Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/q1wa2N15IqRaLMdIHv4B3UMwBsI.cer
File: q1wa2N15IqRaLMdIHv4B3UMwBsI.cer (raw, json)
Hash identifier: I+5SaqBe1Zt/2X9OfloiPgFLiS+PqZa0Muugbxj1LDc=
Subject key identifier: AB:5C:1A:D8:DD:79:22:A4:5A:2C:C7:48:1E:FE:01:DD:43:30:06:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196AA9F4F5D4DA27AA35BC8FF98EFEB8102
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/q1wa2N15IqRaLMdIHv4B3UMwBsI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 07 May 2025 12:01:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 81.92.200.0 -- 81.92.215.255
IP: 85.199.216.0/21
IP: 193.108.244.0/22
IP: 217.138.0.0 -- 217.138.103.255
IP: 217.138.105.0 -- 217.138.161.255
IP: 217.138.163.0 -- 217.138.191.255
IP: 217.138.224.0 -- 217.138.251.255
IP: 2a0a:c200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:9f:4f:5d:4d:a2:7a:a3:5b:c8:ff:98:ef:eb:81:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 7 12:01:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab5c1ad8dd7922a45a2cc7481efe01dd433006c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4a:3b:51:b1:35:e6:61:6f:33:83:70:b3:6b:
99:ba:52:ba:76:f0:2d:55:6f:ce:e7:5a:48:4f:f0:
7e:db:1b:9c:6b:66:2f:52:44:33:f9:c9:8c:e4:17:
88:5e:3e:b3:cb:34:f6:68:b3:45:15:09:41:13:df:
56:8f:1e:06:cc:d9:28:c4:fb:10:35:c8:13:8f:1e:
8e:d1:8f:25:df:29:0b:44:f4:4a:f4:00:87:03:97:
10:1f:6c:7f:51:1f:6b:da:83:38:77:7d:3d:b8:1d:
d0:f8:b6:27:db:6b:95:67:9b:c6:ba:0e:30:4a:92:
c5:92:a0:52:ad:3b:51:b5:eb:c3:3a:f1:3f:31:b1:
94:1d:42:59:03:d4:07:2a:29:0c:51:65:c5:d3:99:
98:1f:8b:e6:98:19:7d:4c:0e:9c:5d:b1:0e:9f:7a:
53:c9:be:35:58:8b:7c:39:bd:e1:1d:5b:ca:b8:fa:
c8:2f:de:45:b6:d6:af:a5:b7:23:81:18:de:c3:f1:
d1:da:df:fa:9d:11:a0:2a:7d:4d:9f:27:f8:ea:52:
fd:2d:44:24:fe:cd:82:e2:9c:b3:fc:43:86:c7:ef:
3e:a8:90:27:33:63:8d:37:b3:09:48:e6:d5:b4:06:
75:e3:5d:09:d7:14:e4:ec:8f:76:6a:0f:c2:7b:40:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5C:1A:D8:DD:79:22:A4:5A:2C:C7:48:1E:FE:01:DD:43:30:06:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/q1wa2N15IqRaLMdIHv4B3UMwBsI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.200.0-81.92.215.255
85.199.216.0/21
193.108.244.0/22
217.138.0.0-217.138.103.255
217.138.105.0-217.138.161.255
217.138.163.0-217.138.191.255
217.138.224.0-217.138.251.255
IPv6:
2a0a:c200::/29
Signature Algorithm: sha256WithRSAEncryption
