Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
File: ywyjSKyJHDNtjHlFpb1bMyXrXws.cer (raw, json)
Hash identifier: EWQyFtczFkV5tYAV362zy1SKEkvpEA+NSQXOYveJvUQ=
Subject key identifier: CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942746E5DC4B7AC6DE099CCB56FE4A577C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:49:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 15674
AS: 43646
IP: 91.197.164.0/22
IP: 91.209.15.0/24
IP: 94.247.232.0/21
IP: 95.81.128.0/18
IP: 185.215.136.0/22
IP: 185.228.156.0/22
IP: 185.241.96.0/22
IP: 193.201.103.0/24
IP: 195.35.106.0/24
IP: 213.205.96.0/19
IP: 217.71.208.0/21
IP: 2a00:1080::/32
IP: 2a02:3e8::/32
IP: 2a02:e10::/32
IP: 2a0c:a080::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:e5:dc:4b:7a:c6:de:09:9c:cb:56:fe:4a:57:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:db:fb:ae:2f:66:1e:13:b1:94:86:8b:e2:
c4:d6:41:d6:40:ef:dd:ee:24:69:76:af:df:87:4c:
06:28:bd:db:67:99:a2:d6:4e:ed:ee:43:3c:d6:60:
43:bf:ee:f6:4a:f1:f4:54:0b:d1:ba:a3:12:0b:65:
4f:85:e5:77:86:bb:67:1d:dc:85:d2:80:09:71:77:
be:d9:be:6c:80:5e:ec:9c:f7:e7:1e:c1:0c:e0:21:
c6:54:8e:62:ff:f7:3d:c6:5d:1b:4a:d3:d9:e0:65:
02:57:71:78:d4:95:35:27:6c:e0:97:c6:41:5e:8f:
cb:c7:80:11:3b:cc:ed:4e:d0:e9:7b:b1:bf:9e:21:
7d:a2:3f:6e:b3:17:b7:c0:16:4b:6a:0f:07:c9:27:
f7:f2:6b:fd:17:60:5b:75:4a:aa:b6:c0:80:8a:8b:
cc:71:ee:d4:5f:6b:60:4c:ea:0d:27:d6:5c:e6:24:
d3:6a:06:8d:41:dc:29:f3:2b:ac:f1:b1:18:95:f5:
5f:44:72:a3:c3:a8:eb:8e:02:68:c0:58:9b:68:f5:
3b:c9:d6:fb:db:ca:cd:41:e6:10:48:48:68:dc:5e:
83:fa:b7:b3:52:93:dd:39:24:df:a1:77:2e:f2:75:
8b:f8:56:d6:77:e3:00:0a:d3:ec:bb:08:6a:a3:14:
38:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.164.0/22
91.209.15.0/24
94.247.232.0/21
95.81.128.0/18
185.215.136.0/22
185.228.156.0/22
185.241.96.0/22
193.201.103.0/24
195.35.106.0/24
213.205.96.0/19
217.71.208.0/21
IPv6:
2a00:1080::/32
2a02:3e8::/32
2a02:e10::/32
2a0c:a080::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15674
43646
Signature Algorithm: sha256WithRSAEncryption
64:78:fa:2b:b5:4f:68:96:a1:2a:dd:ed:1e:48:59:f6:00:86:
96:14:de:a8:75:e0:50:89:a8:0e:6d:a5:cd:e6:47:1b:46:31:
a9:43:34:0b:76:27:7a:04:ff:e5:82:45:7f:b7:f1:ce:08:8c:
21:79:e1:ed:2a:2d:0a:78:7e:36:d1:02:08:fe:3c:0b:ee:44:
47:f1:71:55:29:c5:0c:4c:8e:23:ae:72:3c:b3:87:d9:61:86:
30:5d:9a:76:39:22:42:95:ab:70:f9:ee:e1:78:1b:85:81:02:
c2:a9:16:86:f1:05:13:3e:d9:20:69:6b:45:d8:b2:b3:f8:13:
26:2b:74:ff:72:51:c1:61:83:b9:4c:80:cd:ce:0c:c8:34:2b:
bc:2b:1c:d4:d8:ac:25:e8:f3:8f:60:56:50:3c:b0:40:b2:a1:
14:b4:72:4e:0c:19:cb:95:78:24:61:47:ad:df:f2:88:44:4a:
56:3e:2f:54:59:0d:ec:a7:f4:14:c3:a1:e9:bd:99:c9:08:87:
bc:84:bb:04:44:f0:5d:b8:77:ea:85:6b:ed:b5:ad:ef:ca:fa:
c0:54:3f:0e:88:f5:68:c1:90:a3:25:cf:14:9f:9e:4e:c6:54:
83:cf:8e:fc:4d:29:11:35:6d:00:09:e4:30:92:34:2e:54:ce:
87:da:25:1d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZQnRuXcS3rG3gmcy1b+Sld8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBjYTM0OGFjODkxYzMzNmQ4Yzc5NDVhNWJkNWIzMzI1ZWI1ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4Hb+64vZh4TsZSGi+LE1kHWQO/d
7iRpdq/fh0wGKL3bZ5mi1k7t7kM81mBDv+72SvH0VAvRuqMSC2VPheV3hrtnHdyF
0oAJcXe+2b5sgF7snPfnHsEM4CHGVI5i//c9xl0bStPZ4GUCV3F41JU1J2zgl8ZB
Xo/Lx4ARO8ztTtDpe7G/niF9oj9usxe3wBZLag8HySf38mv9F2BbdUqqtsCAiovM
ce7UX2tgTOoNJ9Zc5iTTagaNQdwp8yus8bEYlfVfRHKjw6jrjgJowFibaPU7ydb7
28rNQeYQSEho3F6D+rezUpPdOSTfoXcu8nWL+FbWd+MACtPsuwhqoxQ4twIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFMsMo0isiRwzbYx5RaW9WzMl618LMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5L2VmNjFk
Ni0wNWQxLTRmYjItYTZlYS00MjUyMzJmZDU2NDMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkvZWY2MWQ2
LTA1ZDEtNGZiMi1hNmVhLTQyNTIzMmZkNTY0My8xL3l3eWpTS3lKSEROdGpIbEZw
YjFiTXlYclh3cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBIBAIAATBCAwQCW8WkAwQAW9EPAwQDXvfoAwQGX1GAAwQCudeI
AwQCueScAwQCufFgAwQAwclnAwQAwyNqAwQF1c1gAwQD2UfQMCIEAgACMBwDBQAq
ABCAAwUAKgID6AMFACoCDhADBQMqDKCAMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkC
Aj06AgMAqn4wDQYJKoZIhvcNAQELBQADggEBAGR4+iu1T2iWoSrd7R5IWfYAhpYU
3qh14FCJqA5tpc3mRxtGMalDNAt2J3oE/+WCRX+38c4IjCF54e0qLQp4fjbRAgj+
PAvuREfxcVUpxQxMjiOucjyzh9lhhjBdmnY5IkKVq3D57uF4G4WBAsKpFobxBRM+
2SBpa0XYsrP4EyYrdP9yUcFhg7lMgM3ODMg0K7wrHNTYrCXo849gVlA8sECyoRS0
ck4MGcuVeCRhR63f8ohESlY+L1RZDeyn9BTDoem9mckIh7yEuwRE8F24d+qFa+21
re/K+sBUPw6I9WjBkKMlzxSfnk7GVIPPjvxNKRE1bQAJ5DCSNC5UzofaJR0=
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:02:42 2025 by rpki-client