Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tXwPr6ZQ3ZSjtVgXOfY9iO-kFPM.cer
File: tXwPr6ZQ3ZSjtVgXOfY9iO-kFPM.cer (raw, json)
Hash identifier: jRorUMwIleuDBEnij4dfGfEAfGVw+8ybTG7ehDxdJbE=
Subject key identifier: B5:7C:0F:AF:A6:50:DD:94:A3:B5:58:17:39:F6:3D:88:EF:A4:14:F3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194266BD984E6624304C3C2630D126B04EC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/8c02ff-a9c5-4788-ae8b-18b9a8510539/1/tXwPr6ZQ3ZSjtVgXOfY9iO-kFPM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/8c02ff-a9c5-4788-ae8b-18b9a8510539/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:49:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206146
IP: 185.59.219.0/24
IP: 217.18.84.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d9:84:e6:62:43:04:c3:c2:63:0d:12:6b:04:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b57c0fafa650dd94a3b5581739f63d88efa414f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:25:79:22:fb:ff:b9:83:76:5b:79:0c:b4:bb:
46:16:23:d5:61:93:13:87:68:ea:e9:3f:22:5e:19:
32:09:9a:92:6c:9d:71:1b:e9:f8:11:b9:c8:99:03:
1b:16:8a:75:91:2e:48:f3:a5:9a:fb:6c:a7:ed:c1:
3f:42:17:7f:18:43:96:3d:d4:36:07:95:88:0b:92:
47:03:e3:36:0b:ef:55:ad:40:9b:c3:a5:64:cd:42:
dc:83:8e:2d:ea:cc:b3:4c:36:b4:29:e6:b6:e9:2f:
85:94:86:43:81:78:f4:bd:c7:02:54:96:85:e7:22:
5e:6c:16:12:24:3f:c3:e3:d6:00:f1:fc:a7:03:ce:
70:43:2c:96:63:e4:46:a9:8a:58:96:25:f7:cd:f9:
70:99:94:f9:cb:98:b2:11:ec:62:19:1e:27:c1:aa:
d8:6e:78:e3:fd:6a:22:70:f2:b1:c9:14:12:d6:d0:
dc:cc:05:26:f6:0e:19:db:f1:b6:17:d7:28:29:2f:
16:01:d7:58:01:67:a9:e7:5a:16:56:4c:2f:e4:13:
f0:e4:e1:3d:10:21:2a:2f:03:fa:4f:94:cc:79:00:
5f:20:07:31:49:03:d8:da:02:ff:ed:2d:e8:95:cf:
97:7e:fa:22:71:20:6b:34:68:c6:03:88:f7:83:cb:
6f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7C:0F:AF:A6:50:DD:94:A3:B5:58:17:39:F6:3D:88:EF:A4:14:F3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8c02ff-a9c5-4788-ae8b-18b9a8510539/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8c02ff-a9c5-4788-ae8b-18b9a8510539/1/tXwPr6ZQ3ZSjtVgXOfY9iO-kFPM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.219.0/24
217.18.84.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206146
Signature Algorithm: sha256WithRSAEncryption
b0:fb:96:ec:c8:2c:87:27:0b:fe:ce:17:71:28:85:59:cf:16:
3a:8b:b1:a2:14:3a:f6:ef:4c:70:77:75:fb:45:7a:99:49:58:
23:16:c3:8e:5d:58:ba:80:27:77:2f:9e:a1:2f:01:f8:ef:f1:
80:d9:39:2d:97:8c:68:80:bd:e7:40:be:78:b3:34:f9:1e:d5:
5c:c6:c1:3f:99:0c:34:6e:ec:3b:b1:69:a2:5f:5b:6a:9c:9b:
5d:ef:8c:4c:c7:8f:94:d2:b2:62:46:91:0d:8c:9c:3e:a7:c9:
6e:5c:ec:73:f5:ba:e2:f7:77:b3:1e:e5:8f:1e:17:50:78:9f:
ab:8b:8b:ca:36:e5:55:6a:27:83:3a:0e:c3:93:61:70:33:3f:
49:36:10:19:56:c6:98:33:d0:2d:2b:d9:4a:72:9f:00:0d:21:
ff:01:21:27:07:66:74:09:b5:65:8d:05:ef:19:01:40:52:42:
73:7e:b8:8a:f1:7c:06:4f:ac:35:3c:34:26:22:a5:87:e0:cb:
c1:44:77:ed:b5:2c:2a:b6:d8:86:3b:ca:44:af:3b:62:97:b4:
a5:e7:c4:b1:69:a8:03:d7:da:54:2c:ce:b7:07:77:8a:83:4a:
45:dc:9b:d3:dd:c8:d0:51:09:72:c4:f7:85:35:58:ad:df:cd:
41:3d:44:7b
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQma9mE5mJDBMPCYw0SawTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdjMGZhZmE2NTBkZDk0YTNiNTU4MTczOWY2M2Q4OGVmYTQxNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiV5Ivv/uYN2W3kMtLtGFiPVYZMT
h2jq6T8iXhkyCZqSbJ1xG+n4EbnImQMbFop1kS5I86Wa+2yn7cE/Qhd/GEOWPdQ2
B5WIC5JHA+M2C+9VrUCbw6VkzULcg44t6syzTDa0Kea26S+FlIZDgXj0vccCVJaF
5yJebBYSJD/D49YA8fynA85wQyyWY+RGqYpYliX3zflwmZT5y5iyEexiGR4nwarY
bnjj/WoicPKxyRQS1tDczAUm9g4Z2/G2F9coKS8WAddYAWep51oWVkwv5BPw5OE9
ECEqLwP6T5TMeQBfIAcxSQPY2gL/7S3olc+XfvoicSBrNGjGA4j3g8tvLwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLV8D6+mUN2Uo7VYFzn2PYjvpBTzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzhjMDJm
Zi1hOWM1LTQ3ODgtYWU4Yi0xOGI5YTg1MTA1MzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvOGMwMmZm
LWE5YzUtNDc4OC1hZThiLTE4YjlhODUxMDUzOS8xL3RYd1ByNlpRM1pTanRWZ1hP
Zlk5aU8ta0ZQTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAuTvbAwQA2RJUMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwMlQjANBgkqhkiG9w0BAQsFAAOCAQEAsPuW7MgshycL/s4XcSiFWc8W
OouxohQ69u9McHd1+0V6mUlYIxbDjl1YuoAndy+eoS8B+O/xgNk5LZeMaIC950C+
eLM0+R7VXMbBP5kMNG7sO7Fpol9bapybXe+MTMePlNKyYkaRDYycPqfJblzsc/W6
4vd3sx7ljx4XUHifq4uLyjblVWongzoOw5NhcDM/STYQGVbGmDPQLSvZSnKfAA0h
/wEhJwdmdAm1ZY0F7xkBQFJCc364ivF8Bk+sNTw0JiKlh+DLwUR37bUsKrbYhjvK
RK87Ype0pefEsWmoA9faVCzOtwd3ioNKRdyb093I0FEJcsT3hTVYrd/NQT1Eew==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:45:54 2025 by rpki-client