15:5d:14:49:b3:07:9e:af:48:ca:ec:4a:31:7c:32:a3:30:45:
9a:ae:f7:19:b2:de:8e:00:c4:07:21:7f:f1:77:2b:8b:40:c7:
62:cb:f9:ad:f1:52:af:b2:07:81:0c:76:31:f0:7b:ec:5e:d0:
2c:bd:e5:4f:3c:66:7e:4d:1d:2c:af:36:c8:0a:2f:57:2c:3b:
41:36:af:ac:0c:1a:45:05:14:4c:46:99:52:b9:c7:d7:00:c3:
90:8a:8a:05:72:d9:d9:45:49:f6:b9:ed:fa:54:4d:18:65:ec:
52:64:4f:b0:1e:ec:a1:56:6a:c9:a8:3b:1d:bb:ab:e0:8c:c2:
b2:c3:a1:26:38:1d:7d:ab:8c:a1:7b:f7:24:88:61:79:1b:2d:
17:0b:85:36:1d:40:fe:f0:af:85:72:12:7a:6f:0e:d3:63:b2:
ec:27:14:6f:54:db:2a:8d:f4:a0:95:56:4a:5e:8a:0e:5e:aa:
86:76:34:f2:88:26:a5:f4:aa:4a:9f:3f:cb:57:eb:f0:38:39:
25:e0:1d:09:b6:8f:1f:44:43:05:af:80:22:c4:ae:ed:f1:e8:
35:7e:55:ab:1d:81:19:fa:4b:62:8b:c1:d8:f5:33:ff:36:2a:
1a:0b:51:21:6c:75:eb:79:4e:1f:be:d6:86:3a:c5:28:77:63:
ab:ab:42:b2
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZaqn09dTaJ6o1vI/5jv64ECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTA3MTIwMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVjMWFkOGRkNzkyMmE0NWEyY2M3NDgxZWZlMDFkZDQzMzAwNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Uo7UbE15mFvM4Nws2uZulK6dvAt
VW/O51pIT/B+2xuca2YvUkQz+cmM5BeIXj6zyzT2aLNFFQlBE99Wjx4GzNkoxPsQ
NcgTjx6O0Y8l3ykLRPRK9ACHA5cQH2x/UR9r2oM4d309uB3Q+LYn22uVZ5vGug4w
SpLFkqBSrTtRtevDOvE/MbGUHUJZA9QHKikMUWXF05mYH4vmmBl9TA6cXbEOn3pT
yb41WIt8Ob3hHVvKuPrIL95FttavpbcjgRjew/HR2t/6nRGgKn1Nnyf46lL9LUQk
/s2C4pyz/EOGx+8+qJAnM2ONN7MJSObVtAZ1410J1xTk7I92ag/Ce0BK9QIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFKtcGtjdeSKkWizHSB7+Ad1DMAbCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZhLzllOTli
Zi0yZDg5LTQ0MDEtYmM5Zi1jYmE4YzhhNTQ1M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEvOWU5OWJm
LTJkODktNDQwMS1iYzlmLWNiYThjOGE1NDUzZS8xL3Exd2EyTjE1SXFSYUxNZElI
djRCM1VNd0JzSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUF
BwEHAQH/BGowaDBXBAIAATBRMAwDBANRXMgDBANRXNADBANVx9gDBALBbPQwCwMD
AdmKAwQD2YpgMAwDBADZimkDBAHZiqAwDAMEANmKowMEBtmKgDAMAwQF2YrgAwQC
2Yr4MA0EAgACMAcDBQMqCsIAMA0GCSqGSIb3DQEBCwUAA4IBAQAVXRRJsweer0jK
7EoxfDKjMEWarvcZst6OAMQHIX/xdyuLQMdiy/mt8VKvsgeBDHYx8HvsXtAsveVP
PGZ+TR0srzbICi9XLDtBNq+sDBpFBRRMRplSucfXAMOQiooFctnZRUn2ue36VE0Y
ZexSZE+wHuyhVmrJqDsdu6vgjMKyw6EmOB19q4yhe/ckiGF5Gy0XC4U2HUD+8K+F
chJ6bw7TY7LsJxRvVNsqjfSglVZKXooOXqqGdjTyiCal9KpKnz/LV+vwODkl4B0J
to8fREMFr4AixK7t8eg1flWrHYEZ+ktii8HY9TP/NioaC1EhbHXreU4fvtaGOsUo
d2Orq0Ky
-----END CERTIFICATE-----
Generated at Sun May 11 16:21:27 2025 by rpki-client