Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer
File: tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer (raw, json)
Hash identifier: iPo1Xblfspx0h2GYyQszdGohduZntzkKhcNuDT2yIPo=
Subject key identifier: B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D7ED71D9E66B181BA89A682D4F305C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:49:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 213216
IP: 194.61.0.0/24
IP: 2a13:7fc0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ed:71:d9:e6:6b:18:1b:a8:9a:68:2d:4f:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:ea:d6:5e:4c:22:3d:da:0a:56:8c:71:19:
04:68:d7:87:0d:f7:e4:2a:5d:a0:ea:92:95:a7:ce:
9d:8e:fd:ac:26:09:18:88:7d:99:7c:81:43:df:ee:
25:48:04:bc:dd:d1:15:0c:09:5c:52:f9:9d:45:3b:
a8:f3:26:e4:99:5a:3c:53:81:15:05:d7:2b:bd:ec:
7f:98:e4:cb:db:38:27:3e:84:f6:ca:e8:0b:c1:64:
8a:30:f1:03:a5:0d:76:60:a6:26:96:e9:56:da:e1:
df:cf:b2:b7:9a:77:71:1a:55:34:ef:c2:ee:c0:ea:
86:e5:16:ed:fc:9a:4c:35:3d:ba:8a:8a:32:be:b8:
26:9a:73:76:48:f1:c1:99:3d:22:f5:54:c0:b4:df:
66:c5:2c:9f:e0:11:4c:3a:13:a2:aa:2f:f7:56:f8:
c6:eb:ad:06:11:f0:3e:14:31:25:41:76:08:ec:65:
e3:6f:32:94:68:28:0f:d8:90:fd:fd:41:08:37:95:
e4:df:0b:1f:f1:87:cd:af:7f:26:d9:20:36:a3:78:
7a:cd:b8:a4:a7:e0:d9:4b:da:00:11:a7:d0:b1:8e:
2c:d2:1c:02:fd:19:8d:f3:e4:aa:21:92:45:fc:81:
cc:36:5a:aa:65:b4:b6:ca:1a:40:a6:5d:fa:9c:22:
24:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.0.0/24
IPv6:
2a13:7fc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213216
Signature Algorithm: sha256WithRSAEncryption
64:74:57:9c:16:4e:46:08:d2:4c:77:67:db:9f:5f:97:8d:74:
2e:64:4d:cb:c1:fd:69:81:7e:c2:5a:c1:55:22:a2:fd:d9:f6:
2d:ab:a5:ed:64:57:fc:b0:b1:34:f4:c9:1b:04:5c:79:4c:70:
d0:22:1a:51:eb:69:64:a7:1e:43:29:8d:d3:25:5b:7d:eb:cc:
22:e5:e0:dc:bf:68:ea:b9:76:e8:33:65:c4:98:a6:3f:de:c3:
3f:16:ec:30:e0:67:7d:89:cc:01:e4:c9:12:8c:29:fd:eb:64:
00:05:91:2c:26:de:b7:82:6d:ca:7e:ea:16:88:8f:02:de:b8:
d3:72:ee:4c:ca:38:92:a6:6a:42:c7:6e:f8:e0:d9:f6:53:28:
7c:f3:63:65:f5:53:57:9d:d1:78:d2:0e:cf:50:e5:c1:2b:8e:
2e:0a:d0:b3:7f:37:1a:51:eb:d9:0e:d4:64:51:01:da:e2:c8:
28:77:8d:be:b1:39:85:54:d2:da:7f:90:14:ae:47:07:26:55:
87:38:bf:18:c4:f7:61:f8:c2:b3:ca:e4:91:22:9c:fc:14:b0:
d8:f7:88:56:53:a4:fb:21:e5:b5:ed:07:15:12:00:6d:e4:27:
38:37:cf:b0:ba:66:6a:15:17:ce:32:82:43:ea:45:62:f4:78:
c2:2f:d2:69
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQj1+1x2eZrGBuommgtTzBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA0YmNjZWI5YzM2M2YxM2UzYWRhYTRjMGZhNTI3ODBmMDY0Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zbq1l5MIj3aClaMcRkEaNeHDffk
Kl2g6pKVp86djv2sJgkYiH2ZfIFD3+4lSAS83dEVDAlcUvmdRTuo8ybkmVo8U4EV
Bdcrvex/mOTL2zgnPoT2yugLwWSKMPEDpQ12YKYmlulW2uHfz7K3mndxGlU078Lu
wOqG5Rbt/JpMNT26iooyvrgmmnN2SPHBmT0i9VTAtN9mxSyf4BFMOhOiqi/3VvjG
660GEfA+FDElQXYI7GXjbzKUaCgP2JD9/UEIN5Xk3wsf8YfNr38m2SA2o3h6zbik
p+DZS9oAEafQsY4s0hwC/RmN8+SqIZJF/IHMNlqqZbS2yhpApl36nCIkQwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLUEvM65w2PxPjrapMD6UngPBkaEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxLzFkM2Nk
Yy1kMDRiLTRhZGItYjA2OS0yYTM1MWFiM2I4ZjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvMWQzY2Rj
LWQwNGItNGFkYi1iMDY5LTJhMzUxYWIzYjhmNi8xL3RRUzh6cm5EWV9FLU90cWt3
UHBTZUE4R1JvUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwj0AMA0EAgACMAcDBQAqE3/AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNA4DANBgkqhkiG9w0BAQsFAAOCAQEAZHRXnBZORgjS
THdn259fl410LmRNy8H9aYF+wlrBVSKi/dn2Laul7WRX/LCxNPTJGwRceUxw0CIa
UetpZKceQymN0yVbfevMIuXg3L9o6rl26DNlxJimP97DPxbsMOBnfYnMAeTJEowp
/etkAAWRLCbet4Jtyn7qFoiPAt6403LuTMo4kqZqQsdu+ODZ9lMofPNjZfVTV53R
eNIOz1DlwSuOLgrQs383GlHr2Q7UZFEB2uLIKHeNvrE5hVTS2n+QFK5HByZVhzi/
GMT3YfjCs8rkkSKc/BSw2PeIVlOk+yHlte0HFRIAbeQnODfPsLpmahUXzjKCQ+pF
YvR4wi/SaQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:30:38 2025 by rpki-client