Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rpPMjMqB-gDcU-e4B46RtcEbou8.cer
File: rpPMjMqB-gDcU-e4B46RtcEbou8.cer (raw, json)
Hash identifier: gtaTbfJ5ai5taVasaVYiv3pjMHJXaKV+kZB795adbv4=
Subject key identifier: AE:93:CC:8C:CA:81:FA:00:DC:53:E7:B8:07:8E:91:B5:C1:1B:A2:EF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D74399CD429FD403A63633917B9106
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/179891-41cc-4aa0-ab68-f406c83b3fba/1/rpPMjMqB-gDcU-e4B46RtcEbou8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/179891-41cc-4aa0-ab68-f406c83b3fba/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:48:17 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 212295
AS: 212426
IP: 80.249.128.0/24
IP: 2a0d:a200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:43:99:cd:42:9f:d4:03:a6:36:33:91:7b:91:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae93cc8cca81fa00dc53e7b8078e91b5c11ba2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7c:3f:c1:62:12:8b:e1:97:59:06:ec:3e:c0:
90:8b:28:59:dc:66:19:23:a4:16:84:3e:a8:07:f6:
b3:72:f9:c7:e3:bf:88:a8:74:af:a6:23:d2:b3:40:
31:b4:01:c6:34:6a:75:4c:c9:c0:08:e7:b4:5b:54:
13:33:fc:80:1d:9b:be:e8:9e:68:21:0a:d3:a5:70:
f2:2e:8b:be:e4:39:ff:a9:82:31:72:4c:93:b5:6c:
be:56:13:ae:e8:e7:79:bf:98:ac:67:4c:be:df:39:
5d:18:2e:2f:db:5b:88:b9:7b:4b:a4:21:43:08:dd:
46:75:c9:07:b5:4c:58:94:d7:3f:ab:69:a0:fc:75:
0d:50:a7:94:04:5d:c2:af:fe:40:64:2e:cf:7d:dd:
c6:ac:62:bb:b0:6d:08:8a:5d:df:1a:cc:53:9e:d9:
f7:0e:53:12:d7:a2:95:5c:a3:6e:af:7e:df:df:26:
c5:c9:de:ed:ba:bc:d9:bb:33:bb:54:44:fc:1a:25:
4d:d3:93:60:61:17:e0:6d:ba:e5:82:92:d9:2c:1b:
b2:a6:96:cf:40:ab:ef:b5:7f:44:3b:c8:db:13:ff:
d5:53:42:8d:af:04:4b:49:91:2d:69:66:e1:66:16:
6f:57:93:db:df:08:cf:51:37:eb:5b:0a:de:27:d4:
97:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:93:CC:8C:CA:81:FA:00:DC:53:E7:B8:07:8E:91:B5:C1:1B:A2:EF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/179891-41cc-4aa0-ab68-f406c83b3fba/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/179891-41cc-4aa0-ab68-f406c83b3fba/1/rpPMjMqB-gDcU-e4B46RtcEbou8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.128.0/24
IPv6:
2a0d:a200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212295
212426
Signature Algorithm: sha256WithRSAEncryption
7f:e7:40:ab:b9:a3:dd:9c:9e:79:0b:0c:0e:d1:e4:6e:9d:50:
10:3a:f3:6c:05:81:58:55:78:85:d4:73:6b:fd:1a:c6:30:50:
a9:5f:98:78:bb:c1:10:41:c0:2d:46:0d:c5:df:a1:dd:af:21:
ba:fc:f4:c0:e9:e9:2f:72:e6:b2:aa:a2:32:9b:62:41:17:22:
c8:6c:9a:a5:77:3e:0c:11:18:2f:a6:19:64:7d:e8:e4:61:ac:
cb:40:59:2e:98:de:15:bb:16:c2:e9:3d:94:d9:b0:cb:8b:f2:
04:52:a7:c9:15:69:dd:1f:b6:73:7b:db:69:2b:fe:75:84:be:
1b:37:b9:a9:43:67:57:62:ff:6f:fa:f1:e4:f9:f3:e5:ed:ac:
19:24:90:d3:d8:89:51:7e:42:dd:ba:6f:2e:3b:57:57:a6:82:
8b:de:6d:68:79:a9:fd:64:7b:48:be:dd:ab:0d:47:36:d4:b3:
5e:29:a7:b4:d7:ef:da:db:a2:0d:6e:18:e2:5b:b4:6b:44:7d:
06:6f:40:cd:eb:e6:aa:54:11:a7:3d:02:ad:3a:db:bb:c8:4f:
0f:1d:ff:29:ab:12:b9:53:e9:79:26:47:6c:9c:3a:43:e0:f3:
ba:32:36:a4:80:1d:2a:1d:3f:a3:a8:3b:27:cd:26:23:b2:45:
f4:7c:26:bc
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQj10OZzUKf1AOmNjORe5EGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkzY2M4Y2NhODFmYTAwZGM1M2U3YjgwNzhlOTFiNWMxMWJhMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Xw/wWISi+GXWQbsPsCQiyhZ3GYZ
I6QWhD6oB/azcvnH47+IqHSvpiPSs0AxtAHGNGp1TMnACOe0W1QTM/yAHZu+6J5o
IQrTpXDyLou+5Dn/qYIxckyTtWy+VhOu6Od5v5isZ0y+3zldGC4v21uIuXtLpCFD
CN1GdckHtUxYlNc/q2mg/HUNUKeUBF3Cr/5AZC7Pfd3GrGK7sG0Iil3fGsxTntn3
DlMS16KVXKNur37f3ybFyd7turzZuzO7VET8GiVN05NgYRfgbbrlgpLZLBuyppbP
QKvvtX9EO8jbE//VU0KNrwRLSZEtaWbhZhZvV5Pb3wjPUTfrWwreJ9SXGwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFK6TzIzKgfoA3FPnuAeOkbXBG6LvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5LzE3OTg5
MS00MWNjLTRhYTAtYWI2OC1mNDA2YzgzYjNmYmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvMTc5ODkx
LTQxY2MtNGFhMC1hYjY4LWY0MDZjODNiM2ZiYS8xL3JwUE1qTXFCLWdEY1UtZTRC
NDZSdGNFYm91OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAUPmAMA0EAgACMAcDBQMqDaIAMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwM9RwIDAz3KMA0GCSqGSIb3DQEBCwUAA4IBAQB/50Cr
uaPdnJ55CwwO0eRunVAQOvNsBYFYVXiF1HNr/RrGMFCpX5h4u8EQQcAtRg3F36Hd
ryG6/PTA6ekvcuayqqIym2JBFyLIbJqldz4MERgvphlkfejkYazLQFkumN4VuxbC
6T2U2bDLi/IEUqfJFWndH7Zze9tpK/51hL4bN7mpQ2dXYv9v+vHk+fPl7awZJJDT
2IlRfkLdum8uO1dXpoKL3m1oean9ZHtIvt2rDUc21LNeKae01+/a26INbhjiW7Rr
RH0Gb0DN6+aqVBGnPQKtOtu7yE8PHf8pqxK5U+l5JkdsnDpD4PO6MjakgB0qHT+j
qDsnzSYjskX0fCa8
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:45:20 2025 by rpki-client