Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
File: tyWIwA7vcVgJ61_dbWcXzCjA36w.cer (raw, json)
Hash identifier: P4/dZ1oLe3gKHQC71JHd9/i5vb2F3mpCujfBVoctWMU=
Subject key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019623F6849A5053B09971730D874D14498E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 11 Apr 2025 08:28:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204489
IP: 5.149.155.0 -- 5.149.158.255
IP: 31.207.64.0 -- 31.207.73.255
IP: 152.89.132.0/22
IP: 178.236.128.0/20
IP: 185.39.192.0/22
IP: 192.145.16.0/22
IP: 193.32.200.0/22
IP: 2a02:1710::/32
IP: 2a09:3240::/32
IP: 2a09:5380::/32
IP: 2a0d:d4c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:23:f6:84:9a:50:53:b0:99:71:73:0d:87:4d:14:49:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 11 08:28:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a1:05:ca:67:8a:b1:04:53:9f:e0:ae:cc:69:
d4:ec:b0:a7:d0:f4:be:c4:5e:c4:c7:c2:d2:13:44:
4d:bd:20:f8:46:c0:af:ec:ad:8e:7d:8f:5f:1b:3a:
c9:e6:39:33:ae:19:4e:5e:d8:2c:78:de:43:39:f3:
ab:64:3b:48:d6:d5:2b:4f:c1:64:a8:dc:88:b7:4e:
e1:fe:eb:21:be:dc:53:a1:a3:c6:b6:40:0d:1a:a8:
75:c8:fd:59:90:b4:2f:12:da:e5:15:87:c8:fd:1f:
2c:34:c2:67:c8:da:a5:7c:65:46:f7:a0:c3:56:cf:
60:75:a9:37:c7:79:3e:d2:5a:67:9a:e0:08:04:24:
ad:a6:20:a3:48:12:2c:b0:d5:69:99:00:c9:e0:a4:
72:78:26:44:57:0b:ca:5c:31:de:2c:92:0c:05:dc:
7f:ea:ba:df:80:2d:31:53:86:9b:a7:e9:39:2f:99:
9b:d4:65:a7:cd:e2:c7:e8:46:b8:75:00:4c:72:88:
9a:64:14:23:4d:45:6c:2f:ef:58:bb:fb:ff:ea:e1:
d9:f0:e7:91:2b:65:eb:28:5e:a0:30:5a:8b:f8:da:
16:af:6a:bf:45:2d:e7:a6:f3:ae:90:3b:08:96:46:
e7:29:af:e9:13:36:1f:40:a5:10:50:fa:58:ae:cc:
f3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.155.0-5.149.158.255
31.207.64.0-31.207.73.255
152.89.132.0/22
178.236.128.0/20
185.39.192.0/22
192.145.16.0/22
193.32.200.0/22
IPv6:
2a02:1710::/32
2a09:3240::/32
2a09:5380::/32
2a0d:d4c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204489
Signature Algorithm: sha256WithRSAEncryption
5e:fd:b5:82:aa:82:53:c4:50:06:40:36:24:0e:97:b1:a1:a3:
f8:f0:84:25:bd:55:e5:ba:0e:fd:cb:15:9a:98:03:72:59:e5:
31:e1:a0:4d:b9:4e:c7:47:99:69:cf:27:b5:19:2f:dc:6f:7d:
fe:ec:e4:8b:29:67:6a:e7:15:ec:b3:0d:65:cb:38:7e:d4:ce:
2c:d1:04:c7:5e:77:83:8e:e3:f0:18:d6:2c:fd:cf:8c:4d:fa:
37:58:dd:c4:82:4f:46:1c:6b:f6:f5:ea:4f:6e:9a:5d:7f:b6:
33:0f:8a:d9:2e:1b:fa:82:a2:b7:51:a3:3a:a2:d6:03:26:ce:
7a:c7:7b:3c:dd:44:27:05:9a:c5:67:57:85:b8:83:3a:94:71:
18:3f:b9:2d:29:99:d4:a3:d9:a9:85:37:b3:53:cf:c4:ba:98:
a0:e6:06:82:94:ce:31:a0:90:c6:33:eb:a0:a0:d2:96:0f:fa:
fc:35:81:2f:4b:b8:f5:59:93:4e:04:9f:69:c8:c8:61:dc:5d:
73:63:05:a4:2a:01:7b:38:4e:07:29:d0:63:eb:78:30:cd:de:
6a:a8:52:6a:77:a4:32:01:4e:0e:ef:a3:03:65:2d:98:3f:95:
e2:6c:a8:22:e5:93:cf:2d:0f:9c:36:90:b5:0a:c5:c3:b1:a2:
ac:bd:36:23
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZYj9oSaUFOwmXFzDYdNFEmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDExMDgyODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI1ODhjMDBlZWY3MTU4MDllYjVmZGQ2ZDY3MTdjYzI4YzBkZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKEFymeKsQRTn+CuzGnU7LCn0PS+
xF7Ex8LSE0RNvSD4RsCv7K2OfY9fGzrJ5jkzrhlOXtgseN5DOfOrZDtI1tUrT8Fk
qNyIt07h/ushvtxToaPGtkANGqh1yP1ZkLQvEtrlFYfI/R8sNMJnyNqlfGVG96DD
Vs9gdak3x3k+0lpnmuAIBCStpiCjSBIssNVpmQDJ4KRyeCZEVwvKXDHeLJIMBdx/
6rrfgC0xU4abp+k5L5mb1GWnzeLH6Ea4dQBMcoiaZBQjTUVsL+9Yu/v/6uHZ8OeR
K2XrKF6gMFqL+NoWr2q/RS3npvOukDsIlkbnKa/pEzYfQKUQUPpYrszznwIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFLcliMAO73FYCetf3W1nF8wowN+sMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI4L2ViYmFj
OS1mZWU3LTRmM2ItOGNkNS03YTQxMjU0ZWFhY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvZWJiYWM5
LWZlZTctNGYzYi04Y2Q1LTdhNDEyNTRlYWFjYS8xL3R5V0l3QTd2Y1ZnSjYxX2Ri
V2NYekNqQTM2dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHcGCCsGAQUF
BwEHAQH/BGgwZjBABAIAATA6MAwDBAAFlZsDBAAFlZ4wDAMEBh/PQAMEAR/PSAME
AphZhAMEBLLsgAMEArknwAMEAsCREAMEAsEgyDAiBAIAAjAcAwUAKgIXEAMFACoJ
MkADBQAqCVOAAwUAKg3UwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDHskwDQYJ
KoZIhvcNAQELBQADggEBAF79tYKqglPEUAZANiQOl7Gho/jwhCW9VeW6Dv3LFZqY
A3JZ5THhoE25TsdHmWnPJ7UZL9xvff7s5IspZ2rnFeyzDWXLOH7UzizRBMded4OO
4/AY1iz9z4xN+jdY3cSCT0Yca/b16k9uml1/tjMPitkuG/qCordRozqi1gMmznrH
ezzdRCcFmsVnV4W4gzqUcRg/uS0pmdSj2amFN7NTz8S6mKDmBoKUzjGgkMYz66Cg
0pYP+vw1gS9LuPVZk04En2nIyGHcXXNjBaQqAXs4Tgcp0GPreDDN3mqoUmp3pDIB
Tg7vowNlLZg/leJsqCLlk88tD5w2kLUKxcOxoqy9NiM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:43:56 2025 by rpki-client