Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
File: r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer (raw, json)
Hash identifier: n/yy7XGnAK/m/afBk+u8NdMMwzESyPSlrKBDairEgN0=
Subject key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942445349E23F41E50C7691D25A39AF085
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:22 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2.57.68.0/22
IP: 45.13.28.0/22
IP: 45.83.184.0/22
IP: 45.86.28.0/22
IP: 45.94.24.0/22
IP: 45.134.148.0/22
IP: 45.153.232.0/22
IP: 77.83.220.0/22
IP: 141.98.128.0/22
IP: 193.160.76.0/22
IP: 212.80.220.0/22
IP: 213.139.196.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:34:9e:23:f4:1e:50:c7:69:1d:25:a3:9a:f0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:67:59:a6:dd:b3:40:91:d4:c3:17:51:65:
d8:34:7f:97:c2:78:8c:1a:8a:cf:8c:4c:14:17:5f:
27:a8:61:b3:76:ff:ea:ef:21:11:ad:69:e9:71:3b:
3a:51:6f:7f:d2:30:87:64:7f:c5:75:85:db:c8:cc:
8c:4c:28:15:c0:57:5f:37:08:58:54:72:35:8e:58:
21:5f:96:ca:ca:ed:8a:32:ca:6d:16:97:72:c6:29:
c6:68:50:89:8f:a8:08:16:0c:cd:1f:e3:14:09:c3:
69:34:82:f7:c9:fd:4e:62:6d:59:96:58:ca:16:91:
78:a1:b6:87:fd:f9:ed:83:bd:e7:7f:b9:76:d2:bc:
93:72:2c:99:02:4a:51:44:af:a0:e2:8e:92:97:cc:
9f:c5:d3:6f:db:cd:e9:56:b8:f3:06:ce:a8:0a:29:
02:8d:cf:7e:69:45:f8:81:f3:16:c5:33:40:df:10:
23:67:71:90:1c:53:fc:de:91:8e:65:2e:a4:3f:25:
2a:62:41:32:25:83:26:58:3b:d1:6e:e0:f3:52:12:
98:fa:e6:ca:73:ce:78:73:4b:14:8d:25:98:11:74:
d7:07:2f:a7:a2:b8:fd:96:ef:c1:e0:6e:d2:d7:e5:
91:11:9d:49:2c:50:6b:5c:fd:a5:84:a3:5d:06:49:
64:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.68.0/22
45.13.28.0/22
45.83.184.0/22
45.86.28.0/22
45.94.24.0/22
45.134.148.0/22
45.153.232.0/22
77.83.220.0/22
141.98.128.0/22
193.160.76.0/22
212.80.220.0/22
213.139.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:92:71:66:d0:cd:06:63:5f:31:4b:da:63:a5:c4:03:ed:ee:
d6:33:38:f9:06:83:e4:2c:df:46:46:ac:af:df:ed:97:85:22:
aa:d8:95:8c:c3:6e:72:aa:6f:e5:77:ee:0f:83:75:e8:e5:43:
31:b4:7c:39:09:ca:99:65:85:37:92:48:d8:b7:cc:87:4f:80:
86:9f:e2:aa:93:3c:ac:a1:e0:6a:0c:27:98:44:b1:20:47:cf:
6d:04:df:e0:7f:9c:da:ca:2e:32:f8:d2:5b:4d:e3:49:94:87:
3f:6f:c2:ca:d6:89:a3:09:30:b1:7b:5a:a5:19:b3:86:aa:3c:
b0:7b:ac:23:02:70:86:25:52:3c:e0:51:cf:19:8c:72:f2:c6:
04:07:7e:9e:48:2f:66:4d:ce:68:17:cf:15:94:58:e1:36:63:
94:68:e2:47:e2:b0:7f:4e:0d:4d:4c:41:95:22:b4:f5:f2:be:
b1:73:ab:dc:24:cc:04:49:47:b7:31:21:e8:45:40:8d:b6:a9:
ea:02:ea:59:59:d8:c5:c0:18:8b:b0:49:e3:a0:25:3b:b4:f3:
d6:6d:de:a9:67:3a:20:20:55:17:10:9f:00:a0:53:1b:ef:ad:
67:08:b8:a8:a2:ec:f0:99:a3:bf:aa:e6:28:80:da:50:67:c9:
33:25:27:47
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZQkRTSeI/QeUMdpHSWjmvCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY2Zjg1YWFkMTAxYzQ1NmMxYWM5YTAxYTcxOTJmYzU3ODhlOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstlnWabds0CR1MMXUWXYNH+XwniM
GorPjEwUF18nqGGzdv/q7yERrWnpcTs6UW9/0jCHZH/FdYXbyMyMTCgVwFdfNwhY
VHI1jlghX5bKyu2KMsptFpdyxinGaFCJj6gIFgzNH+MUCcNpNIL3yf1OYm1ZlljK
FpF4obaH/fntg73nf7l20ryTciyZAkpRRK+g4o6Sl8yfxdNv283pVrjzBs6oCikC
jc9+aUX4gfMWxTNA3xAjZ3GQHFP83pGOZS6kPyUqYkEyJYMmWDvRbuDzUhKY+ubK
c854c0sUjSWYEXTXBy+norj9lu/B4G7S1+WREZ1JLFBrXP2lhKNdBklkBQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFK/2+FqtEBxFbBrJoBpxkvxXiOksMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlmL2RmNzE5
YS00OTJmLTQ3Y2ItOTIxMi02NDRiZDBmYzdmODAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYvZGY3MTlh
LTQ5MmYtNDdjYi05MjEyLTY0NGJkMGZjN2Y4MC8xL3JfYjRXcTBRSEVWc0dzbWdH
bkdTX0ZlSTZTdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUF
BwEHAQH/BFIwUDBOBAIAATBIAwQCAjlEAwQCLQ0cAwQCLVO4AwQCLVYcAwQCLV4Y
AwQCLYaUAwQCLZnoAwQCTVPcAwQCjWKAAwQCwaBMAwQC1FDcAwQC1YvEMA0GCSqG
SIb3DQEBCwUAA4IBAQBrknFm0M0GY18xS9pjpcQD7e7WMzj5BoPkLN9GRqyv3+2X
hSKq2JWMw25yqm/ld+4Pg3Xo5UMxtHw5CcqZZYU3kkjYt8yHT4CGn+KqkzysoeBq
DCeYRLEgR89tBN/gf5zayi4y+NJbTeNJlIc/b8LK1omjCTCxe1qlGbOGqjywe6wj
AnCGJVI84FHPGYxy8sYEB36eSC9mTc5oF88VlFjhNmOUaOJH4rB/Tg1NTEGVIrT1
8r6xc6vcJMwESUe3MSHoRUCNtqnqAupZWdjFwBiLsEnjoCU7tPPWbd6pZzogIFUX
EJ8AoFMb761nCLioouzwmaO/quYogNpQZ8kzJSdH
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:19 2025 by rpki-client