Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
File: p2i77FqeEb-9rthKqNOqzaKYifk.cer (raw, json)
Hash identifier: pROVuMveIB4zRl3yFwcFSPApY69bVs8cgEuKQHaJpFE=
Subject key identifier: A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FC971016954DAB8693D1EC46AAECBC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:48:18 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197731
IP: 31.3.104.0/21
IP: 185.119.28.0/22
IP: 2a03:7900::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:97:10:16:95:4d:ab:86:93:d1:ec:46:aa:ec:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6c:e1:89:1e:a2:8d:0c:f5:4a:bb:f8:c8:dd:
2c:59:82:a3:a7:24:b3:10:4b:6c:3d:f3:7a:c6:14:
53:63:4e:c2:c8:32:66:1b:51:69:49:48:3f:28:33:
8e:d3:cd:ae:ab:06:12:a3:c6:34:b8:62:40:cf:da:
9c:fb:a4:b1:21:1f:e4:d0:a9:f4:c8:23:3d:55:5b:
1a:10:1e:87:02:7c:64:2e:b6:1c:f5:58:e9:5d:3d:
1c:52:51:92:c5:cd:51:fc:f7:0c:3e:6d:c2:36:8e:
9e:e5:7f:65:7c:1e:6a:da:d5:56:3c:9c:7d:02:b5:
4e:fc:92:ed:31:71:1e:dd:57:36:07:d2:ff:ae:90:
60:c7:c6:09:49:df:7e:88:e9:36:68:28:05:55:22:
35:cf:0f:3c:69:77:84:9c:25:fd:b3:45:57:41:9d:
2e:a2:c3:75:98:06:ec:18:48:cd:76:a7:fd:2d:51:
fa:f8:c9:4f:08:6f:4d:50:4a:22:b0:3c:20:ec:37:
12:ad:65:e7:d5:51:7a:e5:33:7f:9e:09:04:e0:cc:
75:27:0c:a4:70:51:05:34:86:bb:d0:22:cd:13:1b:
db:e0:31:c1:ec:e0:86:b3:1d:57:27:63:ce:30:bf:
3b:c8:65:56:07:e6:38:f3:37:9a:7c:82:32:51:cd:
dc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.104.0/21
185.119.28.0/22
IPv6:
2a03:7900::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197731
Signature Algorithm: sha256WithRSAEncryption
98:ae:12:63:e5:24:e0:f6:13:64:b2:d5:85:55:77:11:26:09:
cf:7d:e3:0c:c1:4d:98:db:a9:7d:e5:e5:15:05:58:49:d4:c7:
f4:8d:b4:e0:35:7f:97:64:59:b9:12:d4:be:9c:39:76:1b:a9:
1f:69:3b:45:13:25:a4:8b:ac:8d:ee:f8:63:80:5c:d3:b4:0d:
31:ee:e3:a0:5c:90:8c:02:a6:58:31:b8:42:99:be:25:54:33:
f1:70:3b:82:ba:3a:a9:61:3b:ba:de:b8:33:c9:19:6d:5c:42:
b9:9f:fb:60:dc:92:74:88:3e:bd:b3:62:7a:47:e1:3c:71:87:
e8:70:ab:bd:60:ee:e4:e7:f7:43:16:1a:92:a0:c7:0a:d6:ab:
13:7c:83:7a:76:62:58:24:bc:14:4d:58:75:7f:a6:01:53:66:
8b:9c:6e:72:20:a0:16:8a:2e:86:25:59:1a:62:75:a4:f4:a8:
20:36:5e:7d:b2:75:b4:55:64:dc:00:bf:19:0d:fe:f4:c9:f2:
f5:51:35:61:10:8f:2a:e2:ba:22:de:5e:73:ff:a1:f9:c5:bb:
55:b7:a6:d9:93:f0:fa:b5:c9:b2:66:06:25:0e:83:0e:11:ad:
71:ec:13:47:4f:35:ba:57:08:2d:b9:85:93:00:04:39:fd:b7:
04:2a:61:84
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQl/JcQFpVNq4aT0exGquy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY4YmJlYzVhOWUxMWJmYmRhZWQ4NGFhOGQzYWFjZGEyOTg4OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWzhiR6ijQz1Srv4yN0sWYKjpySz
EEtsPfN6xhRTY07CyDJmG1FpSUg/KDOO082uqwYSo8Y0uGJAz9qc+6SxIR/k0Kn0
yCM9VVsaEB6HAnxkLrYc9VjpXT0cUlGSxc1R/PcMPm3CNo6e5X9lfB5q2tVWPJx9
ArVO/JLtMXEe3Vc2B9L/rpBgx8YJSd9+iOk2aCgFVSI1zw88aXeEnCX9s0VXQZ0u
osN1mAbsGEjNdqf9LVH6+MlPCG9NUEoisDwg7DcSrWXn1VF65TN/ngkE4Mx1Jwyk
cFEFNIa70CLNExvb4DHB7OCGsx1XJ2POML87yGVWB+Y48zeafIIyUc3cBQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFKdou+xanhG/va7YSqjTqs2imIn5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjL2VhYzFm
NC1hY2UxLTRjZTEtYTE4MS1jZmNhYmIxOWY5ODkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvZWFjMWY0
LWFjZTEtNGNlMS1hMTgxLWNmY2FiYjE5Zjk4OS8xL3AyaTc3RnFlRWItOXJ0aEtx
Tk9xemFLWWlmay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDHwNoAwQCuXccMA0EAgACMAcDBQAqA3kAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMEYzANBgkqhkiG9w0BAQsFAAOCAQEAmK4S
Y+Uk4PYTZLLVhVV3ESYJz33jDMFNmNupfeXlFQVYSdTH9I204DV/l2RZuRLUvpw5
dhupH2k7RRMlpIusje74Y4Bc07QNMe7joFyQjAKmWDG4Qpm+JVQz8XA7gro6qWE7
ut64M8kZbVxCuZ/7YNySdIg+vbNiekfhPHGH6HCrvWDu5Of3QxYakqDHCtarE3yD
enZiWCS8FE1YdX+mAVNmi5xuciCgFoouhiVZGmJ1pPSoIDZefbJ1tFVk3AC/GQ3+
9Mny9VE1YRCPKuK6It5ec/+h+cW7Vbem2ZPw+rXJsmYGJQ6DDhGtcewTR081ulcI
LbmFkwAEOf23BCphhA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:40:31 2025 by rpki-client