Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zm4aIgj6PxufPTj_8fjiw02RHzY.cer
File: zm4aIgj6PxufPTj_8fjiw02RHzY.cer (raw, json)
Hash identifier: gHLwcc+d3z8tZXLrlr/k2VL3TfZyiAil1PEzMPplCFs=
Subject key identifier: CE:6E:1A:22:08:FA:3F:1B:9F:3D:38:FF:F1:F8:E2:C3:4D:91:1F:36
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B37C91C5C796F32AAE2357174336E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/zm4aIgj6PxufPTj_8fjiw02RHzY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:48:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 193.43.100.0/24
IP: 193.43.110.0/24
IP: 193.43.126.0/24
IP: 193.43.136.0/24
IP: 2a0f:8240::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7c:91:c5:c7:96:f3:2a:ae:23:57:17:43:36:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce6e1a2208fa3f1b9f3d38fff1f8e2c34d911f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f7:16:d2:86:c1:19:c1:ad:97:22:8c:a4:40:
20:9f:5b:e9:31:6c:ae:6e:12:4f:65:ea:67:0a:07:
6f:41:f7:04:b8:ac:49:2e:ce:4e:60:d0:1f:fd:61:
ca:f3:53:16:79:4e:4d:9f:0e:0f:82:21:ff:76:b9:
bd:7a:40:0a:3d:74:f7:75:c0:22:0d:a8:1c:f2:10:
ac:f7:86:43:44:16:71:71:23:b8:fc:f6:ce:25:fa:
a2:e5:94:3d:8d:30:16:e5:8f:3e:cb:08:19:ee:cc:
c4:be:0c:12:f3:25:ed:b3:e8:d7:11:bc:a4:f7:75:
af:d7:e4:96:97:7e:bb:9a:2d:12:1b:3c:4d:5b:a8:
43:91:53:8a:78:dc:f6:3f:57:14:6b:70:ad:bd:ee:
c6:47:56:86:c9:8e:5a:10:ac:4f:62:3a:97:68:08:
95:de:ab:d4:e0:5b:56:2e:72:a8:7c:a6:b6:42:98:
c0:3f:0d:3e:2c:5b:90:53:5c:e7:d7:ef:7f:1d:e1:
ab:bb:fc:27:24:6e:9b:3a:36:0d:97:c3:e0:88:7c:
5f:2d:13:af:76:4c:7e:8a:ac:be:d4:2b:ff:d5:bd:
77:a1:34:87:fd:95:f6:c6:c0:4a:ea:7d:31:a0:77:
1a:e6:f5:06:50:86:af:8b:23:58:1c:d7:7f:aa:9f:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6E:1A:22:08:FA:3F:1B:9F:3D:38:FF:F1:F8:E2:C3:4D:91:1F:36
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/zm4aIgj6PxufPTj_8fjiw02RHzY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.100.0/24
193.43.110.0/24
193.43.126.0/24
193.43.136.0/24
IPv6:
2a0f:8240::/29
Signature Algorithm: sha256WithRSAEncryption
0c:c2:b0:b0:18:d3:6f:76:27:b7:bd:50:8b:e9:af:63:53:d0:
cc:ec:f9:0b:f4:ad:81:ae:53:37:09:7d:c1:5a:6b:87:ba:2a:
c9:4b:44:a8:60:e1:5b:92:c8:93:95:80:72:32:9b:ce:22:96:
5b:cc:2d:75:6c:cd:b2:aa:5f:72:3b:29:d7:ef:5a:9c:39:26:
88:42:dc:9e:b6:8c:92:30:ab:80:b3:2b:36:4b:58:a5:fa:12:
f1:87:eb:b8:7a:7c:6e:2c:aa:75:07:1c:0c:42:cb:4f:ea:1f:
43:7c:3c:6e:14:aa:9c:4d:3c:8a:5e:15:51:5d:22:2e:43:cb:
92:7f:c8:c9:b2:cf:df:e0:2f:15:97:16:a4:1c:94:2f:31:9b:
36:5e:51:58:3e:91:93:1c:e2:ec:21:22:50:66:52:dd:bd:85:
9b:83:25:f7:7b:d8:65:9e:5f:91:43:a5:43:a1:58:92:ad:1c:
42:27:39:9d:7e:71:9b:61:fa:fc:90:44:3e:c2:88:61:02:25:
1e:2c:8f:09:3b:ae:9b:af:bb:8b:f4:27:71:52:6d:ea:56:03:
bc:27:48:04:c7:76:96:eb:73:80:e5:de:66:98:ab:ab:84:de:
9e:c9:58:6e:e4:c6:b4:c9:8d:5d:b6:e7:cf:23:2f:ce:58:85:
19:e3:7e:ed
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZQks3yRxceW8yquI1cXQzbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZlMWEyMjA4ZmEzZjFiOWYzZDM4ZmZmMWY4ZTJjMzRkOTExZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPcW0obBGcGtlyKMpEAgn1vpMWyu
bhJPZepnCgdvQfcEuKxJLs5OYNAf/WHK81MWeU5Nnw4PgiH/drm9ekAKPXT3dcAi
Dagc8hCs94ZDRBZxcSO4/PbOJfqi5ZQ9jTAW5Y8+ywgZ7szEvgwS8yXts+jXEbyk
93Wv1+SWl367mi0SGzxNW6hDkVOKeNz2P1cUa3Ctve7GR1aGyY5aEKxPYjqXaAiV
3qvU4FtWLnKofKa2QpjAPw0+LFuQU1zn1+9/HeGru/wnJG6bOjYNl8PgiHxfLROv
dkx+iqy+1Cv/1b13oTSH/ZX2xsBK6n0xoHca5vUGUIaviyNYHNd/qp/2iwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFM5uGiII+j8bnz04//H44sNNkR82MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzQwNzQ2
ZS03NGMwLTQ3Y2EtYTIzYy05ZmVmMDExNGEyZTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvNDA3NDZl
LTc0YzAtNDdjYS1hMjNjLTlmZWYwMTE0YTJlNS8xL3ptNGFJZ2o2UHh1ZlBUal84
ZmppdzAyUkh6WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQAwStkAwQAwStuAwQAwSt+AwQAwSuIMA0EAgAC
MAcDBQMqD4JAMA0GCSqGSIb3DQEBCwUAA4IBAQAMwrCwGNNvdie3vVCL6a9jU9DM
7PkL9K2BrlM3CX3BWmuHuirJS0SoYOFbksiTlYByMpvOIpZbzC11bM2yql9yOynX
71qcOSaIQtyetoySMKuAsys2S1il+hLxh+u4enxuLKp1BxwMQstP6h9DfDxuFKqc
TTyKXhVRXSIuQ8uSf8jJss/f4C8VlxakHJQvMZs2XlFYPpGTHOLsISJQZlLdvYWb
gyX3e9hlnl+RQ6VDoViSrRxCJzmdfnGbYfr8kEQ+wohhAiUeLI8JO66br7uL9Cdx
Um3qVgO8J0gEx3aW63OA5d5mmKurhN6eyVhu5Ma0yY1dtufPIy/OWIUZ437t
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:53:31 2025 by rpki-client