Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
File: yd1CJDGXhku0gWRh1NBlOrC6Mro.cer (raw, json)
Hash identifier: kyWMemLtSXeBwkYEdYMgehQuzeVHeo+uC+K7Gem9/bA=
Subject key identifier: C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5E1E73C1F751D08DF7DFB016F7123
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:47:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 198725
IP: 91.220.201.0/24
IP: 185.21.196.0/22
IP: 2a02:c280::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e1:e7:3c:1f:75:1d:08:df:7d:fb:01:6f:71:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9dd42243197864bb4816461d4d0653ab0ba32ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:27:ee:bb:2f:2e:d6:9c:6e:92:4c:e7:01:a5:
43:46:1a:c8:66:9e:9f:92:c0:75:93:4a:8c:92:d5:
70:9c:29:4a:5b:70:77:2a:98:a0:8d:fe:f3:72:c6:
5e:6d:96:5c:b8:89:a2:52:2e:ef:15:43:05:7b:ed:
9d:97:0e:6a:6d:8d:45:e9:43:9d:15:8f:57:14:42:
ca:10:8b:3e:4f:16:bf:1a:fb:be:7c:91:1b:ad:26:
c5:47:3b:bb:a1:1c:76:b8:61:ff:4a:ae:b6:37:b5:
00:ee:2a:24:f8:94:14:63:76:d5:5d:fa:a6:8e:f8:
f8:36:3d:6b:8c:b2:72:91:8c:2b:08:7a:a3:8c:69:
01:f7:52:64:d4:50:8e:3a:8c:46:31:f2:d3:f9:4c:
1c:5b:8a:28:d4:9d:f6:c1:57:e5:01:7a:17:31:cd:
19:34:e7:ce:51:cd:15:92:99:da:b5:48:ec:cf:e9:
a1:e0:72:c8:bb:98:67:d6:e1:9a:20:0f:db:e5:5c:
e8:b7:61:26:09:70:ab:31:c9:9a:30:ee:e9:6d:c3:
67:a8:9d:45:6d:77:2f:3f:36:c9:7e:59:2b:6c:d5:
54:3b:c5:ce:65:f7:7f:a0:a9:05:e1:02:08:a9:4c:
9d:ff:20:fe:ea:6e:3b:90:1b:a7:29:b2:63:da:39:
b1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.201.0/24
185.21.196.0/22
IPv6:
2a02:c280::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198725
Signature Algorithm: sha256WithRSAEncryption
80:ca:0e:5a:66:4f:c6:13:73:af:12:11:2c:b0:14:c0:7d:d6:
ae:e7:74:05:bc:1e:d2:04:40:d5:e7:c4:cc:01:04:4f:15:3f:
70:f2:7d:a7:27:6c:df:3c:93:e2:4f:a3:3c:a0:f7:a5:a4:64:
d3:d1:11:06:53:7f:f6:57:22:9f:c3:76:94:82:26:61:fe:56:
70:a8:af:25:25:0b:50:13:f1:31:c6:af:10:9b:29:b2:5f:e6:
17:4c:ee:dc:dc:3e:21:d7:d5:28:a4:8e:ff:e9:0c:a6:80:a6:
77:bf:e1:00:7e:ed:b8:52:f1:44:59:03:f2:20:48:74:34:05:
42:96:52:59:fa:0c:7d:94:9a:e3:ea:e4:2d:e5:58:6f:d0:14:
30:0c:57:d6:44:48:c7:b8:5f:bf:bf:4f:60:ec:69:f0:9d:99:
32:14:4e:a1:1a:27:da:3b:43:00:7a:98:be:80:11:df:52:ac:
16:f8:88:0f:65:64:20:32:6c:4f:d7:3e:2d:ba:44:42:0a:cd:
da:d1:71:d9:25:f9:c6:58:88:7e:ad:aa:ef:b5:37:31:89:00:
ef:77:59:a8:7b:f4:cb:9a:a2:ad:58:76:4c:11:6c:de:05:27:
31:f8:ff:81:48:19:7b:30:ed:51:5b:55:35:0c:9a:98:88:be:
48:0f:38:a7
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQg1eHnPB91HQjfffsBb3EjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRkNDIyNDMxOTc4NjRiYjQ4MTY0NjFkNGQwNjUzYWIwYmEzMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyfuuy8u1pxukkznAaVDRhrIZp6f
ksB1k0qMktVwnClKW3B3Kpigjf7zcsZebZZcuImiUi7vFUMFe+2dlw5qbY1F6UOd
FY9XFELKEIs+Txa/Gvu+fJEbrSbFRzu7oRx2uGH/Sq62N7UA7iok+JQUY3bVXfqm
jvj4Nj1rjLJykYwrCHqjjGkB91Jk1FCOOoxGMfLT+UwcW4oo1J32wVflAXoXMc0Z
NOfOUc0VkpnatUjsz+mh4HLIu5hn1uGaIA/b5Vzot2EmCXCrMcmaMO7pbcNnqJ1F
bXcvPzbJflkrbNVUO8XOZfd/oKkF4QIIqUyd/yD+6m47kBunKbJj2jmxOQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFMndQiQxl4ZLtIFkYdTQZTqwujK6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzVkYTE1
YS05N2EwLTRhNzctOWJjYS02NGE3MTVhNWY2OWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvNWRhMTVh
LTk3YTAtNGE3Ny05YmNhLTY0YTcxNWE1ZjY5Yi8xL3lkMUNKREdYaGt1MGdXUmgx
TkJsT3JDNk1yby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAW9zJAwQCuRXEMA0EAgACMAcDBQMqAsKAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMIRTANBgkqhkiG9w0BAQsFAAOCAQEAgMoO
WmZPxhNzrxIRLLAUwH3Wrud0Bbwe0gRA1efEzAEETxU/cPJ9pyds3zyT4k+jPKD3
paRk09ERBlN/9lcin8N2lIImYf5WcKivJSULUBPxMcavEJspsl/mF0zu3Nw+IdfV
KKSO/+kMpoCmd7/hAH7tuFLxRFkD8iBIdDQFQpZSWfoMfZSa4+rkLeVYb9AUMAxX
1kRIx7hfv79PYOxp8J2ZMhROoRon2jtDAHqYvoAR31KsFviID2VkIDJsT9c+LbpE
QgrN2tFx2SX5xliIfq2q77U3MYkA73dZqHv0y5qirVh2TBFs3gUnMfj/gUgZezDt
UVtVNQyamIi+SA84pw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:03:02 2025 by rpki-client