Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tXA_ZwDoMpABIrvmpQhkQes3vSw.cer
File: tXA_ZwDoMpABIrvmpQhkQes3vSw.cer (raw, json)
Hash identifier: XUMBLkhOCW7+x2ZuTDblMvsRFkbd6GJ8hl24oynANzA=
Subject key identifier: B5:70:3F:67:00:E8:32:90:01:22:BB:E6:A5:08:64:41:EB:37:BD:2C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5F5196B2465568662DDD5D4579FBB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/0/B5703F6700E832900122BBE6A5086441EB37BD2C.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 214223
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f5:19:6b:24:65:56:86:62:dd:d5:d4:57:9f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5703f6700e832900122bbe6a5086441eb37bd2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:fa:be:ea:2d:ee:99:c6:82:29:bb:d6:9f:
bc:78:8f:a8:1b:f9:03:ab:6b:6b:89:52:33:fe:48:
63:12:23:17:3b:d3:ac:35:ce:23:bd:8d:96:fb:13:
60:ee:2f:9d:44:03:b0:5c:21:73:8a:23:b1:cc:84:
97:3a:0d:07:ff:30:10:8c:b7:84:78:3f:9e:53:30:
e3:25:48:3a:15:22:79:8e:d2:46:e1:4c:df:16:0a:
88:1c:de:fb:90:4c:94:25:1f:7d:d8:12:74:1b:2d:
78:54:f1:04:30:fc:33:f8:5d:10:59:7e:78:d7:b5:
a0:3c:68:2b:58:f1:d8:ac:82:b8:cb:fa:6b:30:53:
d8:49:42:e7:b8:07:fa:26:91:07:0f:8a:7a:9f:28:
ab:42:c8:b3:b5:d0:b2:a7:71:0d:e8:d6:a7:fa:34:
5e:75:ce:44:f7:f6:08:0b:34:72:fa:af:cb:97:35:
a6:83:5c:05:fc:00:74:36:c9:73:09:02:19:81:c6:
09:16:2c:5e:b2:c6:9f:d0:ad:81:66:91:be:0f:12:
0a:40:ee:eb:e5:81:3e:41:68:97:e6:b3:bb:b4:94:
95:cd:f8:89:72:53:a1:55:a7:8b:2c:8a:8f:02:45:
e7:44:4e:96:e6:49:90:eb:86:58:0f:18:90:8b:db:
b1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:70:3F:67:00:E8:32:90:01:22:BB:E6:A5:08:64:41:EB:37:BD:2C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/0/B5703F6700E832900122BBE6A5086441EB37BD2C.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
214223
Signature Algorithm: sha256WithRSAEncryption
03:d9:ad:c1:7f:c5:a8:0d:c9:32:13:1f:9f:dc:f2:0c:e4:d5:
6b:06:7a:c2:0e:00:2d:37:8f:27:94:36:4a:d5:1f:6f:9d:84:
85:b8:38:51:88:67:b3:cd:e2:92:83:99:de:6e:fd:6a:fd:77:
1c:fa:bb:2d:82:7f:95:4d:d2:70:1e:1a:75:3f:dd:5a:f7:77:
2c:cc:99:68:b4:a5:b5:b0:d4:a4:e7:95:a2:54:38:8d:c9:90:
fb:ee:1a:ac:4c:60:4e:33:05:15:a4:1a:0f:fa:d4:80:9a:f0:
62:3c:64:e1:99:49:4d:8f:1f:0d:8b:24:fb:29:e8:b1:42:df:
18:99:fe:0b:94:e8:5f:4f:ba:14:44:31:e1:7c:b7:ae:76:15:
5f:fe:e1:c6:82:b5:76:c9:18:20:7e:cd:b9:59:4a:c3:7c:87:
0e:1e:00:52:0e:4f:7c:72:2e:cb:2e:50:67:08:68:30:04:09:
9b:98:36:78:c0:a9:19:37:dd:47:8d:d5:52:fc:3a:ef:55:08:
11:5e:45:d1:6a:bf:e2:0b:bf:7e:b3:73:3a:ba:a5:57:66:74:
2b:7f:f3:fd:6c:37:a7:12:87:64:7c:d9:13:b3:f0:4a:6a:70:
60:c9:22:28:34:b0:af:30:c5:a9:16:2b:82:8e:59:c9:aa:15:
b1:76:ce:f5
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZQg1fUZayRlVoZi3dXUV5+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTcwM2Y2NzAwZTgzMjkwMDEyMmJiZTZhNTA4NjQ0MWViMzdiZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0L6vuot7pnGgim71p+8eI+oG/kD
q2triVIz/khjEiMXO9OsNc4jvY2W+xNg7i+dRAOwXCFziiOxzISXOg0H/zAQjLeE
eD+eUzDjJUg6FSJ5jtJG4UzfFgqIHN77kEyUJR992BJ0Gy14VPEEMPwz+F0QWX54
17WgPGgrWPHYrIK4y/prMFPYSULnuAf6JpEHD4p6nyirQsiztdCyp3EN6Nan+jRe
dc5E9/YICzRy+q/LlzWmg1wF/AB0NslzCQIZgcYJFixessaf0K2BZpG+DxIKQO7r
5YE+QWiX5rO7tJSVzfiJclOhVaeLLIqPAkXnRE6W5kmQ64ZYDxiQi9uxyQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFLVwP2cA6DKQASK75qUIZEHrN70sMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJmMGQ0
YjRlLTlmNzQtNGRmNC1iZjVlLTA5MjkwOTZkYmUwNC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmYw
ZDRiNGUtOWY3NC00ZGY0LWJmNWUtMDkyOTA5NmRiZTA0LzAvQjU3MDNGNjcwMEU4
MzI5MDAxMjJCQkU2QTUwODY0NDFFQjM3QkQyQy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDRM8w
DQYJKoZIhvcNAQELBQADggEBAAPZrcF/xagNyTITH5/c8gzk1WsGesIOAC03jyeU
NkrVH2+dhIW4OFGIZ7PN4pKDmd5u/Wr9dxz6uy2Cf5VN0nAeGnU/3Vr3dyzMmWi0
pbWw1KTnlaJUOI3JkPvuGqxMYE4zBRWkGg/61ICa8GI8ZOGZSU2PHw2LJPsp6LFC
3xiZ/guU6F9PuhREMeF8t652FV/+4caCtXbJGCB+zblZSsN8hw4eAFIOT3xyLssu
UGcIaDAECZuYNnjAqRk33UeN1VL8Ou9VCBFeRdFqv+ILv36zczq6pVdmdCt/8/1s
N6cSh2R82ROz8EpqcGDJIig0sK8wxakWK4KOWcmqFbF2zvU=
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:14 2025 by rpki-client