Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
File: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer (raw, json)
Hash identifier: OkrMW75g+2jvNDuhVyG1drPTo6oy4CWZzAVRjBNrffw=
Subject key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B33D539EDBA1E4A4BA782BDDA879BB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:48:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 42425
AS: 48577
IP: 2.59.4.0/22
IP: 94.125.232.0/21
IP: 178.255.184.0/21
IP: 185.28.80.0/22
IP: 2a00:1088::/32
IP: 2a09:ecc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:3d:53:9e:db:a1:e4:a4:ba:78:2b:dd:a8:79:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cddd902a1271270027e4577778ea35883b4515f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:02:a2:60:72:5f:b6:37:29:f6:a7:dc:7c:e1:
e4:cf:44:36:df:37:38:6b:a4:20:d0:82:26:63:94:
2a:63:cb:e2:44:d5:e5:9d:3f:f9:83:b1:3b:58:6a:
5a:6f:4f:b5:68:90:30:7f:12:8f:e8:13:39:90:2f:
a6:52:7d:53:30:00:52:e8:49:6e:f2:43:98:c7:64:
02:d8:11:b7:e0:35:0c:aa:fe:31:f1:c0:1d:ba:9c:
83:02:9d:12:cf:19:79:97:8d:7b:37:6d:9d:2c:31:
73:e5:ea:53:fe:5a:d6:ad:76:c6:6d:83:44:e1:18:
b3:4e:30:03:96:96:8c:78:85:37:f8:8b:f9:7a:c8:
d4:8b:fa:98:4c:61:5d:5f:88:f3:8a:9b:0d:4b:7f:
45:08:50:52:f9:b6:82:ac:bc:84:12:92:28:60:45:
ff:5f:9f:50:da:ee:54:36:4f:e5:f5:0c:6d:fa:04:
10:bd:c7:bf:e9:80:08:89:09:48:cd:81:a5:9b:25:
20:bc:83:6c:2b:85:d3:d5:0e:c9:b1:16:04:a0:0e:
fc:03:74:0b:20:fe:17:71:95:88:7e:b3:1d:99:21:
22:ca:e9:eb:74:5b:ec:13:5e:ad:56:7f:f1:7d:98:
07:61:7b:cc:dc:da:b6:29:58:bb:fb:7c:99:fa:02:
e7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.4.0/22
94.125.232.0/21
178.255.184.0/21
185.28.80.0/22
IPv6:
2a00:1088::/32
2a09:ecc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42425
48577
Signature Algorithm: sha256WithRSAEncryption
4d:a7:a7:8b:70:d6:9c:23:9a:5d:d8:45:10:74:32:09:eb:9b:
7e:92:7d:7b:bb:95:96:db:68:dd:48:d6:aa:33:a5:d6:c6:44:
04:92:82:79:89:4a:6a:43:d6:3d:bb:e3:c3:03:ed:ff:b0:4c:
03:1c:df:dc:4b:9d:76:e6:81:1a:6d:e9:ed:06:d9:41:29:94:
0c:ad:de:94:22:52:9f:ca:56:db:61:34:3f:2e:b7:00:e1:24:
ee:0e:16:f3:26:29:07:d1:1b:c7:35:23:2b:58:2e:22:54:32:
99:68:b3:a0:fe:d4:ec:e2:a5:bf:9e:77:39:84:c0:24:67:60:
e3:07:5f:f5:c0:7d:ac:a3:fd:a9:10:f1:0d:f1:59:35:e5:ae:
b8:d8:8a:02:9f:2e:ed:e2:9a:2c:68:1c:44:1b:e4:e8:a1:a3:
66:00:d3:df:83:13:53:34:83:d1:b8:1a:47:5f:17:9f:34:b0:
77:c1:cd:01:79:fe:85:82:88:1a:ec:09:43:d4:66:f0:18:6a:
c2:ab:84:bf:b5:05:ef:c3:b3:9c:2e:fc:f7:79:dc:56:3c:2d:
92:b4:e5:5a:1b:c9:6e:58:b6:33:da:53:f9:f7:4f:dc:ab:1c:
f0:df:00:9a:35:b4:61:a3:64:86:7c:f7:6c:d8:f1:84:42:3b:
ff:fd:a3:6f
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAZQksz1Tntuh5KS6eCvdqHm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRkOTAyYTEyNzEyNzAwMjdlNDU3Nzc3OGVhMzU4ODNiNDUxNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAKiYHJftjcp9qfcfOHkz0Q23zc4
a6Qg0IImY5QqY8viRNXlnT/5g7E7WGpab0+1aJAwfxKP6BM5kC+mUn1TMABS6Elu
8kOYx2QC2BG34DUMqv4x8cAdupyDAp0Szxl5l417N22dLDFz5epT/lrWrXbGbYNE
4RizTjADlpaMeIU3+Iv5esjUi/qYTGFdX4jzipsNS39FCFBS+baCrLyEEpIoYEX/
X59Q2u5UNk/l9Qxt+gQQvce/6YAIiQlIzYGlmyUgvINsK4XT1Q7JsRYEoA78A3QL
IP4XcZWIfrMdmSEiyunrdFvsE16tVn/xfZgHYXvM3Nq2KVi7+3yZ+gLnJwIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFM3dkCoScScAJ+RXd3jqNYg7RRX2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxLzdhMWVi
NC0yOTBhLTQ2ODYtOGJiYS1kYzc1NDIxMzg5NTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvN2ExZWI0
LTI5MGEtNDY4Ni04YmJhLWRjNzU0MjEzODk1Mi8xL3pkMlFLaEp4SndBbjVGZDNl
T28xaUR0RkZmWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF
BwEHAQH/BDgwNjAeBAIAATAYAwQCAjsEAwQDXn3oAwQDsv+4AwQCuRxQMBQEAgAC
MA4DBQAqABCIAwUDKgnswDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMApbkCAwC9
wTANBgkqhkiG9w0BAQsFAAOCAQEATaeni3DWnCOaXdhFEHQyCeubfpJ9e7uVltto
3UjWqjOl1sZEBJKCeYlKakPWPbvjwwPt/7BMAxzf3EudduaBGm3p7QbZQSmUDK3e
lCJSn8pW22E0Py63AOEk7g4W8yYpB9EbxzUjK1guIlQymWizoP7U7OKlv553OYTA
JGdg4wdf9cB9rKP9qRDxDfFZNeWuuNiKAp8u7eKaLGgcRBvk6KGjZgDT34MTUzSD
0bgaR18XnzSwd8HNAXn+hYKIGuwJQ9Rm8BhqwquEv7UF78OznC7893ncVjwtkrTl
WhvJbli2M9pT+fdP3Ksc8N8AmjW0YaNkhnz3bNjxhEI7//2jbw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:03:51 2025 by rpki-client