Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer
File: qQYfL0mm16-epna60D3xzi9QJg0.cer (raw, json)
Hash identifier: 847muAwDrzqugL9VX94TgXCOA6z1853yquAeIusmsSo=
Subject key identifier: A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5FB8D2F4002BE601E13E5A09C58A5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:02 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29056
IP: 37.143.176.0/20
IP: 85.237.0.0/19
IP: 91.143.96.0/20
IP: 109.73.144.0/20
IP: 185.15.236.0/22
IP: 185.220.252.0/22
IP: 185.222.128.0/22
IP: 185.225.144.0/22
IP: 185.228.128.0/22
IP: 185.233.144.0/22
IP: 185.236.72.0/22
IP: 193.46.248.0/24
IP: 217.29.144.0/20
IP: 2a02:758::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:fb:8d:2f:40:02:be:60:1e:13:e5:a0:9c:58:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9061f2f49a6d7af9ea676bad03df1ce2f50260d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:63:d9:22:cb:d5:c7:69:99:ac:77:22:c5:74:
89:f5:97:10:8c:f7:28:27:b9:86:ce:f4:eb:44:05:
22:b8:e1:de:94:8c:11:8c:6b:52:56:06:d6:1d:18:
32:79:96:2b:e6:b0:69:37:f8:bf:f4:e8:ec:10:3c:
2a:4a:91:c9:42:67:20:10:2e:29:bc:54:b0:c8:b4:
03:41:7c:88:3a:17:6a:90:22:72:87:60:9b:02:00:
f7:31:ba:f8:79:cc:50:a3:17:ca:60:ad:79:ca:a0:
e4:4d:46:77:b4:17:10:9a:04:bf:23:50:d0:5c:67:
d8:e4:18:14:b9:08:38:5f:42:fc:dc:a8:8b:12:f2:
41:e9:18:b9:48:d1:90:97:5f:25:f4:46:16:58:67:
d2:4e:85:50:1d:1c:8a:76:3b:1d:31:e9:9a:24:f3:
b3:51:25:12:39:6b:f0:e5:b8:e8:a5:27:65:b8:10:
b6:1c:ef:b5:43:8d:d8:85:cf:2b:67:ae:3c:28:70:
cd:5d:9f:d5:ab:fa:03:19:4d:cf:5d:62:0e:12:08:
4d:6c:c5:5c:f4:f9:d0:cb:67:dd:ce:f2:4f:c6:43:
2b:6e:f5:3b:3d:5e:88:89:68:22:6a:f4:22:0b:b3:
7a:f7:a8:89:07:57:07:7e:e4:46:19:0b:19:38:67:
75:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.176.0/20
85.237.0.0/19
91.143.96.0/20
109.73.144.0/20
185.15.236.0/22
185.220.252.0/22
185.222.128.0/22
185.225.144.0/22
185.228.128.0/22
185.233.144.0/22
185.236.72.0/22
193.46.248.0/24
217.29.144.0/20
IPv6:
2a02:758::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29056
Signature Algorithm: sha256WithRSAEncryption
56:6e:8d:10:e6:e3:c4:af:34:c5:ea:36:56:d3:1e:0c:ef:f2:
f1:50:17:11:0e:58:5a:2f:3d:a1:a4:9d:eb:81:3e:82:a9:aa:
09:d1:37:72:a0:29:21:46:50:bc:e4:f3:8f:54:f5:43:82:0b:
d4:00:86:6b:e5:af:bb:4b:ed:19:af:b4:4f:31:e8:1d:9f:4b:
d0:f2:24:1c:16:2b:de:e6:bb:f0:7d:30:a2:b1:bb:13:95:e4:
ae:88:50:f1:02:e5:99:d1:e2:74:f2:f6:da:10:52:95:b7:77:
c5:34:e9:49:d5:bd:1f:b2:2f:e0:37:4e:3a:aa:1f:55:e7:ea:
ac:63:12:a8:56:1a:6f:11:d6:cf:37:f9:5f:21:10:e5:a2:b7:
97:0b:99:bf:4d:d1:23:27:22:32:a8:79:dd:ce:35:96:a5:bc:
fd:c9:36:f8:4a:8b:76:c8:a3:95:d6:d6:17:e3:aa:ea:99:25:
21:90:b4:91:f9:ec:62:2f:34:6e:b7:52:7b:94:6e:13:1a:1b:
9b:b6:be:d1:37:c5:88:7a:91:38:34:40:d8:81:80:57:1b:e5:
69:3a:cb:a9:07:cc:50:b8:d4:50:d2:5b:3b:95:62:91:f3:1c:
62:9d:59:40:81:73:ef:82:5a:c0:ca:5d:52:3a:e0:dd:2f:ee:
ff:97:20:95
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZQg1fuNL0ACvmAeE+WgnFilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA2MWYyZjQ5YTZkN2FmOWVhNjc2YmFkMDNkZjFjZTJmNTAyNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWPZIsvVx2mZrHcixXSJ9ZcQjPco
J7mGzvTrRAUiuOHelIwRjGtSVgbWHRgyeZYr5rBpN/i/9OjsEDwqSpHJQmcgEC4p
vFSwyLQDQXyIOhdqkCJyh2CbAgD3Mbr4ecxQoxfKYK15yqDkTUZ3tBcQmgS/I1DQ
XGfY5BgUuQg4X0L83KiLEvJB6Ri5SNGQl18l9EYWWGfSToVQHRyKdjsdMemaJPOz
USUSOWvw5bjopSdluBC2HO+1Q43Yhc8rZ648KHDNXZ/Vq/oDGU3PXWIOEghNbMVc
9PnQy2fdzvJPxkMrbvU7PV6IiWgiavQiC7N696iJB1cHfuRGGQsZOGd1TQIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFKkGHy9JptevnqZ2utA98c4vUCYNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4L2JhOWJl
MS0xZmEyLTQyNTMtYmYwMS1mNmMyNjg2MTJmYzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvYmE5YmUx
LTFmYTItNDI1My1iZjAxLWY2YzI2ODYxMmZjNy8xL3FRWWZMMG1tMTYtZXBuYTYw
RDN4emk5UUpnMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHYGCCsGAQUF
BwEHAQH/BGcwZTBUBAIAATBOAwQEJY+wAwQFVe0AAwQEW49gAwQEbUmQAwQCuQ/s
AwQCudz8AwQCud6AAwQCueGQAwQCueSAAwQCuemQAwQCuexIAwQAwS74AwQE2R2Q
MA0EAgACMAcDBQAqAgdYMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnGAMA0GCSqG
SIb3DQEBCwUAA4IBAQBWbo0Q5uPErzTF6jZW0x4M7/LxUBcRDlhaLz2hpJ3rgT6C
qaoJ0TdyoCkhRlC85POPVPVDggvUAIZr5a+7S+0Zr7RPMegdn0vQ8iQcFive5rvw
fTCisbsTleSuiFDxAuWZ0eJ08vbaEFKVt3fFNOlJ1b0fsi/gN046qh9V5+qsYxKo
VhpvEdbPN/lfIRDloreXC5m/TdEjJyIyqHndzjWWpbz9yTb4Sot2yKOV1tYX46rq
mSUhkLSR+exiLzRut1J7lG4TGhubtr7RN8WIepE4NEDYgYBXG+VpOsupB8xQuNRQ
0ls7lWKR8xxinVlAgXPvglrAyl1SOuDdL+7/lyCV
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:33:06 2025 by rpki-client