Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
File: zrhpg1RxEzWbreHz84EECR46ZDk.cer (raw, json)
Hash identifier: TaM92tXY1mzRyF+A6bQ1RtJCDecXjT1SMRVnwYgAE0g=
Subject key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0195D1BA41E041C80BCABFB82A25F1B63D0D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 26 Mar 2025 09:13:19 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8612
IP: 82.84.0.0/15
IP: 84.220.0.0/15
IP: 94.32.0.0/16
IP: 94.34.0.0/15
IP: 94.199.8.0/21
IP: 185.38.136.0/22
IP: 193.43.2.0/24
IP: 193.207.24.0 -- 193.207.255.255
IP: 195.130.224.0/19
IP: 212.123.64.0/19
IP: 213.205.0.0/18
IP: 217.73.208.0/21
IP: 2a00:c680::/32
IP: 2a01:7d0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:ba:41:e0:41:c8:0b:ca:bf:b8:2a:25:f1:b6:3d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 26 09:13:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceb86983547113359bade1f3f38104091e3a6439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:dc:ad:fe:2d:3c:69:16:83:a6:63:91:cb:
86:73:56:ad:36:a8:81:3c:0c:55:23:d2:5c:93:0d:
f4:f8:f6:f7:ce:b1:fc:99:79:8f:93:eb:ba:d4:fd:
64:16:c3:b5:b2:11:97:0e:cf:4a:f0:27:41:89:a3:
2f:e5:85:3b:ea:97:4d:f6:8d:fb:f7:f5:ba:e5:dd:
54:89:8f:40:bf:f7:55:18:f6:0e:20:3f:dc:53:e4:
bd:0d:f8:33:33:1c:b6:62:d6:eb:96:56:4a:c2:db:
a6:6c:b7:77:cd:d8:57:8a:eb:b9:4c:d4:a5:bc:54:
dd:6f:df:7f:59:89:e1:41:03:1a:69:94:46:75:7a:
45:68:44:59:a4:99:2b:e6:08:c9:bf:a9:00:c5:a7:
c6:27:46:b9:97:3e:b2:49:e7:82:5f:3a:b3:dc:a6:
1b:3f:95:be:68:0f:8e:8f:58:88:85:45:7f:5d:c2:
c1:f3:3e:4a:96:d7:d4:3d:9d:cb:0e:bb:08:0d:cf:
aa:4c:15:05:e5:9a:a2:df:78:8c:05:ac:eb:38:97:
eb:31:f4:8f:81:b9:4a:6c:85:3f:b8:96:09:34:0f:
09:f5:48:cd:8a:31:a5:71:26:dc:0d:2c:18:3c:f2:
0a:82:c6:24:04:3b:f9:07:bb:a2:60:ce:73:e9:a4:
71:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/16
94.34.0.0/15
94.199.8.0/21
185.38.136.0/22
193.43.2.0/24
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/21
IPv6:
2a00:c680::/32
2a01:7d0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8612
Signature Algorithm: sha256WithRSAEncryption
14:a3:34:3d:6c:d7:26:1c:a6:9b:10:4e:16:0f:87:c7:57:b2:
08:09:88:bf:cb:bd:1b:14:8c:73:80:4d:bd:73:53:33:c7:f2:
c8:fa:23:d0:e2:d0:ff:ca:09:b1:fe:04:d2:fe:32:c9:01:34:
88:a1:01:cc:e1:75:68:e3:9e:c9:46:56:30:a1:a7:91:18:46:
2e:82:1d:be:a0:84:67:81:07:9b:df:f3:42:05:61:46:11:44:
d3:87:36:a8:f7:7f:65:fe:67:31:e2:ac:e1:69:da:36:6c:c5:
39:02:7e:19:0d:26:d2:40:7c:49:66:01:40:24:22:f6:d9:70:
d0:90:d7:d1:ba:9c:73:9e:f1:f3:dd:94:3a:e0:a7:5b:03:aa:
d3:f3:c8:20:e4:fc:90:1e:42:14:04:c1:0d:6d:7d:75:f7:39:
00:55:ac:a5:c5:de:a7:2e:a5:98:0f:5d:20:27:54:d6:a5:3c:
e8:fd:dc:90:2e:d4:2d:03:10:5f:9e:c0:f4:29:41:c0:78:9d:
17:dc:82:9d:c4:cb:9f:3b:e9:6e:37:9a:c0:c5:40:10:30:8e:
39:e1:d5:df:af:90:71:67:e5:62:c8:77:99:76:de:68:a9:80:
7b:6e:47:b7:ae:22:a7:c2:f6:78:99:b9:d9:86:05:f2:46:c9:
3c:63:1a:51
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZXRukHgQcgLyr+4KiXxtj0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMzI2MDkxMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI4Njk4MzU0NzExMzM1OWJhZGUxZjNmMzgxMDQwOTFlM2E2NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqDcrf4tPGkWg6ZjkcuGc1atNqiB
PAxVI9Jckw30+Pb3zrH8mXmPk+u61P1kFsO1shGXDs9K8CdBiaMv5YU76pdN9o37
9/W65d1UiY9Av/dVGPYOID/cU+S9DfgzMxy2YtbrllZKwtumbLd3zdhXiuu5TNSl
vFTdb99/WYnhQQMaaZRGdXpFaERZpJkr5gjJv6kAxafGJ0a5lz6ySeeCXzqz3KYb
P5W+aA+Oj1iIhUV/XcLB8z5KltfUPZ3LDrsIDc+qTBUF5Zqi33iMBazrOJfrMfSP
gblKbIU/uJYJNA8J9UjNijGlcSbcDSwYPPIKgsYkBDv5B7uiYM5z6aRx6QIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFM64aYNUcRM1m63h8/OBBAkeOmQ5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxL2YzNTM5
ZC0zOGNkLTQ2NWUtYTU3ZC1kZWUyZjY1MGRkODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvZjM1Mzlk
LTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8xL3pyaHBnMVJ4RXpXYnJlSHo4
NEVFQ1I0NlpEay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHoGCCsGAQUF
BwEHAQH/BGswaTBRBAIAATBLAwMBUlQDAwFU3AMDAF4gAwMBXiIDBANexwgDBAK5
JogDBADBKwIwCwMEA8HPGAMDBMHAAwQFw4LgAwQF1HtAAwQG1c0AAwQD2UnQMBQE
AgACMA4DBQAqAMaAAwUAKgEH0DAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgIhpDAN
BgkqhkiG9w0BAQsFAAOCAQEAFKM0PWzXJhymmxBOFg+Hx1eyCAmIv8u9GxSMc4BN
vXNTM8fyyPoj0OLQ/8oJsf4E0v4yyQE0iKEBzOF1aOOeyUZWMKGnkRhGLoIdvqCE
Z4EHm9/zQgVhRhFE04c2qPd/Zf5nMeKs4WnaNmzFOQJ+GQ0m0kB8SWYBQCQi9tlw
0JDX0bqcc57x892UOuCnWwOq0/PIIOT8kB5CFATBDW19dfc5AFWspcXepy6lmA9d
ICdU1qU86P3ckC7ULQMQX57A9ClBwHidF9yCncTLnzvpbjeawMVAEDCOOeHV36+Q
cWflYsh3mXbeaKmAe25Ht64ip8L2eJm52YYF8kbJPGMaUQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:08:35 2025 by rpki-client