Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
File: CIRls3stTp9BOjHce35suioz25Y.cer (raw, json)
Hash identifier: +qKKMXleGZkD7/Mg4gL7h4gYtNeBcpxtc3OSdVN3tHk=
Subject key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196AA31D875B5A45DE8635456230A86AEB5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 07 May 2025 10:01:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8647
AS: 15596
IP: 45.150.149.0/24
IP: 62.3.26.0/24
IP: 91.213.173.0/24
IP: 103.216.172.0/22
IP: 109.122.0.0 -- 109.122.39.255
IP: 188.66.24.0/22
IP: 193.108.56.0/22
IP: 193.108.102.0 -- 193.108.105.255
IP: 193.242.117.0/24
IP: 213.109.154.0/24
IP: 2a06:fc0::/29
IP: 2a06:5e80::/29
IP: 2a07:3f00::/29
IP: 2a07:e840::/29
IP: 2a09:4bc0::/29
IP: 2a09:ddc0::/29
IP: 2a11:4380::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:31:d8:75:b5:a4:5d:e8:63:54:56:23:0a:86:ae:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 7 10:01:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:8b:76:35:48:f1:9d:10:32:b4:5d:aa:46:
67:3f:97:1e:d4:c3:0b:07:0d:53:5e:6b:d0:df:d0:
6a:94:cd:38:32:09:60:4a:f6:73:32:8d:a2:cb:97:
f4:b6:5b:a9:ad:25:0b:8c:89:58:30:2c:61:d0:72:
9b:21:8f:c8:23:a5:dc:d7:f3:94:33:3e:4d:ed:74:
d1:02:eb:5a:02:dc:76:6c:64:8f:4d:a2:55:23:7a:
af:63:09:29:d0:32:54:ed:7e:de:da:c1:f8:2d:58:
86:de:fa:1f:99:3d:d2:47:1b:af:e9:74:79:80:fe:
5f:c7:9d:1a:0a:80:52:36:fa:ca:80:1a:10:b7:a4:
22:c1:e0:94:aa:64:04:10:72:98:e5:86:f5:45:c3:
8b:53:3e:d9:89:06:85:62:5d:1c:81:75:59:4e:43:
67:79:15:57:95:b5:4a:d1:dc:82:49:cd:89:bb:65:
50:ed:0e:0b:42:c6:7a:05:bd:3b:75:a0:86:e6:ab:
82:2c:20:49:2c:54:a6:f2:2f:b1:14:26:c1:2b:a4:
83:d6:a8:a8:db:f1:cd:44:a9:15:fd:67:72:e6:8c:
e8:3e:5d:df:29:0e:f2:57:a2:fe:de:cd:b9:2a:7a:
f0:92:35:7d:45:3d:bf:66:68:5d:21:ec:78:f6:d0:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
62.3.26.0/24
91.213.173.0/24
103.216.172.0/22
109.122.0.0-109.122.39.255
188.66.24.0/22
193.108.56.0/22
193.108.102.0-193.108.105.255
193.242.117.0/24
213.109.154.0/24
IPv6:
2a06:fc0::/29
2a06:5e80::/29
2a07:3f00::/29
2a07:e840::/29
2a09:4bc0::/29
2a09:ddc0::/29
2a11:4380::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8647
15596
Signature Algorithm: sha256WithRSAEncryption
78:18:42:ad:67:6b:17:be:db:93:56:41:77:a4:55:c3:04:b5:
e3:b2:98:f3:9f:f2:a6:1b:62:ef:28:44:00:2a:ff:58:08:93:
4a:c4:69:9c:18:8d:19:b7:6e:49:5c:01:f4:35:c5:ee:40:73:
