Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dUxXhm6Xqtqtdd7MadDfBy1Qbuc.cer
File: dUxXhm6Xqtqtdd7MadDfBy1Qbuc.cer (raw, json)
Hash identifier: 6senUMlWLYgMyfi6f4usShjyIIyYUkOOMok0op+OJTM=
Subject key identifier: 75:4C:57:86:6E:97:AA:DA:AD:75:DE:CC:69:D0:DF:07:2D:50:6E:E7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196A044FDDBE4663EB45BA3A2CC6754E7A0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d0/e3bbdf-9585-46e5-b5cc-f68a59d2fe0d/1/dUxXhm6Xqtqtdd7MadDfBy1Qbuc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d0/e3bbdf-9585-46e5-b5cc-f68a59d2fe0d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 05 May 2025 11:46:38 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 210119
IP: 2a14:f480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:44:fd:db:e4:66:3e:b4:5b:a3:a2:cc:67:54:e7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 5 11:46:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=754c57866e97aadaad75decc69d0df072d506ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:94:f4:ea:d3:6a:0b:fa:93:0a:ae:a3:64:4f:
d8:b1:d2:e9:95:a7:dd:f4:ae:70:ed:ca:82:64:4c:
87:e9:0e:02:12:6b:d7:68:d1:10:29:a1:0f:2c:83:
9f:f9:9c:16:1c:28:e3:3b:1b:ee:67:d6:78:6f:c1:
09:3b:d7:18:25:93:e2:0f:7f:dc:10:73:de:09:a0:
29:bf:fa:67:5a:c5:61:eb:a0:31:ef:29:22:60:52:
ec:73:4b:c2:c1:d2:47:7f:8d:04:11:f3:00:d7:7f:
00:cb:41:1e:21:4f:b8:6a:f7:30:56:16:b8:19:03:
65:a8:80:03:e5:8e:55:1f:4b:1e:c7:c5:30:df:bf:
98:11:00:92:5b:43:15:a3:f9:8e:7c:54:b3:4d:09:
c5:ba:b7:67:50:8b:07:a3:95:ec:5e:88:7a:b0:9b:
13:70:54:58:cb:46:2d:9f:84:65:0a:65:7f:6e:ee:
2b:98:45:2e:cf:59:e6:6a:a1:2c:2a:8f:44:8c:af:
56:85:3f:1c:1a:8d:80:b6:8c:22:ee:82:1e:bd:71:
e9:49:d4:95:58:2e:33:d8:4f:43:a8:f4:36:1a:ac:
d2:81:3b:1a:58:af:16:29:f2:d8:24:05:88:66:d6:
87:41:96:ce:40:8e:73:dd:1c:07:81:4c:41:3d:5a:
da:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4C:57:86:6E:97:AA:DA:AD:75:DE:CC:69:D0:DF:07:2D:50:6E:E7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e3bbdf-9585-46e5-b5cc-f68a59d2fe0d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e3bbdf-9585-46e5-b5cc-f68a59d2fe0d/1/dUxXhm6Xqtqtdd7MadDfBy1Qbuc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:f480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210119
Signature Algorithm: sha256WithRSAEncryption
a4:d7:a2:e4:23:c2:4d:ba:2d:91:72:06:95:90:d1:1c:0d:54:
a8:09:a0:8e:ae:b7:61:61:33:85:6f:bf:96:0a:cd:1f:c4:64:
3c:77:0a:de:f9:1b:7e:68:f7:5d:3f:93:d6:84:2e:51:65:c1:
18:09:d2:95:7d:35:80:3e:5c:8f:4c:81:8b:53:10:21:a0:5b:
cb:dc:a8:05:79:b0:49:e0:3a:c7:f5:52:b5:0c:da:30:37:cd:
a5:b0:ef:93:c8:ee:aa:f0:6a:3a:df:b4:73:c0:97:25:c6:8f:
f6:40:44:05:46:6b:78:c5:5b:81:5a:cb:54:1b:a8:f0:37:7e:
3b:84:f8:83:25:3b:bf:1f:9a:9b:f2:6a:2e:37:b7:d9:6a:31:
59:67:d2:fc:9e:2a:6e:45:e0:54:a4:be:14:6f:f0:df:a2:c1:
b0:1e:d4:14:53:08:33:54:83:99:27:4c:e6:ce:e1:65:06:c3:
1f:b4:2f:08:a3:bd:27:d7:6e:9f:d0:fb:78:ae:83:44:29:fd:
bf:32:d8:9e:5a:5f:10:fe:07:49:bf:89:89:bd:d0:ac:0e:71:
53:b4:61:56:8d:56:75:be:6f:36:80:4c:08:94:a2:02:f2:4d:
63:87:49:cb:6c:ea:c0:c8:e8:d1:16:b8:b0:e5:a4:f3:c4:91:
70:0d:30:e9
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZagRP3b5GY+tFujosxnVOegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTA1MTE0NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRjNTc4NjZlOTdhYWRhYWQ3NWRlY2M2OWQwZGYwNzJkNTA2ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5T06tNqC/qTCq6jZE/YsdLplafd
9K5w7cqCZEyH6Q4CEmvXaNEQKaEPLIOf+ZwWHCjjOxvuZ9Z4b8EJO9cYJZPiD3/c
EHPeCaApv/pnWsVh66Ax7ykiYFLsc0vCwdJHf40EEfMA138Ay0EeIU+4avcwVha4
GQNlqIAD5Y5VH0sex8Uw37+YEQCSW0MVo/mOfFSzTQnFurdnUIsHo5XsXoh6sJsT
cFRYy0Ytn4RlCmV/bu4rmEUuz1nmaqEsKo9EjK9WhT8cGo2Atowi7oIevXHpSdSV
WC4z2E9DqPQ2GqzSgTsaWK8WKfLYJAWIZtaHQZbOQI5z3RwHgUxBPVraGwIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFHVMV4Zul6rarXXezGnQ3wctUG7nMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QwL2UzYmJk
Zi05NTg1LTQ2ZTUtYjVjYy1mNjhhNTlkMmZlMGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAvZTNiYmRm
LTk1ODUtNDZlNS1iNWNjLWY2OGE1OWQyZmUwZC8xL2RVeFhobTZYcXRxdGRkN01h
ZERmQnkxUWJ1Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKhT0gDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMDNMcwDQYJKoZIhvcNAQELBQADggEBAKTXouQjwk26LZFyBpWQ0RwNVKgJoI6u
t2FhM4Vvv5YKzR/EZDx3Ct75G35o910/k9aELlFlwRgJ0pV9NYA+XI9MgYtTECGg
W8vcqAV5sEngOsf1UrUM2jA3zaWw75PI7qrwajrftHPAlyXGj/ZARAVGa3jFW4Fa
y1QbqPA3fjuE+IMlO78fmpvyai43t9lqMVln0vyeKm5F4FSkvhRv8N+iwbAe1BRT
CDNUg5knTObO4WUGwx+0LwijvSfXbp/Q+3iug0Qp/b8y2J5aXxD+B0m/iYm90KwO
cVO0YVaNVnW+bzaATAiUogLyTWOHScts6sDI6NEWuLDlpPPEkXANMOk=
-----END CERTIFICATE-----
Generated at Tue May 13 12:24:18 2025 by rpki-client