Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
File: yniqfjFrIfhDz7lYEMaAzdv6bm8.cer (raw, json)
Hash identifier: hnZAMgFRU/jCXidvX53srjalcFKhrOGwXNZugiZL1J4=
Subject key identifier: CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221F8BB9351F1AF29852DEB18995E318
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41307
IP: 88.133.192.0/19
IP: 89.28.136.0/21
IP: 109.69.96.0/21
IP: 185.39.64.0/22
IP: 2a02:ca00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8b:b9:35:1f:1a:f2:98:52:de:b1:89:95:e3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:db:82:fb:50:e4:d1:59:ca:0d:bf:81:6f:96:
25:a3:ea:c2:a7:ee:0f:1e:5f:b0:24:28:40:c5:3b:
de:1e:8b:de:ed:42:60:dd:30:11:45:f9:9b:89:0d:
5b:95:de:ba:2e:58:59:64:6e:ea:d1:60:07:62:30:
94:15:7f:ef:f3:56:3c:93:8c:92:9a:bd:db:00:ad:
15:5c:61:69:f9:79:33:c1:c1:93:3c:16:eb:bc:01:
cd:be:fd:92:da:cd:78:e2:bb:7c:5c:3f:aa:66:d8:
bc:22:00:12:7f:99:88:ff:9e:c2:91:5b:85:ee:12:
d9:48:4c:54:38:12:01:16:b0:bb:a8:c3:b9:d9:95:
c8:2e:0b:f7:6a:7a:c5:1d:be:6e:08:b1:12:c3:ce:
8b:da:d4:bf:43:fd:32:3f:1d:74:69:ee:c8:ec:97:
87:6f:5e:0c:e0:40:b4:20:9c:56:1f:b6:db:dc:34:
92:d7:98:a7:9f:52:9b:3b:82:c5:6d:7f:ae:38:ee:
e3:db:ba:6d:fc:16:4b:af:5f:85:94:9d:13:74:97:
c2:75:16:7d:d0:c0:f3:3f:e6:d1:7c:50:4f:1f:97:
6b:e1:d0:09:91:35:bd:d8:77:c7:47:62:22:1f:cc:
ef:a3:1b:8f:79:a2:f1:1a:3a:f8:27:9d:45:5d:41:
f1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.133.192.0/19
89.28.136.0/21
109.69.96.0/21
185.39.64.0/22
IPv6:
2a02:ca00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41307
Signature Algorithm: sha256WithRSAEncryption
56:b3:01:f3:47:e0:52:1a:5a:bf:78:9b:bc:9e:d3:c8:c7:1b:
b8:ea:8f:b3:a8:9d:52:08:4b:99:0b:7d:e2:e8:7d:f4:12:ce:
b7:33:d0:36:77:12:03:0f:c5:05:1c:dd:bc:90:fb:55:59:2d:
97:ae:c7:34:66:3e:33:65:4e:52:f9:72:c6:25:2d:6a:55:36:
61:af:32:06:59:10:76:ed:c0:68:61:e7:cb:94:b8:88:ee:3f:
8d:52:73:d1:94:a8:42:51:32:46:58:4f:ea:73:f0:8c:8a:bd:
be:13:0c:d6:a8:0e:5e:39:40:bd:96:a8:01:dd:53:4c:0e:e9:
5e:2f:f7:bf:78:79:bf:b6:21:f8:fe:72:1c:15:ce:4a:6c:4a:
b1:fb:a0:1d:ba:ac:ad:1b:80:41:80:3e:12:1f:46:67:e3:05:
0f:76:74:94:98:00:8a:7b:0e:27:78:b2:64:4c:d5:93:84:57:
5b:21:22:a0:4f:8f:30:24:32:75:8b:0c:93:0a:84:02:f2:71:
38:e2:21:a6:cb:1a:62:79:5b:75:6f:b2:db:c8:1a:49:8d:53:
74:97:54:5a:e5:90:99:db:4a:31:27:89:65:2a:6a:e5:90:7c:
7a:c4:11:4f:85:f4:a3:ae:54:39:c8:e3:96:5e:b5:df:7b:0a:
20:11:37:06
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZQiH4u5NR8a8phS3rGJleMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc4YWE3ZTMxNmIyMWY4NDNjZmI5NTgxMGM2ODBjZGRiZmE2ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6duC+1Dk0VnKDb+Bb5Ylo+rCp+4P
Hl+wJChAxTveHove7UJg3TARRfmbiQ1bld66LlhZZG7q0WAHYjCUFX/v81Y8k4yS
mr3bAK0VXGFp+XkzwcGTPBbrvAHNvv2S2s144rt8XD+qZti8IgASf5mI/57CkVuF
7hLZSExUOBIBFrC7qMO52ZXILgv3anrFHb5uCLESw86L2tS/Q/0yPx10ae7I7JeH
b14M4EC0IJxWH7bb3DSS15inn1KbO4LFbX+uOO7j27pt/BZLr1+FlJ0TdJfCdRZ9
0MDzP+bRfFBPH5dr4dAJkTW92HfHR2IiH8zvoxuPeaLxGjr4J51FXUHxzwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFMp4qn4xayH4Q8+5WBDGgM3b+m5vMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I3LzdkYTM0
Yy0zOTg0LTQ0NDItYjY0Ni1lMzEzOGZmMWU4OTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcvN2RhMzRj
LTM5ODQtNDQ0Mi1iNjQ2LWUzMTM4ZmYxZTg5OS8xL3luaXFmakZySWZoRHo3bFlF
TWFBemR2NmJtOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQFWIXAAwQDWRyIAwQDbUVgAwQCuSdAMA0EAgAC
MAcDBQMqAsoAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwChWzANBgkqhkiG9w0B
AQsFAAOCAQEAVrMB80fgUhpav3ibvJ7TyMcbuOqPs6idUghLmQt94uh99BLOtzPQ
NncSAw/FBRzdvJD7VVktl67HNGY+M2VOUvlyxiUtalU2Ya8yBlkQdu3AaGHny5S4
iO4/jVJz0ZSoQlEyRlhP6nPwjIq9vhMM1qgOXjlAvZaoAd1TTA7pXi/3v3h5v7Yh
+P5yHBXOSmxKsfugHbqsrRuAQYA+Eh9GZ+MFD3Z0lJgAinsOJ3iyZEzVk4RXWyEi
oE+PMCQydYsMkwqEAvJxOOIhpssaYnlbdW+y28gaSY1TdJdUWuWQmdtKMSeJZSpq
5ZB8esQRT4X0o65UOcjjll6133sKIBE3Bg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:53:22 2025 by rpki-client