Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nm8mIuZcLuhjUB13IUdaBe9TQ_s.cer
File: nm8mIuZcLuhjUB13IUdaBe9TQ_s.cer (raw, json)
Hash identifier: RtNr1ZetYsMzqJmZaRHj7r5r2kUJy2i07bCop1ks3Cc=
Subject key identifier: 9E:6F:26:22:E6:5C:2E:E8:63:50:1D:77:21:47:5A:05:EF:53:43:FB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194835A46747741DE38727656AEE3DEB138
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c1/593dd5-b907-4de8-80cd-b1db70071dde/1/nm8mIuZcLuhjUB13IUdaBe9TQ_s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c1/593dd5-b907-4de8-80cd-b1db70071dde/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 20 Jan 2025 10:55:19 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 62031
IP: 185.50.48.0/22
IP: 193.242.138.0/23
IP: 2a04:bb40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:5a:46:74:77:41:de:38:72:76:56:ae:e3:de:b1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 20 10:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e6f2622e65c2ee863501d7721475a05ef5343fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e9:ce:41:c0:a4:da:75:1d:e4:9c:f0:be:3b:
75:bc:d7:07:51:3a:dd:82:5e:9d:cb:a0:61:fd:92:
f7:36:6f:f8:a8:7d:46:1d:ec:60:a8:40:0b:99:2c:
1a:1c:8f:24:c7:64:44:05:3f:92:a4:2a:8b:c1:62:
20:fb:5c:c3:69:6b:aa:9d:45:db:5a:75:ad:fd:9c:
b1:fc:18:66:f8:e9:c3:ef:cd:a9:94:97:f5:ad:56:
55:b5:46:5e:91:2b:7e:8f:0b:bc:37:d7:74:0e:88:
ed:42:a7:6b:dc:ac:bb:12:e4:8e:20:ef:a6:f1:26:
48:a8:48:b9:6b:5d:84:d6:33:e7:50:a5:bb:44:cc:
7b:74:ad:4e:77:32:dd:25:00:3b:85:8a:31:b0:33:
4c:5a:2b:94:b7:2d:20:85:81:6f:79:76:ff:84:3f:
dc:ef:10:91:ea:4b:87:68:76:bb:71:94:93:b1:43:
cb:e7:cd:0f:13:b8:27:a2:96:74:aa:d9:5d:62:6a:
ee:ee:1e:31:87:7c:85:56:0e:ac:e0:d5:8a:36:89:
e0:00:41:8e:8f:28:0b:d6:d3:b9:a6:14:d9:62:d4:
65:06:bc:f3:1d:00:65:ea:b0:48:c5:06:3e:99:e7:
63:16:94:26:f5:f9:2c:d3:30:5d:5b:99:84:a5:8e:
0b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6F:26:22:E6:5C:2E:E8:63:50:1D:77:21:47:5A:05:EF:53:43:FB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/593dd5-b907-4de8-80cd-b1db70071dde/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/593dd5-b907-4de8-80cd-b1db70071dde/1/nm8mIuZcLuhjUB13IUdaBe9TQ_s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.48.0/22
193.242.138.0/23
IPv6:
2a04:bb40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
62031
Signature Algorithm: sha256WithRSAEncryption
3e:cf:ce:f2:58:f5:fd:46:ae:76:95:8d:46:fd:c9:9c:24:4f:
19:a5:88:f9:ea:8f:3b:8d:5a:7a:83:3e:d4:f9:af:5a:24:fd:
51:7d:0d:03:1b:d0:06:c6:0a:4d:fb:d0:f1:d6:e0:36:be:09:
ac:76:65:a7:8a:ca:6e:81:69:98:e9:40:c7:f0:27:90:e4:5a:
ce:2b:10:e2:b8:5b:ef:b6:43:96:d8:8d:e6:ff:fa:af:a3:64:
38:09:2b:15:0a:f5:66:8d:da:0d:c5:23:4a:bb:97:77:cf:a3:
53:a3:11:a2:17:43:49:4c:05:a7:97:cc:6a:2f:a3:59:f4:66:
c1:87:43:53:85:64:8f:94:f5:57:33:f0:1f:3c:09:db:2c:37:
0d:5b:57:ca:52:53:80:42:d3:af:5f:b3:32:b6:1a:bc:62:86:
7f:dd:db:ab:b1:28:86:2b:77:c4:0c:68:10:f2:22:a3:bc:63:
35:ee:6b:41:21:8e:79:a0:65:c4:ee:90:9f:3c:32:17:a2:54:
d5:2b:d6:9f:8d:80:94:1e:a6:be:46:eb:56:16:ad:fe:2d:ed:
a7:6c:9c:b7:b2:24:46:88:6f:95:12:6d:b3:ab:dc:26:78:18:
3f:11:6a:a8:2c:d8:a0:49:60:c7:2c:77:36:8d:66:4c:a4:cd:
56:cb:c2:37
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZSDWkZ0d0HeOHJ2Vq7j3rE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTIwMTA1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZmMjYyMmU2NWMyZWU4NjM1MDFkNzcyMTQ3NWEwNWVmNTM0M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwenOQcCk2nUd5Jzwvjt1vNcHUTrd
gl6dy6Bh/ZL3Nm/4qH1GHexgqEALmSwaHI8kx2REBT+SpCqLwWIg+1zDaWuqnUXb
WnWt/Zyx/Bhm+OnD782plJf1rVZVtUZekSt+jwu8N9d0DojtQqdr3Ky7EuSOIO+m
8SZIqEi5a12E1jPnUKW7RMx7dK1OdzLdJQA7hYoxsDNMWiuUty0ghYFveXb/hD/c
7xCR6kuHaHa7cZSTsUPL580PE7gnopZ0qtldYmru7h4xh3yFVg6s4NWKNongAEGO
jygL1tO5phTZYtRlBrzzHQBl6rBIxQY+medjFpQm9fks0zBdW5mEpY4L0wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFJ5vJiLmXC7oY1AddyFHWgXvU0P7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxLzU5M2Rk
NS1iOTA3LTRkZTgtODBjZC1iMWRiNzAwNzFkZGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEvNTkzZGQ1
LWI5MDctNGRlOC04MGNkLWIxZGI3MDA3MWRkZS8xL25tOG1JdVpjTHVoalVCMTNJ
VWRhQmU5VFFfcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuTIwAwQBwfKKMA0EAgACMAcDBQMqBLtAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDyTzANBgkqhkiG9w0BAQsFAAOCAQEAPs/O
8lj1/UaudpWNRv3JnCRPGaWI+eqPO41aeoM+1PmvWiT9UX0NAxvQBsYKTfvQ8dbg
Nr4JrHZlp4rKboFpmOlAx/AnkORazisQ4rhb77ZDltiN5v/6r6NkOAkrFQr1Zo3a
DcUjSruXd8+jU6MRohdDSUwFp5fMai+jWfRmwYdDU4Vkj5T1VzPwHzwJ2yw3DVtX
ylJTgELTr1+zMrYavGKGf93bq7Eohit3xAxoEPIio7xjNe5rQSGOeaBlxO6Qnzwy
F6JU1SvWn42AlB6mvkbrVhat/i3tp2yct7IkRohvlRJts6vcJngYPxFqqCzYoElg
xyx3No1mTKTNVsvCNw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:48:13 2025 by rpki-client