Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
File: p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer (raw, json)
Hash identifier: 6b0fcsG6MoAmRvJJIusL3m6FWBqA5Ap/6dC88Qj/uJE=
Subject key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942369C4476A89913C9636AB4EC90F5BA7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:48:41 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 15577
IP: 185.112.172.0/22
IP: 217.9.0.0/20
IP: 2a06:64c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c4:47:6a:89:91:3c:96:36:ab:4e:c9:0f:5b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9f:2f:36:81:c6:18:8f:dc:b6:88:2c:05:81:
98:14:6f:75:7f:f7:b6:99:1c:a8:f1:6e:ca:6e:1a:
75:6c:c6:c0:25:27:32:34:ba:d7:8a:2b:70:df:05:
70:c7:29:d2:fe:cb:64:01:4c:11:52:b2:fa:ae:6e:
a1:64:b9:9f:ec:9a:34:bb:1c:0e:3d:21:cc:d5:9d:
17:52:89:82:70:95:b1:60:83:2b:c2:2f:fb:8c:46:
f9:e9:3c:6b:36:4c:c0:52:dc:56:04:c0:32:42:05:
86:25:2b:b5:52:41:dc:52:c3:df:b0:06:08:07:67:
d2:b9:c6:23:11:94:32:17:95:89:2f:79:cb:ff:20:
ba:be:e6:63:96:60:77:54:40:83:b7:f2:3b:af:a9:
5c:86:fc:c1:97:1b:c1:6f:5b:07:36:e9:68:4a:b5:
f3:61:35:57:63:99:59:f3:8b:4c:cd:9a:7b:a3:f9:
fc:4f:23:e5:8e:d6:99:a1:a9:af:52:39:42:fa:9a:
9d:43:07:40:c9:b8:bc:54:be:8b:ac:51:a6:74:56:
b8:07:6b:79:ad:3f:82:4c:76:d3:2d:94:bb:95:5f:
f0:16:74:0b:c0:1c:65:4b:a0:8f:62:13:94:de:d5:
c8:6d:bc:0b:28:52:c4:be:34:83:e2:7b:04:25:9a:
90:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.172.0/22
217.9.0.0/20
IPv6:
2a06:64c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15577
Signature Algorithm: sha256WithRSAEncryption
0d:d1:79:58:45:c0:12:a2:28:e3:65:3e:ca:cc:0f:0e:37:49:
ca:94:62:44:aa:cc:79:e4:83:bd:8d:c2:f8:7e:90:52:af:84:
2b:aa:7d:23:31:25:1d:78:c2:08:44:94:31:d7:ac:dc:8e:06:
e4:5e:e2:ad:6a:73:d2:e5:ae:99:cf:63:0f:fc:76:55:62:95:
1f:c6:6d:9e:cb:36:e2:e6:06:93:91:48:8e:39:93:57:5d:71:
e6:7c:4e:39:41:8b:29:e2:0a:af:43:c3:0b:5d:22:67:14:b8:
1e:ae:19:1a:b4:47:b6:1c:e3:56:3d:14:23:63:af:15:8f:5d:
bd:d0:fe:4f:d3:4b:65:71:ca:e6:03:75:e6:06:4f:53:a5:02:
b1:d2:b9:8f:68:2b:eb:46:fb:53:af:bb:37:55:6c:27:90:99:
cf:a0:4d:82:5f:50:45:f8:3b:63:0e:06:6e:37:3b:b7:df:48:
e7:93:66:95:a0:b5:15:35:c4:e1:8f:ad:66:fc:2c:60:22:f9:
ea:79:71:44:d9:15:85:b5:f4:3a:54:5d:38:0a:df:45:cb:b7:
74:9f:16:cc:39:49:ad:cc:3c:ff:09:7f:4a:d9:f4:f3:5c:09:
d9:2f:e4:2d:14:28:7d:62:c2:27:45:61:66:98:17:26:ef:e3:
f1:59:ed:7c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQjacRHaomRPJY2q07JD1unMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2VlMTgyZDljNDNhNWNlNzA2OGRmZDliYTdhYThlZDkwZTVlMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p8vNoHGGI/ctogsBYGYFG91f/e2
mRyo8W7Kbhp1bMbAJScyNLrXiitw3wVwxynS/stkAUwRUrL6rm6hZLmf7Jo0uxwO
PSHM1Z0XUomCcJWxYIMrwi/7jEb56TxrNkzAUtxWBMAyQgWGJSu1UkHcUsPfsAYI
B2fSucYjEZQyF5WJL3nL/yC6vuZjlmB3VECDt/I7r6lchvzBlxvBb1sHNuloSrXz
YTVXY5lZ84tMzZp7o/n8TyPljtaZoamvUjlC+pqdQwdAybi8VL6LrFGmdFa4B2t5
rT+CTHbTLZS7lV/wFnQLwBxlS6CPYhOU3tXIbbwLKFLEvjSD4nsEJZqQgQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2RhYjQy
MC0wZGUzLTQzMjEtOWMwOS02YjVmNjg1MjJhN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZGFiNDIw
LTBkZTMtNDMyMS05YzA5LTZiNWY2ODUyMmE3ZC8xL3AtNFlMWnhEcGM1d2FOX1p1
bnFvN1pEbDRMby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuXCsAwQE2QkAMA0EAgACMAcDBQMqBmTAMBkG
CCsGAQUFBwEIAQH/BAowCKAGMAQCAjzZMA0GCSqGSIb3DQEBCwUAA4IBAQAN0XlY
RcASoijjZT7KzA8ON0nKlGJEqsx55IO9jcL4fpBSr4Qrqn0jMSUdeMIIRJQx16zc
jgbkXuKtanPS5a6Zz2MP/HZVYpUfxm2eyzbi5gaTkUiOOZNXXXHmfE45QYsp4gqv
Q8MLXSJnFLgerhkatEe2HONWPRQjY68Vj1290P5P00tlccrmA3XmBk9TpQKx0rmP
aCvrRvtTr7s3VWwnkJnPoE2CX1BF+DtjDgZuNzu330jnk2aVoLUVNcThj61m/Cxg
IvnqeXFE2RWFtfQ6VF04Ct9Fy7d0nxbMOUmtzDz/CX9K2fTzXAnZL+QtFCh9YsIn
RWFmmBcm7+PxWe18
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:52:05 2025 by rpki-client