Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tfrsS42ZLda5zYmoSJ08OmUq7NI.cer
File: tfrsS42ZLda5zYmoSJ08OmUq7NI.cer (raw, json)
Hash identifier: LcmOpl6q0ENACBd/QDoD1XjIgsVTRKGOu8R7VnRS2hs=
Subject key identifier: B5:FA:EC:4B:8D:99:2D:D6:B9:CD:89:A8:48:9D:3C:3A:65:2A:EC:D2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942068055E10B214A8F2FC358E99648254
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/tfrsS42ZLda5zYmoSJ08OmUq7NI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 16047
IP: 37.60.176.0/21
IP: 185.220.40.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:05:5e:10:b2:14:a8:f2:fc:35:8e:99:64:82:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5faec4b8d992dd6b9cd89a8489d3c3a652aecd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:72:2e:2d:88:c0:42:38:36:44:9c:50:50:12:
8e:da:8e:12:75:44:fb:a9:0c:7a:f5:3b:8d:27:48:
d0:bc:68:5c:ef:99:34:c5:5c:27:09:63:03:9f:6e:
86:30:a4:57:e8:ac:85:98:d7:50:a3:7a:ff:e3:c9:
e4:58:70:3d:c2:33:28:3c:83:cd:11:84:93:da:65:
de:0e:f2:3b:8f:bc:80:e2:9b:a7:2f:94:c4:ff:63:
18:f6:9b:2a:7f:aa:56:9a:bb:96:35:91:ae:b4:86:
e3:fb:0f:0d:1e:14:a6:77:be:93:50:5b:eb:fe:35:
a2:91:76:10:42:f4:15:0c:a7:6d:ae:b3:bc:aa:66:
c5:5b:68:d6:7e:20:26:e6:9a:e2:43:d2:69:27:ff:
d2:2a:87:5f:b4:cd:b1:bb:1a:71:27:17:bd:02:23:
ed:22:55:ee:60:c9:f6:c1:b2:b0:7d:d5:22:02:63:
8a:ce:6b:b7:1f:14:70:18:ad:bf:5b:b2:b5:0a:31:
f9:c7:ad:a8:51:d4:7f:15:7c:aa:c9:67:48:fb:92:
20:28:08:cd:a3:2f:39:ec:32:d3:c7:40:85:58:68:
6c:dc:13:dd:ed:0e:0c:f3:8d:5d:4f:7d:c7:d4:3a:
cc:e4:e9:43:cc:4e:c3:e4:26:f9:2e:08:a8:2c:77:
84:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FA:EC:4B:8D:99:2D:D6:B9:CD:89:A8:48:9D:3C:3A:65:2A:EC:D2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/tfrsS42ZLda5zYmoSJ08OmUq7NI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.176.0/21
185.220.40.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16047
Signature Algorithm: sha256WithRSAEncryption
a0:85:28:1d:25:e8:75:62:50:89:65:e0:d4:a5:b9:8c:67:33:
87:f4:3e:59:a2:5f:32:6c:e4:07:0b:75:f3:72:08:e0:61:3f:
85:02:d0:f6:b6:8a:cb:00:ad:2c:1b:ca:25:dd:62:49:85:95:
da:5a:66:94:77:5a:d1:f6:15:09:5d:fa:3d:af:b2:f5:88:28:
39:cb:6b:b6:79:87:d7:44:ac:22:af:0b:55:8e:54:27:2d:b3:
0b:0b:2e:59:8c:62:e1:5a:29:58:b9:41:38:fb:ef:d8:58:06:
d5:d1:4f:e4:e2:06:90:0d:54:14:81:46:6a:ff:35:ef:cd:74:
15:13:5a:fb:a2:d2:4b:a2:c4:bc:9e:10:28:8c:bc:bf:3d:c6:
d3:b1:37:18:63:e9:b5:1f:4c:16:d9:9c:5e:03:95:78:90:47:
16:f4:c8:ba:72:57:dc:48:bf:3b:6c:5a:83:25:3f:77:bd:e8:
bf:25:d8:44:76:b0:55:cb:4f:fa:6b:10:bc:b8:e2:fe:0c:53:
22:3b:8b:70:f9:ab:94:58:11:f9:38:77:98:fd:e1:8f:99:06:
d0:e4:b6:86:47:31:13:b6:03:50:dd:f7:32:ea:e7:76:ba:61:
ff:04:b2:66:63:09:00:66:64:57:16:45:50:40:ae:02:2c:a7:
4c:6c:ff:c0
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZQgaAVeELIUqPL8NY6ZZIJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWZhZWM0YjhkOTkyZGQ2YjljZDg5YTg0ODlkM2MzYTY1MmFlY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXIuLYjAQjg2RJxQUBKO2o4SdUT7
qQx69TuNJ0jQvGhc75k0xVwnCWMDn26GMKRX6KyFmNdQo3r/48nkWHA9wjMoPIPN
EYST2mXeDvI7j7yA4punL5TE/2MY9psqf6pWmruWNZGutIbj+w8NHhSmd76TUFvr
/jWikXYQQvQVDKdtrrO8qmbFW2jWfiAm5priQ9JpJ//SKodftM2xuxpxJxe9AiPt
IlXuYMn2wbKwfdUiAmOKzmu3HxRwGK2/W7K1CjH5x62oUdR/FXyqyWdI+5IgKAjN
oy857DLTx0CFWGhs3BPd7Q4M841dT33H1DrM5OlDzE7D5Cb5LgioLHeEpwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFLX67EuNmS3Wuc2JqEidPDplKuzSMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzY4YzI5
Ni02OWIyLTQwNzAtOWZmOS00MjQzZGVjYWQzNjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvNjhjMjk2
LTY5YjItNDA3MC05ZmY5LTQyNDNkZWNhZDM2MC8xL3RmcnNTNDJaTGRhNXpZbW9T
SjA4T21VcTdOSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDJTywAwQCudwoMBkGCCsGAQUFBwEIAQH/BAow
CKAGMAQCAj6vMA0GCSqGSIb3DQEBCwUAA4IBAQCghSgdJeh1YlCJZeDUpbmMZzOH
9D5Zol8ybOQHC3XzcgjgYT+FAtD2torLAK0sG8ol3WJJhZXaWmaUd1rR9hUJXfo9
r7L1iCg5y2u2eYfXRKwirwtVjlQnLbMLCy5ZjGLhWilYuUE4++/YWAbV0U/k4gaQ
DVQUgUZq/zXvzXQVE1r7otJLosS8nhAojLy/PcbTsTcYY+m1H0wW2ZxeA5V4kEcW
9Mi6clfcSL87bFqDJT93vei/JdhEdrBVy0/6axC8uOL+DFMiO4tw+auUWBH5OHeY
/eGPmQbQ5LaGRzETtgNQ3fcy6ud2umH/BLJmYwkAZmRXFkVQQK4CLKdMbP/A
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:58:34 2025 by rpki-client