Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
File: xv9UHPNkGToqAK2hQkSs00wUA4o.cer (raw, json)
Hash identifier: BASkA9alglYEj0XUGKoMJtEavbKKSaOVc3+EhVAIBsk=
Subject key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9BD221C4B82814C9677C2A6DCE5B0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 52095
AS: 61973
AS: 205248
IP: 193.104.254.0/24
IP: 2001:67c:1874::/48
IP: 2a09:f040::/29
IP: 2a0b:2fc0::/29
IP: 2a0d:c00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:bd:22:1c:4b:82:81:4c:96:77:c2:a6:dc:e5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4e:6a:24:dd:92:9c:46:e6:a2:fe:6a:46:30:
5a:6a:25:87:e6:90:41:b5:e9:c6:99:4c:fd:e7:ca:
e2:85:4b:45:54:6a:9f:4f:83:0b:a4:70:4b:0b:9f:
44:16:67:31:f0:db:0f:4a:03:64:b4:ab:62:6e:46:
3c:33:69:ce:d8:70:ed:83:61:fe:b5:7f:a5:06:c3:
b9:88:9b:5e:c3:1c:69:10:7f:c8:c0:40:00:fb:58:
4f:37:d4:25:35:63:93:91:b1:83:25:3f:d8:ac:72:
9a:8c:d9:bf:8c:7c:46:68:bd:40:cf:31:d6:36:84:
83:41:3d:5a:76:23:7a:04:1d:c3:64:4e:69:e7:0a:
a1:f5:20:33:f9:9c:01:32:a0:fd:3e:c7:a5:cd:4b:
b5:b1:ff:d9:d0:6d:4d:65:36:59:1f:9e:b5:51:08:
87:5f:98:62:7a:d9:ab:a8:9c:18:4a:21:86:5f:a7:
b0:81:8f:ba:9e:76:67:5f:1a:72:01:08:ee:6a:0a:
b0:49:37:34:c6:27:72:8b:47:dc:bf:8e:34:d8:62:
05:8b:cc:ed:df:1c:6c:0b:d6:51:57:58:9a:5c:14:
32:2e:53:d9:85:f7:d7:7f:36:23:7e:97:48:23:d6:
02:9d:46:42:73:67:22:76:9a:91:14:44:4e:4f:0c:
23:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.254.0/24
IPv6:
2001:67c:1874::/48
2a09:f040::/29
2a0b:2fc0::/29
2a0d:c00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
52095
61973
205248
Signature Algorithm: sha256WithRSAEncryption
12:d3:3d:85:38:9d:b1:ed:f5:18:13:73:b0:a4:8d:5e:13:10:
6b:b6:6c:27:7d:31:64:b3:32:6d:67:0b:20:1e:2b:df:b0:62:
f7:bd:79:16:bd:9b:72:dc:37:06:41:53:b6:56:be:3b:82:c5:
b0:1b:d4:e2:e5:a8:0d:a8:14:50:af:de:aa:25:31:a6:93:80:
c1:ed:81:be:3a:fd:c4:6f:76:26:03:b7:6c:d0:10:1b:5e:c2:
f5:4c:6b:4a:dc:62:d8:8d:4f:e8:09:fa:3a:0b:e4:bc:b8:c1:
b2:be:b1:bc:86:2b:e1:b3:b3:cf:a8:e2:48:14:cb:a5:f4:2e:
a9:64:22:fb:d4:fc:2b:f7:cf:25:6f:bd:ca:68:3c:78:31:fd:
20:f7:2b:70:f1:39:6e:f8:e0:ed:f9:f1:35:04:cc:e7:47:e0:
5d:f1:29:da:47:cf:38:d9:b2:f6:8c:f6:fb:87:35:b6:70:bc:
64:5d:72:3e:ab:42:24:a4:95:31:f4:47:44:88:f7:12:5f:f1:
6a:4c:bd:7b:cf:e8:3a:e5:9d:fd:7f:e2:8b:8f:88:83:20:92:
72:af:09:0b:2e:62:da:84:27:1f:da:c6:93:64:e0:dd:71:a1:
85:43:a3:80:c1:31:cc:91:f9:d7:5e:71:c7:25:a5:eb:99:c0:
d7:88:af:c0
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZQm2b0iHEuCgUyWd8Km3OWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZmNTQxY2YzNjQxOTNhMmEwMGFkYTE0MjQ0YWNkMzRjMTQwMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U5qJN2SnEbmov5qRjBaaiWH5pBB
tenGmUz958rihUtFVGqfT4MLpHBLC59EFmcx8NsPSgNktKtibkY8M2nO2HDtg2H+
tX+lBsO5iJtewxxpEH/IwEAA+1hPN9QlNWOTkbGDJT/YrHKajNm/jHxGaL1AzzHW
NoSDQT1adiN6BB3DZE5p5wqh9SAz+ZwBMqD9PselzUu1sf/Z0G1NZTZZH561UQiH
X5hietmrqJwYSiGGX6ewgY+6nnZnXxpyAQjuagqwSTc0xidyi0fcv4402GIFi8zt
3xxsC9ZRV1iaXBQyLlPZhffXfzYjfpdII9YCnUZCc2cidpqRFEROTwwjLwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFMb/VBzzZBk6KgCtoUJErNNMFAOKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0LzM5YTAy
Mi1mYWVkLTQzNzYtOGJlNi0yYTVlOThhYmQxZjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzlhMDIy
LWZhZWQtNDM3Ni04YmU2LTJhNWU5OGFiZDFmMy8xL3h2OVVIUE5rR1RvcUFLMmhR
a1NzMDB3VUE0by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEUGCCsGAQUF
BwEHAQH/BDYwNDAMBAIAATAGAwQAwWj+MCQEAgACMB4DBwAgAQZ8GHQDBQMqCfBA
AwUDKgsvwAMFAyoNDAAwJAYIKwYBBQUHAQgBAf8EFTAToBEwDwIDAMt/AgMA8hUC
AwMhwDANBgkqhkiG9w0BAQsFAAOCAQEAEtM9hTidse31GBNzsKSNXhMQa7ZsJ30x
ZLMybWcLIB4r37Bi9715Fr2bctw3BkFTtla+O4LFsBvU4uWoDagUUK/eqiUxppOA
we2Bvjr9xG92JgO3bNAQG17C9UxrStxi2I1P6An6OgvkvLjBsr6xvIYr4bOzz6ji
SBTLpfQuqWQi+9T8K/fPJW+9ymg8eDH9IPcrcPE5bvjg7fnxNQTM50fgXfEp2kfP
ONmy9oz2+4c1tnC8ZF1yPqtCJKSVMfRHRIj3El/xaky9e8/oOuWd/X/ii4+IgyCS
cq8JCy5i2oQnH9rGk2Tg3XGhhUOjgMExzJH5115xxyWl65nA14ivwA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:42:12 2025 by rpki-client