+FddlsJ3DQrjcX8
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:25:12 2025 by rpki-client