Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/u303nAT4F1s172c9dsaORMcOgz8.cer
File: u303nAT4F1s172c9dsaORMcOgz8.cer (raw, json)
Hash identifier: i9yq90fNdkTx89mLJknkLu0TAoEJUnqJd876RUzB1J8=
Subject key identifier: BB:7D:37:9C:04:F8:17:5B:35:EF:67:3D:76:C6:8E:44:C7:0E:83:3F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942748330919646E52F54DD498B42A5F27
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/u303nAT4F1s172c9dsaORMcOgz8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:30 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35336
IP: 2.56.40.0/22
IP: 2a09:d040::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:33:09:19:64:6e:52:f5:4d:d4:98:b4:2a:5f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb7d379c04f8175b35ef673d76c68e44c70e833f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:5f:61:21:de:67:6b:91:78:cc:1c:40:98:
00:f2:a2:58:4f:e7:d9:3e:41:3e:f2:44:be:d3:a2:
06:0f:9d:b9:e0:39:a0:72:5c:71:a4:1a:73:e6:cf:
20:b9:5a:27:ff:1b:02:e7:6c:e2:a5:9d:8e:bc:18:
1f:7f:da:d7:54:90:63:cb:13:6f:fa:e8:bf:7e:9a:
56:29:a2:7c:55:52:7d:53:90:7c:1a:bb:c4:33:0d:
4f:dc:84:3e:a3:52:ab:86:f0:e4:91:77:1d:00:2b:
d4:4e:ec:b8:83:c7:51:41:92:26:9e:4c:5f:4d:c8:
0e:3b:bd:7a:cd:78:61:4b:dd:75:7c:96:68:b8:c7:
1a:5e:31:8a:c2:07:25:e1:7b:5b:e4:ca:a5:26:7c:
80:81:1a:62:54:ec:68:b9:3a:55:bc:70:0e:16:cc:
02:e8:c4:4a:47:72:b0:64:a8:f0:a3:78:d3:bb:73:
b2:54:bf:e5:4a:57:bf:50:7d:a4:d2:7b:11:f9:3a:
c7:ca:05:2c:e2:78:d8:07:08:65:8b:0b:a4:19:07:
e1:1f:a9:97:1f:18:ff:e6:6a:75:55:3f:fe:c8:5d:
06:a4:68:6b:2f:e0:97:93:7e:a0:b3:68:9a:3e:70:
ee:97:f0:e6:a9:0f:e1:ae:bd:0b:c1:d7:ed:9e:dd:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7D:37:9C:04:F8:17:5B:35:EF:67:3D:76:C6:8E:44:C7:0E:83:3F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/u303nAT4F1s172c9dsaORMcOgz8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.40.0/22
IPv6:
2a09:d040::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35336
Signature Algorithm: sha256WithRSAEncryption
20:71:a6:b6:6f:64:60:29:98:9e:2b:95:71:93:eb:e5:29:de:
00:1c:49:93:53:47:b3:a3:96:d7:1a:2a:9b:08:7d:a4:d4:73:
64:59:e3:5b:00:5b:76:97:c6:3d:34:3a:2f:e9:2f:8a:e6:b8:
df:e2:7a:8b:ab:26:12:b9:2c:9f:bf:f5:ca:ec:76:0e:c0:0f:
c5:a0:c1:b0:19:ab:98:6c:ed:73:c0:00:d4:69:70:c4:5d:ad:
be:f0:06:f1:3c:5b:95:29:08:e2:09:2e:9e:48:fc:f9:6d:ef:
91:82:c5:96:3b:89:20:2d:90:ee:eb:95:2f:42:85:07:23:94:
79:c3:5b:86:2b:cc:9f:b4:fe:35:cd:5d:ef:9f:35:ca:6e:b1:
78:87:27:d4:23:73:a4:5a:47:70:9d:19:87:a6:94:c8:af:d8:
73:5a:cb:5c:a2:c5:1a:5b:38:49:a2:c5:7d:62:8f:b1:a8:2d:
0d:bd:5f:a6:a1:dd:22:0f:8e:42:44:9b:74:77:ce:a7:ca:12:
45:b4:93:cf:e4:24:d8:9b:d7:70:19:e0:f1:9c:10:42:be:49:
b9:f8:f2:2d:a2:69:ac:79:07:5e:3b:08:7b:a7:69:e1:23:60:
39:0a:eb:6d:18:6c:f0:96:00:84:08:ba:3c:a1:57:82:ad:8e:
10:7e:ca:f3
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQnSDMJGWRuUvVN1Ji0Kl8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdkMzc5YzA0ZjgxNzViMzVlZjY3M2Q3NmM2OGU0NGM3MGU4MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri9fYSHeZ2uReMwcQJgA8qJYT+fZ
PkE+8kS+06IGD5254DmgclxxpBpz5s8guVon/xsC52zipZ2OvBgff9rXVJBjyxNv
+ui/fppWKaJ8VVJ9U5B8GrvEMw1P3IQ+o1KrhvDkkXcdACvUTuy4g8dRQZImnkxf
TcgOO716zXhhS911fJZouMcaXjGKwgcl4Xtb5MqlJnyAgRpiVOxouTpVvHAOFswC
6MRKR3KwZKjwo3jTu3OyVL/lSle/UH2k0nsR+TrHygUs4njYBwhliwukGQfhH6mX
Hxj/5mp1VT/+yF0GpGhrL+CXk36gs2iaPnDul/DmqQ/hrr0Lwdftnt2BxwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLt9N5wE+BdbNe9nPXbGjkTHDoM/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzllMGY1
ZS04MTQxLTQzYzktOGY0NC0zM2ViYWIyNGJiYjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvOWUwZjVl
LTgxNDEtNDNjOS04ZjQ0LTMzZWJhYjI0YmJiMy8xL3UzMDNuQVQ0RjFzMTcyYzlk
c2FPUk1jT2d6OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCAjgoMA0EAgACMAcDBQMqCdBAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCKCDANBgkqhkiG9w0BAQsFAAOCAQEAIHGmtm9kYCmY
niuVcZPr5SneABxJk1NHs6OW1xoqmwh9pNRzZFnjWwBbdpfGPTQ6L+kviua43+J6
i6smErksn7/1yux2DsAPxaDBsBmrmGztc8AA1GlwxF2tvvAG8TxblSkI4gkunkj8
+W3vkYLFljuJIC2Q7uuVL0KFByOUecNbhivMn7T+Nc1d7581ym6xeIcn1CNzpFpH
cJ0Zh6aUyK/Yc1rLXKLFGls4SaLFfWKPsagtDb1fpqHdIg+OQkSbdHfOp8oSRbST
z+Qk2JvXcBng8ZwQQr5JufjyLaJprHkHXjsIe6dp4SNgOQrrbRhs8JYAhAi6PKFX
gq2OEH7K8w==
-----END CERTIFICATE-----
Generated at Sat Mar 8 22:13:45 2025 by rpki-client