93:cd:53:8a:7b:fc:4e:af:a1:6c:0d:b7:39:9a:c2:52:e7:b0:
40:b1:da:6d:65:5c:88:ee:d3:60:70:80:f3:68:38:aa:db:93:
2c:cd:d1:86:57:0c:5d:52:62:32:f6:8b:92:d1:33:0b:74:7e:
3b:9c:e8:8f:8b:fc:8e:cb:8d:76:66:2a:30:a4:54:7f:77:e9:
d9:1f:52:0a:93:60:5b:8b:b3:55:ec:51:7a:ff:61:c7:07:e6:
3d:9e:6f:8c:b5:87:b7:1e:8e:b8:99:f0:2a:91:94:78:df:16:
37:50:61:64:79:66:bf:fb:1a:da:77:03:25:93:af:c9:c8:3a:
4f:a9:dd:98:f3:a7:e2:c3:ec:d3:2b:6c:6c:0c:96:e6:79:b1:
bd:1b:05:7f:29:b5:b8:00:dd:02:85:1b:b6:dd:d0:2d:8f:73:
48:e7:09:56:f8:53:ba:d7:2d:96:ec:4f:6b:29:d8:ce:ab:1f:
09:a3:55:1b:c5:f1:43:4f:1c:81:42:62:70:f7:81:5d:7c:0f:
a4:c8:24:56
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZaqMdh1taRd6GNUViMKhq61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTA3MTAwMTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg0NjViMzdiMmQ0ZTlmNDEzYTMxZGM3YjdlNmNiYTJhMzNkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJCLdjVI8Z0QMrRdqkZnP5ce1MML
Bw1TXmvQ39BqlM04MglgSvZzMo2iy5f0tluprSULjIlYMCxh0HKbIY/II6Xc1/OU
Mz5N7XTRAutaAtx2bGSPTaJVI3qvYwkp0DJU7X7e2sH4LViG3vofmT3SRxuv6XR5
gP5fx50aCoBSNvrKgBoQt6QiweCUqmQEEHKY5Yb1RcOLUz7ZiQaFYl0cgXVZTkNn
eRVXlbVK0dyCSc2Ju2VQ7Q4LQsZ6Bb07daCG5quCLCBJLFSm8i+xFCbBK6SD1qio
2/HNRKkV/Wdy5ozoPl3fKQ7yV6L+3s25KnrwkjV9RT2/ZmhdIex49tC11QIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFAiEZbN7LU6fQTox3Ht+bLoqM9uWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzNlMmIx
OC01NWM5LTQxODAtOGM2ZS0yYzcwODZmZGVkOTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvM2UyYjE4
LTU1YzktNDE4MC04YzZlLTJjNzA4NmZkZWQ5My8xL0NJUmxzM3N0VHA5Qk9qSGNl
MzVzdWlvejI1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGfBggrBgEF
BQcBBwEB/wSBjzCBjDBRBAIAATBLAwQALZaVAwQAPgMaAwQAW9WtAwQCZ9isMAsD
AwFtegMEA216IAMEArxCGAMEAsFsODAMAwQBwWxmAwQBwWxoAwQAwfJ1AwQA1W2a
MDcEAgACMDEDBQMqBg/AAwUDKgZegAMFAyoHPwADBQMqB+hAAwUDKglLwAMFAyoJ
3cADBQMqEUOAMB0GCCsGAQUFBwEIAQH/BA4wDKAKMAgCAiHHAgI87DANBgkqhkiG
9w0BAQsFAAOCAQEAeBhCrWdrF77bk1ZBd6RVwwS147KY85/yphti7yhEACr/WAiT
SsRpnBiNGbduSVwB9DXF7kBzk81Tinv8Tq+hbA23OZrCUuewQLHabWVciO7TYHCA
82g4qtuTLM3RhlcMXVJiMvaLktEzC3R+O5zoj4v8jsuNdmYqMKRUf3fp2R9SCpNg
W4uzVexRev9hxwfmPZ5vjLWHtx6OuJnwKpGUeN8WN1BhZHlmv/sa2ncDJZOvycg6
T6ndmPOn4sPs0ytsbAyW5nmxvRsFfym1uADdAoUbtt3QLY9zSOcJVvhTutctluxP
aynYzqsfCaNVG8XxQ08cgUJicPeBXXwPpMgkVg==
-----END CERTIFICATE-----
Generated at Sun May 11 01:09:43 2025 by rpki-client