Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
File: zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer (raw, json)
Hash identifier: bqP2i9cuc9llI62ooQlg7kYDthcbW8c/IguRftXScvk=
Subject key identifier: CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196F2CC8DEC4A924775D06BBA6E5115E068
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 21 May 2025 12:23:34 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 57504
IP: 91.232.114.0/23
IP: 2a14:77c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:cc:8d:ec:4a:92:47:75:d0:6b:ba:6e:51:15:e0:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 21 12:23:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9f:4c:db:68:cf:c5:5e:ec:4a:52:5d:f5:25:
08:a4:c6:7e:89:0d:af:7f:e4:d5:15:ff:97:d5:d6:
f1:37:3b:8c:07:be:01:d6:ba:85:b8:9a:24:49:b0:
38:1a:e1:12:7d:76:4f:81:a4:8f:94:0c:39:28:ad:
e5:96:e8:e7:49:5b:17:41:87:78:42:89:e9:ca:45:
39:7b:b6:17:0a:1e:8f:37:71:53:f4:c1:3f:62:06:
37:62:46:9c:87:e0:96:1a:69:c9:e4:ab:0d:ce:2e:
60:57:cd:75:8c:4e:c7:f0:b4:cd:d2:bb:63:43:48:
1c:4b:98:3a:e2:b6:6b:59:28:35:81:bc:4e:a4:1b:
96:23:b3:c9:b0:4e:22:f5:b8:c2:60:ce:a2:1a:8f:
82:64:8c:49:a2:29:bc:2c:e5:3a:94:cc:e8:05:92:
86:23:44:b5:62:5b:63:c2:64:9a:fb:42:ff:cb:a8:
d7:ee:4b:bd:f9:b0:55:81:ad:0c:9f:ed:f7:55:81:
ca:51:ba:b6:bd:5f:12:43:5d:06:d6:c1:d8:60:14:
82:3c:63:02:c2:b3:87:aa:ac:81:e7:31:84:3c:a7:
0b:66:c8:b7:c0:eb:dc:72:83:a9:85:05:4a:ba:23:
f1:e1:d8:9a:92:45:04:25:d7:e0:85:ec:35:f0:4c:
50:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.114.0/23
IPv6:
2a14:77c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57504
Signature Algorithm: sha256WithRSAEncryption
34:ef:ab:50:5f:ab:bd:63:88:4a:67:8a:32:54:99:99:04:0a:
b0:93:ea:ff:73:c1:39:68:1f:ff:27:2e:e8:da:78:c9:b6:68:
a3:07:53:c5:1d:ae:12:bd:d6:2f:d9:bb:54:92:a9:43:88:04:
a5:82:ec:2e:48:83:39:72:77:16:8a:b2:86:81:72:58:88:77:
cd:8f:c2:2e:4a:70:0d:ec:fe:a4:01:45:e3:6d:0d:87:bd:d5:
d4:51:35:f7:f1:ce:a6:b9:07:87:5f:bf:7a:c9:2c:b3:71:e9:
97:e5:88:85:51:48:57:1b:33:0c:2a:df:cc:54:f4:12:d3:d2:
18:2a:59:99:52:46:1c:a8:ba:9e:1e:dc:dd:e1:5c:50:0f:fc:
69:d8:13:ec:36:71:b4:68:58:87:cc:11:9b:ca:c4:7c:cf:fe:
3c:0e:1b:dc:1c:20:50:5e:05:b5:93:28:86:14:08:fa:f8:3b:
b0:a5:a6:1d:71:a9:de:8e:5a:cf:91:f2:40:e2:8b:16:5f:9f:
03:a9:74:6c:cb:f5:d9:42:32:e4:27:f6:8e:d8:07:84:34:76:
5d:51:78:b4:6a:57:b6:37:aa:02:c3:c9:b3:6c:ea:b0:da:82:
8d:50:6c:9d:74:b5:33:44:3c:0e:ec:6b:2e:51:03:27:78:9b:
07:4a:79:56
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZbyzI3sSpJHddBrum5RFeBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTIxMTIyMzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzBhOTAwZDcwYmQxMGY3ZDIyMjFhNTY0OGRhNTRhNWUzZjQ0NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi59M22jPxV7sSlJd9SUIpMZ+iQ2v
f+TVFf+X1dbxNzuMB74B1rqFuJokSbA4GuESfXZPgaSPlAw5KK3llujnSVsXQYd4
QonpykU5e7YXCh6PN3FT9ME/YgY3Ykach+CWGmnJ5KsNzi5gV811jE7H8LTN0rtj
Q0gcS5g64rZrWSg1gbxOpBuWI7PJsE4i9bjCYM6iGo+CZIxJoim8LOU6lMzoBZKG
I0S1YltjwmSa+0L/y6jX7ku9+bBVga0Mn+33VYHKUbq2vV8SQ10G1sHYYBSCPGMC
wrOHqqyB5zGEPKcLZsi3wOvccoOphQVKuiPx4diakkUEJdfghew18ExQiwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMwKkA1wvRD30iIaVkjaVKXj9EcSMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M3LzU4YTNi
Ni05YTgwLTQ5YzItODc3NS0zODAxYzYyMTZlNmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcvNThhM2I2
LTlhODAtNDljMi04Nzc1LTM4MDFjNjIxNmU2Yy8xL3pBcVFEWEM5RVBmU0locFdT
TnBVcGVQMFJ4SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQBW+hyMA0EAgACMAcDBQAqFHfAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDgoDANBgkqhkiG9w0BAQsFAAOCAQEANO+rUF+rvWOI
SmeKMlSZmQQKsJPq/3PBOWgf/ycu6Np4ybZoowdTxR2uEr3WL9m7VJKpQ4gEpYLs
LkiDOXJ3FoqyhoFyWIh3zY/CLkpwDez+pAFF420Nh73V1FE19/HOprkHh1+/esks
s3Hpl+WIhVFIVxszDCrfzFT0EtPSGCpZmVJGHKi6nh7c3eFcUA/8adgT7DZxtGhY
h8wRm8rEfM/+PA4b3BwgUF4FtZMohhQI+vg7sKWmHXGp3o5az5HyQOKLFl+fA6l0
bMv12UIy5Cf2jtgHhDR2XVF4tGpXtjeqAsPJs2zqsNqCjVBsnXS1M0Q8DuxrLlED
J3ibB0p5Vg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 00:45:12 2025 by rpki-client