Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer
File: orzYisPgLP-tPADeRrXaM2vWRwI.cer (raw, json)
Hash identifier: ZKySUR5odqBzXVHZ6sMlvWtzXXYUUIBN/0M4oXv5lXE=
Subject key identifier: A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFA557610FE43C8CB03746B2B6A3450
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:07 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 25143
IP: 91.239.48.0/22
IP: 193.19.228.0/22
IP: 193.238.20.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:55:76:10:fe:43:c8:cb:03:74:6b:2b:6a:34:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e0:2f:ad:79:c7:4e:60:86:a6:fb:a8:63:88:
ad:da:a4:5e:9c:5a:a3:9e:f5:9b:69:ca:f8:49:24:
0e:98:80:52:89:c0:b7:ef:99:4b:3c:44:c4:c7:4c:
ce:a1:f2:99:0f:44:9c:3f:f5:fe:ab:21:cc:a0:73:
f5:35:4e:69:5f:3f:ce:ef:89:55:c1:13:57:17:b7:
2d:13:4a:06:c4:c5:14:ef:6d:50:38:25:e0:8b:49:
ed:c2:d6:b7:b1:2e:a6:dc:64:c0:b2:a7:77:da:84:
15:04:07:fe:4f:3f:02:d9:b2:35:d2:65:38:e4:2e:
6a:8b:e5:62:10:c0:12:d8:6b:68:c0:0f:96:5d:98:
1e:bf:ad:49:11:56:fb:0d:4b:46:62:d9:07:98:44:
0d:91:13:c3:03:ca:77:55:5c:6c:5e:d9:42:39:b8:
b0:27:7f:ed:10:1b:5a:bc:05:cb:0b:5b:f0:66:da:
66:52:24:b8:38:2f:b6:66:11:a8:21:58:6c:98:37:
26:ae:48:9c:b6:d6:0d:5e:cb:01:e2:9f:80:b0:27:
cf:c8:36:bd:31:d9:68:8a:67:90:97:71:2b:ca:89:
49:39:dc:63:81:3b:04:a3:1f:ef:52:4c:09:c1:27:
c6:6d:1f:b0:6f:a1:5f:c8:10:bb:43:18:92:18:29:
35:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.48.0/22
193.19.228.0/22
193.238.20.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
25143
Signature Algorithm: sha256WithRSAEncryption
56:56:a0:9d:e7:85:9d:1d:16:d0:fc:34:f8:d9:b5:6e:f9:70:
aa:aa:98:2d:ad:9f:a2:93:4e:cf:b3:cd:4e:1b:72:de:c1:1b:
08:d6:10:12:26:60:bc:db:3c:fe:44:b9:c7:9c:47:19:44:10:
fb:75:d1:31:46:ac:5d:a0:f1:d8:0e:bb:32:35:ca:c8:8b:76:
e2:50:b5:9d:18:17:32:4d:52:48:63:5b:f7:61:c6:01:24:55:
b9:c6:51:a4:dd:10:0e:c2:3d:b5:ad:b2:64:97:51:ef:99:43:
09:7a:3f:56:02:0f:dd:6f:d1:7b:59:43:77:6e:1b:73:5c:59:
93:06:f3:d1:bc:56:b4:d6:4e:02:90:02:97:cf:6c:80:d3:8c:
17:2a:bf:c6:7d:03:f8:7f:f4:73:23:58:4d:06:75:5d:b0:b7:
62:bf:cf:18:cb:91:59:23:2a:4f:e0:d7:07:48:95:61:19:fa:
0d:28:ab:67:35:88:35:c9:6c:8e:17:a3:a7:b5:3c:c6:2d:73:
9b:8d:35:f8:77:99:96:50:a7:b1:04:23:cf:45:94:eb:4f:8f:
53:6b:2c:e9:c3:1e:8d:23:e7:f3:b1:c4:80:97:6c:5f:d7:88:
fb:69:8c:37:5a:11:d3:1c:da:06:d2:7c:4d:f6:e5:bd:ec:00:
b2:ab:48:d8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZQf+lV2EP5DyMsDdGsrajRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJjZDg4YWMzZTAyY2ZmYWQzYzAwZGU0NmI1ZGEzMzZiZDY0NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuAvrXnHTmCGpvuoY4it2qRenFqj
nvWbacr4SSQOmIBSicC375lLPETEx0zOofKZD0ScP/X+qyHMoHP1NU5pXz/O74lV
wRNXF7ctE0oGxMUU721QOCXgi0ntwta3sS6m3GTAsqd32oQVBAf+Tz8C2bI10mU4
5C5qi+ViEMAS2GtowA+WXZgev61JEVb7DUtGYtkHmEQNkRPDA8p3VVxsXtlCObiw
J3/tEBtavAXLC1vwZtpmUiS4OC+2ZhGoIVhsmDcmrkicttYNXssB4p+AsCfPyDa9
MdloimeQl3EryolJOdxjgTsEox/vUkwJwSfGbR+wb6FfyBC7QxiSGCk1owIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFKK82IrD4Cz/rTwA3ka12jNr1kcCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2L2NmNGRi
NS1mYjI5LTRiMmEtYTIxNS1hYWI4NjI4NjFhMDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvY2Y0ZGI1
LWZiMjktNGIyYS1hMjE1LWFhYjg2Mjg2MWEwOS8xL29yellpc1BnTFAtdFBBRGVS
clhhTTJ2V1J3SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQCW+8wAwQCwRPkAwQCwe4UMBkGCCsGAQUFBwEI
AQH/BAowCKAGMAQCAmI3MA0GCSqGSIb3DQEBCwUAA4IBAQBWVqCd54WdHRbQ/DT4
2bVu+XCqqpgtrZ+ik07Ps81OG3LewRsI1hASJmC82zz+RLnHnEcZRBD7ddExRqxd
oPHYDrsyNcrIi3biULWdGBcyTVJIY1v3YcYBJFW5xlGk3RAOwj21rbJkl1HvmUMJ
ej9WAg/db9F7WUN3bhtzXFmTBvPRvFa01k4CkAKXz2yA04wXKr/GfQP4f/RzI1hN
BnVdsLdiv88Yy5FZIypP4NcHSJVhGfoNKKtnNYg1yWyOF6OntTzGLXObjTX4d5mW
UKexBCPPRZTrT49Tayzpwx6NI+fzscSAl2xf14j7aYw3WhHTHNoG0nxN9uW97ACy
q0jY
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:49:57 2025 by rpki-client