Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oaVb8oiHU-RGdbYd2jA5TZAVbAo.cer
File: oaVb8oiHU-RGdbYd2jA5TZAVbAo.cer (raw, json)
Hash identifier: PkZTjpzy1o0i1gX4jpg2QaLxO0r4PFx1yx6+lGjomvw=
Subject key identifier: A1:A5:5B:F2:88:87:53:E4:46:75:B6:1D:DA:30:39:4D:90:15:6C:0A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D74AE04CA5073AB9531387B33189C8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/oaVb8oiHU-RGdbYd2jA5TZAVbAo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:48:19 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 57505
AS: 208919
IP: 45.138.188.0/22
IP: 194.147.219.0/24
IP: 2a12:67c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4a:e0:4c:a5:07:3a:b9:53:13:87:b3:31:89:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1a55bf2888753e44675b61dda30394d90156c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f0:d5:a2:6e:21:25:85:3a:20:dc:b4:fd:86:
72:bf:6a:b4:92:79:62:6e:76:36:d3:3c:ad:01:92:
79:14:e6:de:b7:c3:9e:25:81:f6:e0:3d:fa:07:71:
6c:93:79:54:ce:35:3a:c0:91:cb:9a:d7:bc:40:e7:
82:59:42:f9:69:d4:8d:6b:49:78:70:98:75:d6:7d:
2c:30:4c:5f:e2:bc:e4:33:d5:5b:35:10:fd:14:c3:
84:62:7c:05:eb:16:c4:9b:64:85:49:20:4c:79:37:
87:c0:9f:d0:5f:07:b7:a9:37:0d:db:e4:3b:bc:fd:
b0:cf:2d:68:79:47:e9:bf:2c:5b:24:2b:7c:55:99:
1b:59:cf:4e:19:73:ce:4f:4e:54:02:97:e7:78:1a:
5e:13:b8:bc:9d:55:94:d0:17:ca:5a:ae:ac:63:b4:
c9:c5:3a:91:8e:52:ec:b3:7b:f7:1d:50:29:11:b2:
0d:3a:92:22:7d:d8:b6:62:0b:67:8f:a8:5b:86:38:
71:06:2c:d3:76:a4:d5:85:a0:df:13:a6:4e:c7:7b:
36:47:6d:bf:ca:24:9c:83:c0:99:a1:e8:cb:6f:07:
f0:d8:d3:a0:93:a8:57:98:6e:f2:65:ec:60:b2:65:
50:7f:cf:a1:50:4e:c5:58:a2:c8:91:b4:a4:d0:05:
6b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A5:5B:F2:88:87:53:E4:46:75:B6:1D:DA:30:39:4D:90:15:6C:0A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/oaVb8oiHU-RGdbYd2jA5TZAVbAo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.188.0/22
194.147.219.0/24
IPv6:
2a12:67c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57505
208919
Signature Algorithm: sha256WithRSAEncryption
20:bc:0a:8d:3e:29:15:c2:a0:ff:2d:10:90:b0:74:af:06:eb:
62:17:82:fe:72:33:76:ce:4b:68:a0:2c:87:93:c5:ef:63:17:
51:00:2f:06:37:23:d9:a5:3d:69:bb:e2:cb:f7:2a:af:7e:32:
fe:60:f2:db:ed:9d:3f:79:92:1b:b5:50:d3:2f:19:ac:4d:77:
c4:b4:7c:7a:bd:bd:97:1f:0f:e0:02:58:b9:31:31:9e:46:f9:
50:85:fc:50:6e:37:ce:97:08:16:19:e0:55:6e:86:31:de:5c:
e2:37:cb:b0:e2:77:3b:1b:2c:59:eb:b4:be:7c:76:18:20:70:
9f:40:07:af:8c:15:e0:9d:9f:01:24:94:26:75:fa:f4:06:3b:
2c:01:b6:74:1a:26:af:59:93:61:81:57:22:a2:15:1e:cd:63:
5b:a9:d7:38:23:c0:a7:bb:0e:da:b1:e4:95:31:f0:b8:0a:b8:
92:a8:bf:65:57:b7:45:0d:5a:79:49:9a:88:95:bf:49:e8:33:
53:09:0c:d2:29:ab:12:44:d2:b8:f1:b2:9e:84:a8:7b:4b:5f:
00:5b:f4:bd:d7:aa:18:43:7d:fb:32:a9:2a:9a:ad:f2:6b:e1:
96:d0:26:af:36:12:7d:50:0f:df:00:7c:aa:66:7e:26:ba:c6:
8c:70:0a:ed
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZQj10rgTKUHOrlTE4ezMYnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWE1NWJmMjg4ODc1M2U0NDY3NWI2MWRkYTMwMzk0ZDkwMTU2YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPDVom4hJYU6INy0/YZyv2q0knli
bnY20zytAZJ5FObet8OeJYH24D36B3Fsk3lUzjU6wJHLmte8QOeCWUL5adSNa0l4
cJh11n0sMExf4rzkM9VbNRD9FMOEYnwF6xbEm2SFSSBMeTeHwJ/QXwe3qTcN2+Q7
vP2wzy1oeUfpvyxbJCt8VZkbWc9OGXPOT05UApfneBpeE7i8nVWU0BfKWq6sY7TJ
xTqRjlLss3v3HVApEbINOpIifdi2Ygtnj6hbhjhxBizTdqTVhaDfE6ZOx3s2R22/
yiScg8CZoejLbwfw2NOgk6hXmG7yZexgsmVQf8+hUE7FWKLIkbSk0AVrJwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFKGlW/KIh1PkRnW2HdowOU2QFWwKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM4LzJkYWIx
OC03YmI3LTRhYTEtOThhZC0yN2M5ZDkxMTQyMzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgvMmRhYjE4
LTdiYjctNGFhMS05OGFkLTI3YzlkOTExNDIzOC8xL29hVmI4b2lIVS1SR2RiWWQy
akE1VFpBVmJBby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCLYq8AwQAwpPbMA0EAgACMAcDBQMqEmfAMB8G
CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDgoQIDAzAXMA0GCSqGSIb3DQEBCwUAA4IB
AQAgvAqNPikVwqD/LRCQsHSvButiF4L+cjN2zktooCyHk8XvYxdRAC8GNyPZpT1p
u+LL9yqvfjL+YPLb7Z0/eZIbtVDTLxmsTXfEtHx6vb2XHw/gAli5MTGeRvlQhfxQ
bjfOlwgWGeBVboYx3lziN8uw4nc7GyxZ67S+fHYYIHCfQAevjBXgnZ8BJJQmdfr0
BjssAbZ0GiavWZNhgVciohUezWNbqdc4I8Cnuw7aseSVMfC4CriSqL9lV7dFDVp5
SZqIlb9J6DNTCQzSKasSRNK48bKehKh7S18AW/S916oYQ337Mqkqmq3ya+GW0Cav
NhJ9UA/fAHyqZn4musaMcArt
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:46:27 2025 by rpki-client