Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zKqIcsKz-XTJUWjSFL_Vfw-ekRk.cer
File: zKqIcsKz-XTJUWjSFL_Vfw-ekRk.cer (raw, json)
Hash identifier: WDr7jVojv1xqYcZ5LbUn3E4fbqkY7siclmT1tJsIfb4=
Subject key identifier: CC:AA:88:72:C2:B3:F9:74:C9:51:68:D2:14:BF:D5:7F:0F:9E:91:19
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423693C100C40028C0692D366F63F74C0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a0/fa3c0f-c232-4644-b2f4-e04c58a41f66/1/zKqIcsKz-XTJUWjSFL_Vfw-ekRk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a0/fa3c0f-c232-4644-b2f4-e04c58a41f66/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:48:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 216163
IP: 31.24.254.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:3c:10:0c:40:02:8c:06:92:d3:66:f6:3f:74:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccaa8872c2b3f974c95168d214bfd57f0f9e9119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d2:06:0c:6a:a3:36:63:54:d9:a5:93:41:0f:
73:ac:aa:d0:13:55:f2:14:ea:6f:31:a8:6c:c8:7c:
59:3e:e1:dc:e7:33:ec:d2:8f:d4:15:d1:f1:2b:97:
cf:18:56:fb:35:41:17:6d:a2:32:05:4e:5c:58:5a:
dc:a2:f2:96:63:61:df:ff:f3:39:32:3a:62:72:ec:
81:5a:eb:73:67:14:cb:da:9b:0f:59:20:cc:9a:4e:
06:eb:b4:29:d4:db:ec:10:f9:6d:59:e7:57:77:ed:
ed:24:75:6a:68:ea:44:9c:92:72:8d:fa:8a:c3:31:
95:2f:ce:f2:14:e6:3d:64:48:94:a5:93:15:20:dc:
5e:cc:ec:b9:e8:02:3c:7d:08:8d:9e:c0:27:94:af:
2d:2a:f1:99:83:97:d7:1e:1c:74:5f:e2:25:23:c8:
ab:40:21:c0:1b:26:d4:5c:1e:dd:92:55:b7:58:a9:
21:b7:60:3d:c0:bf:21:f2:64:e8:24:5c:df:b0:e4:
97:e7:cd:5a:4a:6f:25:6b:ee:4d:cb:dd:09:c3:0c:
15:02:79:f7:cc:6e:35:4c:8d:e9:c4:d7:c7:81:b3:
1b:94:3b:3a:40:04:d1:e9:a9:15:2d:db:de:e1:91:
fe:82:80:47:3d:b9:e4:bf:0b:c4:c4:2d:6f:d0:f7:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AA:88:72:C2:B3:F9:74:C9:51:68:D2:14:BF:D5:7F:0F:9E:91:19
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/fa3c0f-c232-4644-b2f4-e04c58a41f66/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/fa3c0f-c232-4644-b2f4-e04c58a41f66/1/zKqIcsKz-XTJUWjSFL_Vfw-ekRk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.254.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
216163
Signature Algorithm: sha256WithRSAEncryption
5b:38:4d:1e:cb:cf:90:b8:11:9c:b4:9a:ee:3a:f2:5f:2c:06:
51:32:f6:3c:9d:d0:af:b7:0a:34:8b:13:22:81:91:ef:f3:a0:
66:32:dd:05:84:46:b7:6c:83:ef:72:cb:dc:ea:73:a2:ea:9d:
20:28:6f:72:2a:00:9e:c3:db:3c:22:c0:c9:6c:e2:16:d7:25:
bc:7b:4e:7f:f1:1f:dd:b8:96:65:03:1b:a8:8a:66:e1:d2:b0:
85:b2:c0:8d:e2:2a:6b:33:3d:87:d2:bb:c4:94:30:d7:68:38:
65:53:3e:b6:d7:27:7b:d1:e1:f4:9a:1d:f1:c8:be:aa:d0:5f:
92:4a:08:50:b1:13:5b:a0:d8:cd:15:cc:d0:6b:94:ee:26:8c:
71:01:29:c4:36:77:ca:1f:12:75:b9:29:1e:8e:72:d3:f3:2c:
9a:32:f9:59:37:84:0f:b6:42:e3:35:9c:6d:21:72:60:f6:61:
53:09:90:b6:3c:6d:6e:08:50:01:fe:c1:95:fb:21:95:84:c7:
58:91:20:73:30:9f:2f:5d:d1:c6:72:47:5d:f7:06:c5:e4:84:
27:82:c4:4f:09:97:bd:07:3c:a3:43:27:99:a3:07:04:4b:ac:
e9:06:18:24:06:0b:ff:9c:d1:5a:da:e3:e9:26:eb:76:d0:d9:
69:58:50:62
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQjaTwQDEACjAaS02b2P3TAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FhODg3MmMyYjNmOTc0Yzk1MTY4ZDIxNGJmZDU3ZjBmOWU5MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9IGDGqjNmNU2aWTQQ9zrKrQE1Xy
FOpvMahsyHxZPuHc5zPs0o/UFdHxK5fPGFb7NUEXbaIyBU5cWFrcovKWY2Hf//M5
MjpicuyBWutzZxTL2psPWSDMmk4G67Qp1NvsEPltWedXd+3tJHVqaOpEnJJyjfqK
wzGVL87yFOY9ZEiUpZMVINxezOy56AI8fQiNnsAnlK8tKvGZg5fXHhx0X+IlI8ir
QCHAGybUXB7dklW3WKkht2A9wL8h8mToJFzfsOSX581aSm8la+5Ny90JwwwVAnn3
zG41TI3pxNfHgbMblDs6QATR6akVLdve4ZH+goBHPbnkvwvExC1v0PdN3wIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFMyqiHLCs/l0yVFo0hS/1X8PnpEZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwL2ZhM2Mw
Zi1jMjMyLTQ2NDQtYjJmNC1lMDRjNThhNDFmNjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvZmEzYzBm
LWMyMzItNDY0NC1iMmY0LWUwNGM1OGE0MWY2Ni8xL3pLcUljc0t6LVhUSlVXalNG
TF9WZnctZWtSay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAHxj+MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwNMYzANBgkqhkiG9w0BAQsFAAOCAQEAWzhNHsvPkLgRnLSa7jryXywGUTL2PJ3Q
r7cKNIsTIoGR7/OgZjLdBYRGt2yD73LL3OpzouqdIChvcioAnsPbPCLAyWziFtcl
vHtOf/Ef3biWZQMbqIpm4dKwhbLAjeIqazM9h9K7xJQw12g4ZVM+ttcne9Hh9Jod
8ci+qtBfkkoIULETW6DYzRXM0GuU7iaMcQEpxDZ3yh8SdbkpHo5y0/MsmjL5WTeE
D7ZC4zWcbSFyYPZhUwmQtjxtbghQAf7BlfshlYTHWJEgczCfL13RxnJHXfcGxeSE
J4LETwmXvQc8o0MnmaMHBEus6QYYJAYL/5zRWtrj6SbrdtDZaVhQYg==
-----END CERTIFICATE-----
Generated at Sat Mar 8 22:08:20 2025 by rpki-client