Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
File: r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer (raw, json)
Hash identifier: qZUFktcWRJAgH5ESOwC8yIBBi1zZGChQ3uUDmTsjB3s=
Subject key identifier: AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194228DDB5F50EC1BE23DD34A4E53296FBB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 15:48:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 24864
AS: 211099
IP: 2.58.144.0/23
IP: 89.188.64.0/21
IP: 94.177.116.0/23
IP: 185.159.56.0/22
IP: 188.241.124.0/23
IP: 193.110.28.0/22
IP: 194.156.235.0/24
IP: 195.234.157.0/24
IP: 217.13.176.0/20
IP: 2a02:7c8::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:db:5f:50:ec:1b:e2:3d:d3:4a:4e:53:29:6f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:96:5e:09:c1:e4:9f:0c:d2:fe:92:12:c5:53:
d3:6f:e9:14:e1:3b:6b:e7:75:2f:31:13:bc:02:bc:
b2:e4:6a:b9:24:a1:ea:55:e7:c2:d5:2e:eb:8c:ea:
98:d3:51:10:66:0f:91:15:ad:48:8f:d6:5b:07:d0:
ee:5b:e0:97:47:1e:d4:5c:e8:e2:a2:31:40:a9:ea:
6d:a2:7d:ff:8c:fa:a2:39:5f:bb:90:2c:64:1c:0d:
d5:60:47:cb:00:27:f5:8a:58:45:3e:34:40:20:b3:
6e:a1:d1:9a:4d:06:c9:43:0e:bc:3d:cd:93:5a:65:
bb:6f:0a:27:2c:e8:08:e6:29:60:f2:b9:5a:da:ad:
61:3a:c7:ce:52:96:8e:ce:a6:6c:ff:90:65:39:7f:
7f:4e:6f:be:b3:9f:73:8b:e9:63:31:a2:a3:e6:4a:
2d:f2:aa:26:ab:d9:4f:8a:f1:b6:64:82:80:6f:e4:
0d:e8:a7:c7:42:8a:0f:d6:a9:2f:49:9a:6a:2b:79:
62:55:11:5c:73:77:2a:69:f6:f1:f0:8d:2e:73:18:
69:c7:c9:a8:30:68:ec:98:39:53:09:cf:5b:b3:62:
54:e2:ae:e7:39:22:e6:20:f3:5c:bf:8b:a1:58:12:
d1:02:97:2c:0d:42:5b:dc:dd:33:fe:df:47:6f:d6:
0b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.144.0/23
89.188.64.0/21
94.177.116.0/23
185.159.56.0/22
188.241.124.0/23
193.110.28.0/22
194.156.235.0/24
195.234.157.0/24
217.13.176.0/20
IPv6:
2a02:7c8::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24864
211099
Signature Algorithm: sha256WithRSAEncryption
8e:64:e9:f9:44:bd:09:ad:c8:d9:0c:c3:f8:62:22:de:63:96:
54:2c:fa:8a:ac:7b:d7:71:53:e6:43:56:92:58:38:ea:b6:49:
80:ca:8a:71:1a:d5:4a:24:aa:18:de:20:15:d7:1f:f8:0b:69:
2a:ee:9a:c1:32:ed:0a:24:05:dd:da:0a:9d:e9:73:65:66:42:
8a:91:18:e7:65:66:97:41:25:cb:e1:65:30:4c:e5:ea:17:30:
19:7d:42:c9:ea:c4:f9:0c:94:74:07:4c:33:42:e5:a2:c3:a3:
3a:e9:e3:89:e7:a8:41:44:36:cc:8e:6d:8b:0d:0e:86:b7:e0:
02:89:3d:c5:ae:73:c0:f2:11:1f:05:61:e3:3e:c7:ce:5e:17:
d5:0e:61:01:35:5c:2c:47:bd:64:b1:a5:40:d1:49:7a:62:91:
c4:bf:65:12:89:de:2f:44:1c:27:6b:db:db:31:39:ba:12:6a:
a2:bd:e8:77:f0:28:47:cc:c9:9f:48:c2:cb:0b:39:b3:03:af:
ed:75:83:13:f5:67:21:a4:04:8a:ef:df:39:b4:b9:28:0c:b2:
ca:90:40:b5:69:f0:4b:60:41:be:14:7d:44:78:3f:6d:3a:4f:
c3:4f:11:c2:2c:63:08:0e:79:9f:02:04:89:b3:88:c3:24:ed:
d9:1e:c3:f4
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAZQijdtfUOwb4j3TSk5TKW+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjczZmYxZWM1NWY0OTI5NmRkNzM0MDM5ZmEwMjg0Y2M0MDBlYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5ZeCcHknwzS/pISxVPTb+kU4Ttr
53UvMRO8Aryy5Gq5JKHqVefC1S7rjOqY01EQZg+RFa1Ij9ZbB9DuW+CXRx7UXOji
ojFAqepton3/jPqiOV+7kCxkHA3VYEfLACf1ilhFPjRAILNuodGaTQbJQw68Pc2T
WmW7bwonLOgI5ilg8rla2q1hOsfOUpaOzqZs/5BlOX9/Tm++s59zi+ljMaKj5kot
8qomq9lPivG2ZIKAb+QN6KfHQooP1qkvSZpqK3liVRFcc3cqafbx8I0ucxhpx8mo
MGjsmDlTCc9bs2JU4q7nOSLmIPNcv4uhWBLRApcsDUJb3N0z/t9Hb9YL9wIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFK9z/x7FX0kpbdc0A5+gKEzEAOsmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2NlYTU4
MS01Y2RlLTQ1NzQtYmEwYS0yYzYyZGU3YjNlNDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvY2VhNTgx
LTVjZGUtNDU3NC1iYTBhLTJjNjJkZTdiM2U0NS8xL3IzUF9Ic1ZmU1NsdDF6UURu
NkFvVE1RQTZ5WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQBAjqQAwQDWbxAAwQBXrF0AwQCuZ84AwQBvPF8
AwQCwW4cAwQAwpzrAwQAw+qdAwQE2Q2wMA0EAgACMAcDBQMqAgfIMB4GCCsGAQUF
BwEIAQH/BA8wDaALMAkCAmEgAgMDOJswDQYJKoZIhvcNAQELBQADggEBAI5k6flE
vQmtyNkMw/hiIt5jllQs+oqse9dxU+ZDVpJYOOq2SYDKinEa1UokqhjeIBXXH/gL
aSrumsEy7QokBd3aCp3pc2VmQoqRGOdlZpdBJcvhZTBM5eoXMBl9QsnqxPkMlHQH
TDNC5aLDozrp44nnqEFENsyObYsNDoa34AKJPcWuc8DyER8FYeM+x85eF9UOYQE1
XCxHvWSxpUDRSXpikcS/ZRKJ3i9EHCdr29sxOboSaqK96HfwKEfMyZ9IwssLObMD
r+11gxP1ZyGkBIrv3zm0uSgMssqQQLVp8EtgQb4UfUR4P206T8NPEcIsYwgOeZ8C
BImziMMk7dkew/Q=
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:45:08 2025 by rpki-client