Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tLB5uhPORqvsf1vD893Ni7hnWQU.cer
File: tLB5uhPORqvsf1vD893Ni7hnWQU.cer (raw, json)
Hash identifier: McyPGJtpVnJ9RoXZ2zmlJChR/dxT9GJ/8oCLq4ZqYw4=
Subject key identifier: B4:B0:79:BA:13:CE:46:AB:EC:7F:5B:C3:F3:DD:CD:8B:B8:67:59:05
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427488D63486793EE967D9FE5A6C831BA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/d46a81-3735-42c6-9bbb-1d1799b59c99/1/tLB5uhPORqvsf1vD893Ni7hnWQU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/d46a81-3735-42c6-9bbb-1d1799b59c99/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:53 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 56670
IP: 91.194.220.0/23
IP: 194.165.12.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:8d:63:48:67:93:ee:96:7d:9f:e5:a6:c8:31:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4b079ba13ce46abec7f5bc3f3ddcd8bb8675905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:55:29:90:a3:42:dc:69:83:48:c2:8e:d8:c9:
22:1c:5e:71:55:f4:bb:c5:c0:de:38:26:7f:e9:db:
01:66:63:37:9d:a1:e6:4f:e0:c7:61:99:aa:17:6d:
ba:2f:ad:68:0d:d7:f5:8e:d9:cf:da:82:52:bd:73:
11:23:eb:e4:d1:64:7e:3b:f9:0a:9f:4c:ac:31:a3:
14:88:a0:e4:20:62:9c:ed:0f:f7:91:23:4d:6c:81:
40:18:15:ee:3c:12:73:e1:e1:66:ce:99:cc:67:cb:
47:73:2a:61:0a:21:05:c1:67:73:84:75:e2:ff:d2:
42:ba:e2:a6:4c:b1:aa:a6:61:a3:55:89:93:bc:b2:
48:c0:fc:5d:91:a2:be:a3:cf:06:3e:1c:b8:55:3f:
b7:8f:27:5b:90:b4:e2:61:6e:3e:12:32:af:2e:b7:
00:5e:6f:31:67:9d:f8:49:bd:6a:c2:b1:a6:3c:8f:
93:7c:4e:63:ef:6d:32:b7:6b:9a:dd:a7:70:67:f5:
31:28:8d:bb:78:1f:85:94:fe:30:4f:72:da:58:2e:
82:dd:d9:c6:7b:69:87:ad:e9:51:99:fd:e7:66:05:
ec:a7:ec:a0:d7:df:a9:5b:24:82:39:98:ce:61:53:
38:8a:d6:43:f3:68:d0:af:92:77:49:a0:d1:6c:f2:
3b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B0:79:BA:13:CE:46:AB:EC:7F:5B:C3:F3:DD:CD:8B:B8:67:59:05
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d46a81-3735-42c6-9bbb-1d1799b59c99/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d46a81-3735-42c6-9bbb-1d1799b59c99/1/tLB5uhPORqvsf1vD893Ni7hnWQU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.220.0/23
194.165.12.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56670
Signature Algorithm: sha256WithRSAEncryption
75:ab:ad:bb:95:de:f1:09:40:4b:51:9a:d4:3e:a6:3a:5c:49:
2e:e3:09:9b:5b:cd:6f:59:93:f8:f8:af:78:3c:80:0b:a8:e2:
c3:99:78:ef:0a:2b:b7:ac:be:47:68:48:35:62:69:37:55:8f:
7a:15:47:6e:94:0f:f1:10:15:7d:66:b7:35:3a:a8:0e:d0:08:
a4:f8:d3:32:2e:c1:a8:96:9c:c6:13:e9:3f:01:12:b0:af:7f:
90:47:b3:59:e4:c2:65:0b:85:60:7f:96:ae:d4:b0:be:b4:d6:
b2:60:cf:00:66:e8:59:cd:55:7f:e5:59:e6:47:d6:8c:93:27:
0c:9d:9d:b5:cb:c3:3c:23:7c:41:cc:2d:af:88:38:1d:14:66:
72:7e:b5:46:a7:41:45:0b:88:13:67:37:6e:f8:7d:21:03:af:
27:ac:a3:28:f6:1d:aa:2b:53:45:9a:f9:6f:3d:3b:dd:a0:b4:
d0:5d:b7:c2:8f:5d:23:35:68:2c:1a:f8:a4:28:c6:90:59:ce:
15:cc:72:ff:08:4e:da:e7:1b:6b:aa:a3:34:22:05:ef:e9:13:
24:ce:10:5b:c9:07:91:51:2b:a2:c6:ca:a4:15:0c:a4:85:4b:
4c:31:aa:71:67:4e:a5:4c:7f:b3:95:68:1c:4e:f2:b1:7b:b4:
11:03:66:ec
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQnSI1jSGeT7pZ9n+WmyDG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGIwNzliYTEzY2U0NmFiZWM3ZjViYzNmM2RkY2Q4YmI4Njc1OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FUpkKNC3GmDSMKO2MkiHF5xVfS7
xcDeOCZ/6dsBZmM3naHmT+DHYZmqF226L61oDdf1jtnP2oJSvXMRI+vk0WR+O/kK
n0ysMaMUiKDkIGKc7Q/3kSNNbIFAGBXuPBJz4eFmzpnMZ8tHcyphCiEFwWdzhHXi
/9JCuuKmTLGqpmGjVYmTvLJIwPxdkaK+o88GPhy4VT+3jydbkLTiYW4+EjKvLrcA
Xm8xZ534Sb1qwrGmPI+TfE5j720yt2ua3adwZ/UxKI27eB+FlP4wT3LaWC6C3dnG
e2mHrelRmf3nZgXsp+yg19+pWySCOZjOYVM4itZD82jQr5J3SaDRbPI7cQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLSweboTzkar7H9bw/PdzYu4Z1kFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkL2Q0NmE4
MS0zNzM1LTQyYzYtOWJiYi0xZDE3OTliNTljOTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvZDQ2YTgx
LTM3MzUtNDJjNi05YmJiLTFkMTc5OWI1OWM5OS8xL3RMQjV1aFBPUnF2c2YxdkQ4
OTNOaTdobldRVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQBW8LcAwQBwqUMMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDdXjANBgkqhkiG9w0BAQsFAAOCAQEAdautu5Xe8QlAS1Ga1D6mOlxJ
LuMJm1vNb1mT+PiveDyAC6jiw5l47wort6y+R2hINWJpN1WPehVHbpQP8RAVfWa3
NTqoDtAIpPjTMi7BqJacxhPpPwESsK9/kEezWeTCZQuFYH+WrtSwvrTWsmDPAGbo
Wc1Vf+VZ5kfWjJMnDJ2dtcvDPCN8Qcwtr4g4HRRmcn61RqdBRQuIE2c3bvh9IQOv
J6yjKPYdqitTRZr5bz073aC00F23wo9dIzVoLBr4pCjGkFnOFcxy/whO2ucba6qj
NCIF7+kTJM4QW8kHkVErosbKpBUMpIVLTDGqcWdOpUx/s5VoHE7ysXu0EQNm7A==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:53:42 2025 by rpki-client