Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qGBDVsdQGuIQSyzO087cXb3BFjs.cer
File: qGBDVsdQGuIQSyzO087cXb3BFjs.cer (raw, json)
Hash identifier: tTftjW4S0WaBm6w7WqBzlGb16eyKJGFUVCEsdjoMu2A=
Subject key identifier: A8:60:43:56:C7:50:1A:E2:10:4B:2C:CE:D3:CE:DC:5D:BD:C1:16:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0195A9632023C399104E142901BA7D208781
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/qGBDVsdQGuIQSyzO087cXb3BFjs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 18 Mar 2025 13:13:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.68.152.0/22
IP: 185.94.32.0/22
IP: 188.95.197.0/24
IP: 2a04:3840::/29
IP: 2a05:1900::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:63:20:23:c3:99:10:4e:14:29:01:ba:7d:20:87:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 18 13:13:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8604356c7501ae2104b2cced3cedc5dbdc1163b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6e:80:1d:4a:8d:6f:2e:8c:e7:a9:e8:33:28:
ac:51:c5:02:a5:28:6d:97:92:cf:fa:e3:ed:c5:b8:
6a:9c:1c:a2:f7:84:21:7d:59:fc:d1:ae:1e:12:0f:
a6:c6:29:ea:f7:5b:33:87:b7:c7:01:00:54:0c:d3:
a3:9d:2d:e8:f4:c7:07:09:4a:e0:ff:1a:e9:00:c1:
47:43:d4:f2:e1:be:a4:5d:7f:b9:60:b0:8e:78:11:
88:9e:19:6e:34:b7:32:b0:ef:1a:31:a1:f9:62:6d:
a9:ae:cf:b3:62:c5:cb:a5:55:62:b8:83:28:aa:4b:
7d:ca:97:1c:57:a9:f6:7b:e5:de:cb:09:81:a1:c5:
2a:c9:ca:cd:ea:bd:95:c9:b2:bb:23:a5:f9:dd:1c:
8f:9c:66:9e:84:64:15:32:22:f0:b7:06:b3:e7:5b:
57:37:fb:87:76:21:e5:e5:3f:d0:32:7b:43:ce:c5:
16:41:47:cc:f7:94:83:17:b7:f1:45:1c:c9:ef:22:
a0:9d:92:d0:5d:87:a2:a0:fc:42:7d:2f:a8:ce:e8:
35:ab:c2:65:c6:dd:18:21:07:5c:76:d3:cf:d8:63:
71:52:49:c6:4d:23:47:3a:b6:f7:47:a2:1d:8f:48:
be:43:d4:1b:2e:cc:4b:90:87:8a:f4:02:7c:e1:41:
b2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:60:43:56:C7:50:1A:E2:10:4B:2C:CE:D3:CE:DC:5D:BD:C1:16:3B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/qGBDVsdQGuIQSyzO087cXb3BFjs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.152.0/22
185.94.32.0/22
188.95.197.0/24
IPv6:
2a04:3840::/29
2a05:1900::/29
Signature Algorithm: sha256WithRSAEncryption
17:9c:70:3a:24:c0:b5:61:0e:bc:90:0a:20:de:f0:e3:fc:a6:
68:61:b9:a6:53:56:69:ee:14:f5:a2:29:e3:fb:65:db:57:87:
9f:15:94:cc:4f:18:3f:a1:2a:70:fe:38:24:f0:f8:e3:10:52:
d6:a3:c3:01:4f:f3:a9:e1:22:8a:56:c7:7a:2f:c5:3d:bc:77:
53:6c:14:63:61:d2:31:29:7e:f6:f3:2c:a8:bc:b7:35:d7:5f:
75:bb:da:93:e9:90:83:ae:19:60:c4:a0:30:b7:4d:0b:b0:7b:
1a:fe:65:5e:6a:e4:ff:a9:52:42:3d:de:af:19:b3:15:aa:19:
68:d4:1c:21:6c:00:31:6c:96:ae:82:e2:33:01:e0:2a:09:5f:
dc:ce:70:2e:27:ce:58:7d:4f:07:58:d4:55:7e:d9:ec:c0:37:
fe:37:09:b8:58:78:17:01:1c:ef:4b:eb:c0:e1:ee:19:76:65:
0a:52:90:6c:e2:79:f6:1f:d4:11:6e:85:db:fb:70:86:c6:d3:
fc:c8:18:20:4e:74:18:cd:6f:b0:4f:4f:ab:fc:92:c6:ce:cc:
35:21:c3:20:b9:cd:49:8f:3a:e9:66:12:9e:e1:18:b6:89:29:
e8:1b:81:29:7e:af:34:42:e5:09:d3:a6:59:44:d8:9b:7c:47:
84:ef:bc:5b
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZWpYyAjw5kQThQpAbp9IIeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMzE4MTMxMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYwNDM1NmM3NTAxYWUyMTA0YjJjY2VkM2NlZGM1ZGJkYzExNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm6AHUqNby6M56noMyisUcUCpSht
l5LP+uPtxbhqnByi94QhfVn80a4eEg+mxinq91szh7fHAQBUDNOjnS3o9McHCUrg
/xrpAMFHQ9Ty4b6kXX+5YLCOeBGInhluNLcysO8aMaH5Ym2prs+zYsXLpVViuIMo
qkt9ypccV6n2e+XeywmBocUqycrN6r2VybK7I6X53RyPnGaehGQVMiLwtwaz51tX
N/uHdiHl5T/QMntDzsUWQUfM95SDF7fxRRzJ7yKgnZLQXYeioPxCfS+ozug1q8Jl
xt0YIQdcdtPP2GNxUknGTSNHOrb3R6Idj0i+Q9QbLsxLkIeK9AJ84UGywQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFKhgQ1bHUBriEEssztPO3F29wRY7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzQ1ODUw
MS1hY2FiLTQyZWQtOGE2YS03YmViYmI3MGMwNTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNDU4NTAx
LWFjYWItNDJlZC04YTZhLTdiZWJiYjcwYzA1MC8xL3FHQkRWc2RRR3VJUVN5ek8w
ODdjWGIzQkZqcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF
BwEHAQH/BDIwMDAYBAIAATASAwQCuUSYAwQCuV4gAwQAvF/FMBQEAgACMA4DBQMq
BDhAAwUDKgUZADANBgkqhkiG9w0BAQsFAAOCAQEAF5xwOiTAtWEOvJAKIN7w4/ym
aGG5plNWae4U9aIp4/tl21eHnxWUzE8YP6EqcP44JPD44xBS1qPDAU/zqeEiilbH
ei/FPbx3U2wUY2HSMSl+9vMsqLy3Nddfdbvak+mQg64ZYMSgMLdNC7B7Gv5lXmrk
/6lSQj3erxmzFaoZaNQcIWwAMWyWroLiMwHgKglf3M5wLifOWH1PB1jUVX7Z7MA3
/jcJuFh4FwEc70vrwOHuGXZlClKQbOJ59h/UEW6F2/twhsbT/MgYIE50GM1vsE9P
q/ySxs7MNSHDILnNSY866WYSnuEYtokp6BuBKX6vNELlCdOmWUTYm3xHhO+8Ww==
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:10:32 2025 by rpki-client