Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yBhKRQWwV2BY_TMwWb_xU65urVs.cer
File: yBhKRQWwV2BY_TMwWb_xU65urVs.cer (raw, json)
Hash identifier: iWShXK7YafKiR+XTZ0YfNMLubl1k+ZvQhsFA7Bg15SQ=
Subject key identifier: C8:18:4A:45:05:B0:57:60:58:FD:33:30:59:BF:F1:53:AE:6E:AD:5B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221F79D7C093D4A1D85D38EDF5D65CAA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/yBhKRQWwV2BY_TMwWb_xU65urVs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:47:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 62313
IP: 185.39.244.0/22
IP: 213.32.224.0/21
IP: 2a01:4760::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:79:d7:c0:93:d4:a1:d8:5d:38:ed:f5:d6:5c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8184a4505b0576058fd333059bff153ae6ead5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:ce:7b:07:e0:29:ab:ae:0c:da:63:9e:19:
44:58:09:61:83:d1:8f:a8:e4:5a:61:d5:9d:6f:b1:
e8:0e:6a:b5:7f:17:cc:d1:e2:d9:a0:06:a5:d6:b0:
1f:ac:d8:87:26:3d:d6:fe:80:43:1b:42:fd:5b:ad:
08:87:2e:f0:ae:73:73:3b:d3:5c:38:a0:57:27:fe:
28:23:77:4b:ad:0f:13:6a:5d:3d:07:21:72:c9:a7:
b8:20:92:89:c2:ef:e2:74:9a:f1:8f:c3:32:8d:14:
fe:b1:9b:79:1b:ee:63:6b:b4:6b:fb:3e:19:a3:31:
23:bf:a1:b0:c0:e6:a9:d6:53:23:af:05:96:fe:58:
e1:d0:de:ae:8d:4e:a7:b9:8b:a2:14:81:72:2c:de:
3a:4c:1f:18:9b:7b:be:01:ee:21:68:47:71:e4:f0:
e7:65:9e:fa:28:60:5d:91:f8:2a:d9:bb:5d:80:06:
0d:d4:a1:c5:c2:b9:92:2c:26:88:0e:4b:bf:40:81:
00:17:42:c7:a0:43:f6:1c:b2:cc:c8:9e:44:b8:08:
9f:d9:9a:41:49:d9:1d:3c:3e:d0:71:b5:62:10:5f:
6e:c9:87:2c:0d:c6:20:50:72:3b:55:8c:89:c6:69:
99:80:dd:c7:98:97:52:5a:c7:82:ba:b6:90:2f:8e:
f6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:18:4A:45:05:B0:57:60:58:FD:33:30:59:BF:F1:53:AE:6E:AD:5B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/yBhKRQWwV2BY_TMwWb_xU65urVs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.244.0/22
213.32.224.0/21
IPv6:
2a01:4760::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
62313
Signature Algorithm: sha256WithRSAEncryption
35:0c:9d:c5:b0:a5:a5:53:ed:a3:4e:65:73:74:7d:54:e7:9c:
e2:4c:8e:04:f8:24:95:13:41:be:94:49:8b:b3:bc:ec:46:f1:
2f:e0:13:da:73:c5:d4:a7:38:e8:0b:a1:fa:b2:86:b4:65:45:
a8:fa:79:89:9a:c4:0b:21:fb:33:8e:58:fe:8a:4a:cf:c1:66:
90:f7:d1:7f:e5:2f:a5:70:45:84:cf:00:5f:fe:86:7c:7a:1f:
1f:65:e1:b8:76:8c:a8:bc:5b:0a:0d:cf:9c:9e:fb:99:3c:6f:
58:5b:8c:2a:16:dc:d2:26:6d:33:b7:f6:c8:32:42:3d:27:a2:
80:48:55:f9:31:fd:a0:da:b8:1b:be:af:de:9d:3a:7e:fe:c4:
52:20:4e:c7:da:06:80:8e:59:8a:df:1b:a5:16:c0:82:96:9e:
07:2b:5a:03:7d:c7:b6:d2:2b:1d:a6:88:cd:d9:2e:20:d3:f9:
24:d3:58:82:c8:42:26:12:b0:b9:8a:da:01:20:62:9e:1a:62:
1e:55:16:f6:c6:0e:7e:62:30:40:f3:e1:66:6f:bf:fc:28:6d:
ae:23:0f:5a:cd:96:11:ed:2c:5a:6e:34:54:d6:3d:86:5e:1d:
ee:4b:0b:71:ce:39:fc:33:91:df:03:6e:1a:68:36:d1:44:ed:
8f:39:02:1c
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQiH3nXwJPUodhdOO311lyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE4NGE0NTA1YjA1NzYwNThmZDMzMzA1OWJmZjE1M2FlNmVhZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc/OewfgKauuDNpjnhlEWAlhg9GP
qORaYdWdb7HoDmq1fxfM0eLZoAal1rAfrNiHJj3W/oBDG0L9W60Ihy7wrnNzO9Nc
OKBXJ/4oI3dLrQ8Tal09ByFyyae4IJKJwu/idJrxj8MyjRT+sZt5G+5ja7Rr+z4Z
ozEjv6GwwOap1lMjrwWW/ljh0N6ujU6nuYuiFIFyLN46TB8Ym3u+Ae4haEdx5PDn
ZZ76KGBdkfgq2btdgAYN1KHFwrmSLCaIDku/QIEAF0LHoEP2HLLMyJ5EuAif2ZpB
SdkdPD7QcbViEF9uyYcsDcYgUHI7VYyJxmmZgN3HmJdSWseCuraQL472JwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFMgYSkUFsFdgWP0zMFm/8VOubq1bMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJiL2VhZGFk
My1jZWQ5LTQxZmEtOGU1Zi01ZmJmMzNhY2Q4M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZWFkYWQz
LWNlZDktNDFmYS04ZTVmLTVmYmYzM2FjZDgzZS8xL3lCaEtSUVd3VjJCWV9UTXdX
Yl94VTY1dXJWcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuSf0AwQD1SDgMA0EAgACMAcDBQMqAUdgMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDzaTANBgkqhkiG9w0BAQsFAAOCAQEANQyd
xbClpVPto05lc3R9VOec4kyOBPgklRNBvpRJi7O87EbxL+AT2nPF1Kc46Auh+rKG
tGVFqPp5iZrECyH7M45Y/opKz8FmkPfRf+UvpXBFhM8AX/6GfHofH2XhuHaMqLxb
Cg3PnJ77mTxvWFuMKhbc0iZtM7f2yDJCPSeigEhV+TH9oNq4G76v3p06fv7EUiBO
x9oGgI5Zit8bpRbAgpaeBytaA33HttIrHaaIzdkuINP5JNNYgshCJhKwuYraASBi
nhpiHlUW9sYOfmIwQPPhZm+//ChtriMPWs2WEe0sWm40VNY9hl4d7ksLcc45/DOR
3wNuGmg20UTtjzkCHA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:13:56 2025 by rpki-client