Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
File: yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer (raw, json)
Hash identifier: D2ba8n4lLhWX0X9p+KOrryalWD3XmnjAnm48QFYoZzE=
Subject key identifier: C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196CF0B36300462CBE9BCE5C9ED967AA0B7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 14 May 2025 13:45:40 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 208512
IP: 185.136.128.0/22
IP: 2a03:a4e0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:0b:36:30:04:62:cb:e9:bc:e5:c9:ed:96:7a:a0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 14 13:45:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:0c:57:c7:b7:c9:b5:6e:14:14:68:53:7b:
d8:13:03:ba:c0:fb:52:88:18:f4:a1:82:aa:79:70:
cc:19:20:c9:d9:80:ce:52:50:23:1f:e3:4d:0d:d7:
55:3b:da:3d:97:74:ad:44:e2:79:ef:66:b0:fc:43:
e2:9c:bd:9c:b5:b9:1b:31:3f:0a:82:b4:a2:46:b8:
0f:33:fd:ec:a6:42:7f:73:78:de:e0:12:56:55:b5:
82:c2:fa:20:5f:66:39:5d:fd:eb:96:3d:59:8c:a4:
f1:8b:33:20:7a:fb:e7:f1:56:bd:51:70:52:ce:1b:
5d:5f:29:01:9a:5c:d4:33:f3:92:45:ec:53:e6:a9:
3c:11:85:33:3b:27:28:6b:3d:7e:0f:25:02:d6:1c:
25:d5:62:08:1f:c1:a3:bd:85:94:07:35:11:75:c3:
5b:ae:c9:89:d1:fc:4f:05:48:ca:d6:2d:03:1d:27:
12:a7:5e:4b:14:60:9a:e8:e8:a4:18:73:e8:68:12:
92:56:c2:37:0f:07:50:a8:91:dd:4f:83:8a:23:69:
c8:02:c3:a9:4c:87:5d:34:c8:14:21:33:35:00:fd:
f3:0c:0a:50:4f:5d:fe:09:30:d8:f8:90:df:0d:d7:
88:8b:9b:2d:2e:ad:a3:f4:f0:78:20:b4:3c:b1:b1:
f2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.128.0/22
IPv6:
2a03:a4e0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208512
Signature Algorithm: sha256WithRSAEncryption
4d:7c:ce:31:9c:c3:d0:9b:c0:36:57:a0:86:bc:97:eb:97:22:
2a:76:9e:c2:0a:39:2c:99:09:d0:8b:f5:f6:ea:d1:3f:84:35:
23:5f:d3:a6:64:67:08:4c:86:b1:a5:87:01:76:f2:bb:45:51:
bc:ba:8c:04:bd:cd:5f:28:af:20:bd:87:4c:40:ea:8a:e4:0a:
fe:fc:50:77:52:97:a5:a8:05:f0:6d:33:93:b3:31:6c:e6:58:
d9:c5:71:1a:06:5b:30:04:66:69:bd:50:bf:26:db:ca:79:5e:
54:05:cd:2c:2e:2a:97:64:2f:63:4b:3a:b2:e4:ca:f1:13:80:
77:83:8b:da:8e:50:b8:f5:8b:7e:20:e6:b0:21:9b:53:76:78:
a0:f4:2c:27:4d:39:df:c2:a8:3e:ac:be:f6:6f:42:ce:3b:91:
ce:ec:09:ef:12:f5:40:58:14:67:47:59:ee:93:2c:d9:01:c1:
c9:5a:66:e0:88:71:80:bc:cd:db:ea:12:8d:31:79:ea:0e:cc:
36:8d:cf:c7:ae:14:5f:7f:56:b6:1e:ad:94:13:a1:9d:d3:ed:
b1:d9:a3:cb:1d:7a:1e:5b:ad:67:e0:09:50:a3:4f:b9:9b:d5:
5c:ea:e1:ca:0e:8e:ba:0a:37:c9:76:96:dc:46:14:68:d4:c7:
a3:8f:c7:b7
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZbPCzYwBGLL6bzlye2WeqC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTE0MTM0NTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUwZDdiMTk3NWEzNzAzYWUyN2IzMWFkMmY5MzJhZTQ2YTRjYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs50MV8e3ybVuFBRoU3vYEwO6wPtS
iBj0oYKqeXDMGSDJ2YDOUlAjH+NNDddVO9o9l3StROJ572aw/EPinL2ctbkbMT8K
grSiRrgPM/3spkJ/c3je4BJWVbWCwvogX2Y5Xf3rlj1ZjKTxizMgevvn8Va9UXBS
zhtdXykBmlzUM/OSRexT5qk8EYUzOycoaz1+DyUC1hwl1WIIH8GjvYWUBzURdcNb
rsmJ0fxPBUjK1i0DHScSp15LFGCa6OikGHPoaBKSVsI3DwdQqJHdT4OKI2nIAsOp
TIddNMgUITM1AP3zDApQT13+CTDY+JDfDdeIi5stLq2j9PB4ILQ8sbHy+QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMlQ17GXWjcDriezGtL5Mq5GpMyUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyLzBjNzMx
OC1iMzQ4LTRiMjQtYjllNS1jNmE4ODIxYWRlYTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvMGM3MzE4
LWIzNDgtNGIyNC1iOWU1LWM2YTg4MjFhZGVhOS8xL3lWRFhzWmRhTndPdUo3TWEw
dmt5cmtha3pKUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuYiAMA0EAgACMAcDBQAqA6TgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMugDANBgkqhkiG9w0BAQsFAAOCAQEATXzOMZzD0JvA
NleghryX65ciKnaewgo5LJkJ0Iv19urRP4Q1I1/TpmRnCEyGsaWHAXbyu0VRvLqM
BL3NXyivIL2HTEDqiuQK/vxQd1KXpagF8G0zk7MxbOZY2cVxGgZbMARmab1Qvybb
ynleVAXNLC4ql2QvY0s6suTK8ROAd4OL2o5QuPWLfiDmsCGbU3Z4oPQsJ00538Ko
Pqy+9m9CzjuRzuwJ7xL1QFgUZ0dZ7pMs2QHByVpm4IhxgLzN2+oSjTF56g7MNo3P
x64UX39Wth6tlBOhndPtsdmjyx16HlutZ+AJUKNPuZvVXOrhyg6Ougo3yXaW3EYU
aNTHo4/Htw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:31:48 2025 by rpki-client