Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.cer
File: y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.cer (raw, json)
Hash identifier: 29ZakPvk7Mw6JnQU5SbG95aHbMrhJOt0ztiHWpFbr3s=
Subject key identifier: CB:9F:19:CC:1A:D7:87:45:A5:DA:B3:1D:63:40:57:E2:9A:BF:ED:8C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9A0FAEA43B6D2801C268D441A6760
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:44 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 207706
IP: 94.154.7.0/24
IP: 2a0f:ebc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a0:fa:ea:43:b6:d2:80:1c:26:8d:44:1a:67:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb9f19cc1ad78745a5dab31d634057e29abfed8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c0:b1:9b:97:d2:e9:68:d1:70:6f:f1:fb:4a:
c7:dc:e0:09:5a:a4:94:4f:0d:de:91:3e:3e:58:7a:
24:fe:0c:f9:5f:6c:9c:db:1f:4f:dc:f2:09:a5:22:
71:b9:8d:38:dc:96:6b:18:55:a1:d3:c3:68:c6:f6:
08:07:5a:23:0e:d3:a1:02:60:77:e0:71:e8:2d:40:
d6:fd:2d:36:10:36:a0:e7:38:1c:10:63:77:94:d0:
e9:30:7a:9f:82:d5:5a:81:d3:6b:75:4e:c0:56:c5:
ed:e0:a4:8e:ba:5c:44:39:1a:d9:cf:d3:a6:78:a5:
d3:59:3d:cc:20:0d:69:22:82:1f:07:b2:17:b9:54:
14:7d:42:fe:05:b1:d3:6c:4b:7b:9a:79:29:09:80:
d1:fc:09:e7:82:30:21:08:a0:14:5e:4a:84:f8:31:
b5:8d:a4:5c:51:2a:b7:f9:66:89:06:fd:66:fc:eb:
fb:30:b4:ba:c2:2c:89:83:21:56:d2:c9:fa:e2:15:
aa:6e:e0:cd:79:5c:ae:a5:a0:a6:ba:01:79:5a:e1:
b0:c9:56:45:05:18:cd:a6:35:76:ed:6d:38:66:a7:
c6:87:0b:e7:fa:a6:a2:31:b0:0f:e8:0d:cc:04:81:
02:1f:85:44:d4:8c:c8:91:50:35:53:ee:9f:fb:6a:
40:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9F:19:CC:1A:D7:87:45:A5:DA:B3:1D:63:40:57:E2:9A:BF:ED:8C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.7.0/24
IPv6:
2a0f:ebc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207706
Signature Algorithm: sha256WithRSAEncryption
67:64:5f:10:7f:f8:4b:37:34:62:d0:65:5c:d4:da:a8:43:ba:
51:45:4a:e4:d9:f3:5d:1e:33:e5:a5:c0:2b:ab:56:4a:28:f8:
9d:1e:9a:44:69:86:6a:86:86:65:69:ee:a2:f0:ec:c1:cd:49:
4a:36:71:fc:d7:a8:f5:f4:d6:a5:e9:57:f4:0c:e9:90:b1:35:
a6:28:5a:ed:e1:a8:99:9a:0c:91:84:51:c1:99:d3:01:e5:1f:
85:c2:93:cc:2e:8c:7a:4a:5c:62:d2:eb:17:d1:c2:5c:b4:0e:
5a:32:23:bb:51:2b:81:ba:d6:ab:79:0a:4e:48:4c:83:24:e7:
be:0b:82:24:f6:f5:8c:dc:1a:f5:5d:d5:cf:ea:4e:d4:53:38:
bd:40:96:29:ea:1e:40:16:98:e9:45:97:bf:46:6f:69:83:dc:
b0:a5:3b:27:5e:77:7d:33:43:bf:1f:45:3a:18:d8:df:ff:54:
ca:fb:50:ec:e6:01:7d:87:5b:07:3a:8a:ba:2e:6b:1d:bc:c9:
0c:a8:dc:1b:3d:23:2c:c7:ad:06:8c:10:25:78:9f:31:5c:09:
9f:4d:23:19:c3:e5:a5:ec:08:7e:7d:a1:53:ea:58:dc:a5:ca:
4b:8d:d3:6d:fd:c0:cc:25:7a:38:35:ac:ae:3a:09:29:1a:57:
ca:bd:ff:df
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQm2aD66kO20oAcJo1EGmdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjlmMTljYzFhZDc4NzQ1YTVkYWIzMWQ2MzQwNTdlMjlhYmZlZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMCxm5fS6WjRcG/x+0rH3OAJWqSU
Tw3ekT4+WHok/gz5X2yc2x9P3PIJpSJxuY043JZrGFWh08NoxvYIB1ojDtOhAmB3
4HHoLUDW/S02EDag5zgcEGN3lNDpMHqfgtVagdNrdU7AVsXt4KSOulxEORrZz9Om
eKXTWT3MIA1pIoIfB7IXuVQUfUL+BbHTbEt7mnkpCYDR/AnngjAhCKAUXkqE+DG1
jaRcUSq3+WaJBv1m/Ov7MLS6wiyJgyFW0sn64hWqbuDNeVyupaCmugF5WuGwyVZF
BRjNpjV27W04ZqfGhwvn+qaiMbAP6A3MBIECH4VE1IzIkVA1U+6f+2pAwQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMufGcwa14dFpdqzHWNAV+Kav+2MMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3L2FmMWQ0
OS1kMGU0LTRkNjgtOGRlZS1kZDY5YTRlZTEzNTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvYWYxZDQ5
LWQwZTQtNGQ2OC04ZGVlLWRkNjlhNGVlMTM1MC8xL3k1OFp6QnJYaDBXbDJyTWRZ
MEJYNHBxXzdZdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAXpoHMA0EAgACMAcDBQMqD+vAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMrWjANBgkqhkiG9w0BAQsFAAOCAQEAZ2RfEH/4Szc0
YtBlXNTaqEO6UUVK5NnzXR4z5aXAK6tWSij4nR6aRGmGaoaGZWnuovDswc1JSjZx
/Neo9fTWpelX9AzpkLE1piha7eGomZoMkYRRwZnTAeUfhcKTzC6MekpcYtLrF9HC
XLQOWjIju1ErgbrWq3kKTkhMgyTnvguCJPb1jNwa9V3Vz+pO1FM4vUCWKeoeQBaY
6UWXv0ZvaYPcsKU7J153fTNDvx9FOhjY3/9UyvtQ7OYBfYdbBzqKui5rHbzJDKjc
Gz0jLMetBowQJXifMVwJn00jGcPlpewIfn2hU+pY3KXKS43Tbf3AzCV6ODWsrjoJ
KRpXyr3/3w==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:53:22 2025 by rpki-client