Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer
File: xVnUaTVVufKtaAe6ztxLWi5wGkg.cer (raw, json)
Hash identifier: 3K9NN/1ZlUhMjemKPSxkJK6dDKWYpDxwHdyRJ/zvtG8=
Subject key identifier: C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B3FD4CF57D5E7EA64EB1E1FFA21F71
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:49:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 89.35.118.0/24
IP: 149.62.34.0/24
IP: 185.70.28.0/22
IP: 2a05:2800::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fd:4c:f5:7d:5e:7e:a6:4e:b1:e1:ff:a2:1f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8f:ea:59:93:05:7a:43:ae:ed:13:dc:fb:0b:
15:32:e1:d3:74:71:aa:2c:a4:36:9b:22:04:47:87:
68:b7:ce:63:9b:e9:c3:84:ab:ad:63:97:af:92:6b:
83:5f:98:b6:3a:72:c9:24:9b:d8:dc:c0:ea:a3:cd:
01:fd:1c:d0:d0:c6:ef:c3:59:2f:4e:5f:f9:53:3b:
cb:b6:ab:9f:0f:d2:f7:a8:ae:b9:61:ed:23:2a:58:
ea:2a:bf:4a:ce:60:be:33:40:7e:41:49:f7:6f:25:
c9:14:57:e8:ce:40:bc:5c:ef:1e:81:32:c6:82:ff:
73:32:b1:7b:76:c8:36:58:15:ac:70:a3:75:0e:60:
aa:05:12:70:d2:7a:82:b2:14:49:a7:94:68:91:11:
e4:77:82:2d:8b:69:dc:80:2c:dc:52:0b:20:de:48:
1f:44:5a:36:3e:ed:18:19:95:6a:14:a1:24:cf:64:
cc:8c:c0:6f:36:34:00:24:39:cc:66:c2:8b:5b:3a:
f6:95:62:e8:b1:cf:7c:34:89:22:02:68:02:5c:b3:
89:d3:ba:12:2a:1a:84:31:4b:5b:86:f0:41:4a:71:
2d:ac:56:44:25:2b:72:2a:28:96:99:ad:42:7c:a8:
d4:2a:43:2c:42:69:7e:51:16:17:85:c4:aa:63:09:
ba:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.118.0/24
149.62.34.0/24
185.70.28.0/22
IPv6:
2a05:2800::/29
Signature Algorithm: sha256WithRSAEncryption
a2:55:26:ea:7f:63:96:08:f2:b8:a1:82:77:a6:fd:85:68:e3:
46:72:8a:d4:4a:12:2d:0e:68:da:c2:2f:16:3a:8f:1f:61:89:
5e:39:e6:7f:15:e3:44:54:03:43:0a:a1:b1:38:83:f9:9e:36:
be:ad:2d:89:af:03:e7:18:55:c6:54:6d:f0:a2:70:de:9b:fe:
93:58:88:c5:fb:c4:cb:32:d2:92:7f:4c:01:1c:33:de:ee:96:
34:de:17:3a:62:15:32:55:5a:c3:d2:df:6a:76:e9:66:35:72:
21:a8:67:81:2a:a0:12:47:30:12:2a:ed:7b:4a:e4:05:ff:d0:
aa:e5:f2:9f:4e:db:1a:e7:ef:ad:9b:be:42:73:91:a3:46:f2:
12:dd:4f:11:32:52:76:51:97:f1:2f:0a:7a:d4:f9:29:cf:2b:
ae:72:fb:0f:0b:94:19:9f:b0:d8:1a:1a:56:42:ca:4c:15:ac:
5d:b4:bc:fc:25:77:66:8e:2e:d5:75:d3:b0:72:e2:b5:a0:d8:
7b:09:32:d8:1d:d6:60:50:39:73:69:2b:3c:22:fc:87:cc:0c:
12:84:5b:86:44:4f:b7:7d:6b:8c:ed:c7:3f:e2:fa:9b:63:e1:
75:6e:6d:a9:e2:65:66:b8:fc:e8:64:fb:10:8a:dd:1a:2e:76:
7a:7d:b9:31
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQks/1M9X1efqZOseH/oh9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTU5ZDQ2OTM1NTViOWYyYWQ2ODA3YmFjZWRjNGI1YTJlNzAxYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI/qWZMFekOu7RPc+wsVMuHTdHGq
LKQ2myIER4dot85jm+nDhKutY5evkmuDX5i2OnLJJJvY3MDqo80B/RzQ0Mbvw1kv
Tl/5UzvLtqufD9L3qK65Ye0jKljqKr9KzmC+M0B+QUn3byXJFFfozkC8XO8egTLG
gv9zMrF7dsg2WBWscKN1DmCqBRJw0nqCshRJp5RokRHkd4Iti2ncgCzcUgsg3kgf
RFo2Pu0YGZVqFKEkz2TMjMBvNjQAJDnMZsKLWzr2lWLosc98NIkiAmgCXLOJ07oS
KhqEMUtbhvBBSnEtrFZEJStyKiiWma1CfKjUKkMsQml+URYXhcSqYwm6ewIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFMVZ1Gk1VbnyrWgHus7cS1oucBpIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIwLzNmMGY4
Yi1hZjkzLTQyM2ItYmVhNS1kMmUzNTE2MDk3NTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvM2YwZjhi
LWFmOTMtNDIzYi1iZWE1LWQyZTM1MTYwOTc1OS8xL3hWblVhVFZWdWZLdGFBZTZ6
dHhMV2k1d0drZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQAWSN2AwQAlT4iAwQCuUYcMA0EAgACMAcDBQMq
BSgAMA0GCSqGSIb3DQEBCwUAA4IBAQCiVSbqf2OWCPK4oYJ3pv2FaONGcorUShIt
Dmjawi8WOo8fYYleOeZ/FeNEVANDCqGxOIP5nja+rS2JrwPnGFXGVG3wonDem/6T
WIjF+8TLMtKSf0wBHDPe7pY03hc6YhUyVVrD0t9qdulmNXIhqGeBKqASRzASKu17
SuQF/9Cq5fKfTtsa5++tm75Cc5GjRvIS3U8RMlJ2UZfxLwp61PkpzyuucvsPC5QZ
n7DYGhpWQspMFaxdtLz8JXdmji7VddOwcuK1oNh7CTLYHdZgUDlzaSs8IvyHzAwS
hFuGRE+3fWuM7cc/4vqbY+F1bm2p4mVmuPzoZPsQit0aLnZ6fbkx
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:58:34 2025 by rpki-client