Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yhQ36fNe3FSjwM0xFnuZbmDeFQQ.cer
File: yhQ36fNe3FSjwM0xFnuZbmDeFQQ.cer (raw, json)
Hash identifier: vF47hFAXYkeBA8XyDzTlHqyOTq1SSVKoj9BCKJVnANw=
Subject key identifier: CA:14:37:E9:F3:5E:DC:54:A3:C0:CD:31:16:7B:99:6E:60:DE:15:04
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421C78A4C1BEBFE247810A5307E6FDBE1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/CA1437E9F35EDC54A3C0CD31167B996E60DE1504.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 12:11:52 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 207783
IP: 85.193.77.0/24
IP: 2a0f:b640::/29
IP: 2a12:97c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:c7:8a:4c:1b:eb:fe:24:78:10:a5:30:7e:6f:db:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:11:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca1437e9f35edc54a3c0cd31167b996e60de1504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d3:fd:a2:9c:60:63:89:22:83:53:6b:71:f3:
69:c5:5a:22:ac:94:f5:4b:15:a7:26:5c:7f:94:29:
71:ab:cd:e7:b4:cf:e5:2c:d3:02:30:9f:59:0e:54:
c5:87:0f:03:92:c4:e0:31:33:10:09:a7:41:3e:55:
ec:7b:5c:8f:31:cc:eb:9c:d0:cb:71:bd:00:33:77:
c3:e3:31:61:7b:71:a8:56:db:56:4e:d0:26:d2:c0:
e8:e5:07:f6:8f:a9:9d:4b:1c:2f:51:17:05:11:82:
76:d9:c5:0c:6c:7f:5f:74:72:dd:12:34:b6:5f:ae:
5e:1a:ec:09:7e:c9:b4:49:ec:fb:7c:40:49:61:f9:
3b:63:7a:d6:d1:b8:71:71:c1:8e:f3:d5:b0:3b:40:
8b:34:fe:ec:e1:c5:3b:2c:1c:b8:cf:e3:5e:38:60:
68:95:53:92:66:99:bc:21:9c:0c:ce:0b:e0:a5:a2:
3d:5e:ea:80:57:3b:85:ad:a2:7d:60:39:e9:31:dc:
c4:b2:4a:c4:3c:48:e3:28:37:8d:1d:30:2a:b0:c1:
88:81:58:87:47:1a:8a:2f:d0:8e:2f:1b:6f:3d:80:
18:7e:6f:37:e4:c6:9d:93:ba:78:1f:f1:7b:af:b9:
09:e6:83:0b:fd:13:bb:c3:32:35:dd:1b:b6:5c:56:
1f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:14:37:E9:F3:5E:DC:54:A3:C0:CD:31:16:7B:99:6E:60:DE:15:04
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/CA1437E9F35EDC54A3C0CD31167B996E60DE1504.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.77.0/24
IPv6:
2a0f:b640::/29
2a12:97c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207783
Signature Algorithm: sha256WithRSAEncryption
52:44:d5:ae:ac:29:a3:fe:48:38:05:4f:6e:77:2a:06:31:84:
17:c0:65:2a:b0:bb:0a:e3:4d:92:c7:30:57:b0:9a:f1:8e:67:
c8:f1:79:87:79:ea:32:09:9d:95:a4:bc:53:bd:59:9c:ac:61:
0f:72:35:dc:99:00:e5:3d:51:cd:e6:50:08:73:6a:72:2b:4a:
c7:87:b2:c6:9c:d3:6d:5f:e5:2c:c9:57:c8:71:03:21:49:94:
af:a1:0c:54:d2:96:01:2f:d8:58:b4:f4:37:b2:b9:df:97:b4:
4f:c4:bb:5a:dc:3c:30:ad:03:94:a3:7e:81:5c:2f:89:d6:55:
af:a7:f2:7f:1e:d8:40:a6:09:91:0e:d3:7d:c5:8d:35:5a:82:
16:a0:6d:e9:a7:34:a3:73:c2:94:f1:fd:15:48:9e:d0:43:f5:
15:0c:93:dd:a8:d3:0e:bc:63:14:41:c0:8d:41:5a:4f:43:55:
c1:0c:ce:9b:fd:7d:c2:7c:f5:56:c3:55:56:03:d2:4c:19:60:
48:c9:a5:01:1c:60:b1:c1:58:ec:a7:50:52:99:e7:9e:f0:71:
27:d9:42:57:d8:ca:19:6c:01:7d:44:82:4c:7b:a0:e0:56:a5:
54:78:5c:9d:e7:90:dc:8a:01:a6:6d:71:1e:6d:47:52:aa:31:
9c:06:79:60
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZQhx4pMG+v+JHgQpTB+b9vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTIxMTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE0MzdlOWYzNWVkYzU0YTNjMGNkMzExNjdiOTk2ZTYwZGUxNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdP9opxgY4kig1NrcfNpxVoirJT1
SxWnJlx/lClxq83ntM/lLNMCMJ9ZDlTFhw8DksTgMTMQCadBPlXse1yPMczrnNDL
cb0AM3fD4zFhe3GoVttWTtAm0sDo5Qf2j6mdSxwvURcFEYJ22cUMbH9fdHLdEjS2
X65eGuwJfsm0Sez7fEBJYfk7Y3rW0bhxccGO89WwO0CLNP7s4cU7LBy4z+NeOGBo
lVOSZpm8IZwMzgvgpaI9XuqAVzuFraJ9YDnpMdzEskrEPEjjKDeNHTAqsMGIgViH
RxqKL9COLxtvPYAYfm835Madk7p4H/F7r7kJ5oML/RO7wzI13Ru2XFYf3wIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFMoUN+nzXtxUo8DNMRZ7mW5g3hUEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzYmQy
YmMxLTRlYTYtNGJjNS1hMmE1LTk3ZTQ2NTQ3Mjc3Ni8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTNi
ZDJiYzEtNGVhNi00YmM1LWEyYTUtOTdlNDY1NDcyNzc2LzAvQ0ExNDM3RTlGMzVF
REM1NEEzQzBDRDMxMTY3Qjk5NkU2MERFMTUwNC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgME
AFXBTTAUBAIAAjAOAwUDKg+2QAMFAyoSl8AwGgYIKwYBBQUHAQgBAf8ECzAJoAcw
BQIDAyunMA0GCSqGSIb3DQEBCwUAA4IBAQBSRNWurCmj/kg4BU9udyoGMYQXwGUq
sLsK402SxzBXsJrxjmfI8XmHeeoyCZ2VpLxTvVmcrGEPcjXcmQDlPVHN5lAIc2py
K0rHh7LGnNNtX+UsyVfIcQMhSZSvoQxU0pYBL9hYtPQ3srnfl7RPxLta3DwwrQOU
o36BXC+J1lWvp/J/HthApgmRDtN9xY01WoIWoG3ppzSjc8KU8f0VSJ7QQ/UVDJPd
qNMOvGMUQcCNQVpPQ1XBDM6b/X3CfPVWw1VWA9JMGWBIyaUBHGCxwVjsp1BSmeee
8HEn2UJX2MoZbAF9RIJMe6DgVqVUeFyd55DcigGmbXEebUdSqjGcBnlg
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:14 2025 by rpki-client