Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
File: ci0p5qil5cpi3rc-r_OrE95VBq0.cer (raw, json)
Hash identifier: XRkxWKBEFa7RuxpNar4OIp91XnWL5oflChz+TN8fOU4=
Subject key identifier: 72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01964EECD2D391E0CD9CECD836360EC02565
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 19 Apr 2025 16:41:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44307
IP: 91.199.180.0/24
IP: 185.178.36.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4e:ec:d2:d3:91:e0:cd:9c:ec:d8:36:36:0e:c0:25:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 19 16:41:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1d:7d:31:c6:06:c9:ce:05:29:36:49:df:8e:
db:e3:1f:cb:f0:1f:d2:02:47:7e:25:12:2a:a1:ac:
a6:5d:28:2f:22:6f:30:2b:70:67:0b:b8:6a:9d:13:
34:cb:ea:dd:dd:8d:a9:c7:0e:df:2b:fb:40:23:62:
39:67:77:0c:07:98:82:ce:4e:ba:31:2f:49:47:54:
48:47:59:bd:40:2f:42:ee:d6:32:f3:d9:d6:9b:c9:
aa:05:12:c8:bd:8a:5e:bd:4a:27:2a:d4:78:2d:de:
37:56:bd:f1:0e:f1:ed:bf:77:a1:44:cb:4d:e5:f6:
35:de:b9:ed:d7:57:e9:37:f0:a0:9c:c2:87:1a:18:
20:f5:2d:06:8f:c1:f6:0d:69:f1:6b:f9:cc:33:87:
f5:04:d5:dc:b3:b2:c2:b8:bd:b4:4c:11:cc:ea:95:
79:60:4d:c3:e0:ff:08:b1:52:6e:25:4b:54:5b:16:
38:69:da:03:61:8b:6c:ae:fd:8f:4f:27:cd:c3:dc:
b3:be:6b:18:62:8d:03:c3:dc:af:6e:72:17:cc:cd:
f7:94:4e:71:47:7e:32:2f:13:8a:6f:07:75:66:a7:
15:2f:97:09:73:75:2e:60:eb:27:30:27:97:54:4a:
ff:ca:9f:cd:36:d6:6d:61:c8:b3:d6:40:24:3c:20:
cd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.180.0/24
185.178.36.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44307
Signature Algorithm: sha256WithRSAEncryption
a2:f9:bf:0d:c1:38:7d:7b:b3:34:7c:99:34:97:22:1f:97:50:
1b:b4:05:97:1e:4b:55:dd:5b:4c:99:a6:54:95:8c:9b:c9:56:
06:a7:18:97:7d:8e:78:fb:4c:ea:b0:4e:97:32:b8:07:bc:49:
e1:b4:91:ac:32:ef:85:64:11:3b:ef:95:1d:88:d1:5f:bc:45:
1d:9b:f2:10:63:df:1a:dc:b6:c5:a3:25:c1:6c:7a:28:10:d4:
9d:7a:8c:c2:d1:03:07:3e:92:af:9a:25:a2:5d:71:51:58:ad:
47:d7:a9:fd:a2:76:8d:71:a1:7c:04:66:29:4e:dd:96:af:2e:
b7:9d:f4:09:3d:00:96:0f:5a:9a:a9:bc:30:2d:ae:9b:96:3a:
9a:a0:63:9a:8e:a9:34:65:d0:ca:d7:ea:33:bd:0b:94:aa:97:
8b:37:3b:d2:8b:32:19:39:2d:5f:5b:44:bd:95:60:fd:21:5f:
42:21:92:09:ff:20:f2:43:61:43:97:2a:7e:fc:b6:21:d9:89:
69:16:2d:92:2a:4d:7e:e1:e6:cc:f0:ed:dd:a3:e1:96:3f:b1:
81:8f:90:55:b9:cb:bd:53:0d:25:93:a6:c9:5c:b8:ee:36:98:
2e:dc:ab:e7:8e:2e:b3:61:fc:08:6e:5f:98:d0:b8:27:0b:22:
8e:0e:be:fc
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZZO7NLTkeDNnOzYNjYOwCVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDE5MTY0MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJkMjllNmE4YTVlNWNhNjJkZWI3M2VhZmYzYWIxM2RlNTUwNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx19McYGyc4FKTZJ347b4x/L8B/S
Akd+JRIqoaymXSgvIm8wK3BnC7hqnRM0y+rd3Y2pxw7fK/tAI2I5Z3cMB5iCzk66
MS9JR1RIR1m9QC9C7tYy89nWm8mqBRLIvYpevUonKtR4Ld43Vr3xDvHtv3ehRMtN
5fY13rnt11fpN/CgnMKHGhgg9S0Gj8H2DWnxa/nMM4f1BNXcs7LCuL20TBHM6pV5
YE3D4P8IsVJuJUtUWxY4adoDYYtsrv2PTyfNw9yzvmsYYo0Dw9yvbnIXzM33lE5x
R34yLxOKbwd1ZqcVL5cJc3UuYOsnMCeXVEr/yp/NNtZtYciz1kAkPCDN1wIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFHItKeaopeXKYt63Pq/zqxPeVQatMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwLzEwNmUw
Zi1hZDgwLTQ3YzMtYmQ0Zi01NTQ3OTAwYjhkNTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvMTA2ZTBm
LWFkODAtNDdjMy1iZDRmLTU1NDc5MDBiOGQ1OS8xL2NpMHA1cWlsNWNwaTNyYy1y
X09yRTk1VkJxMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW8e0AwQCubIkMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCtEzANBgkqhkiG9w0BAQsFAAOCAQEAovm/DcE4fXuzNHyZNJciH5dQ
G7QFlx5LVd1bTJmmVJWMm8lWBqcYl32OePtM6rBOlzK4B7xJ4bSRrDLvhWQRO++V
HYjRX7xFHZvyEGPfGty2xaMlwWx6KBDUnXqMwtEDBz6Sr5olol1xUVitR9ep/aJ2
jXGhfARmKU7dlq8ut530CT0Alg9amqm8MC2um5Y6mqBjmo6pNGXQytfqM70LlKqX
izc70osyGTktX1tEvZVg/SFfQiGSCf8g8kNhQ5cqfvy2IdmJaRYtkipNfuHmzPDt
3aPhlj+xgY+QVbnLvVMNJZOmyVy47jaYLtyr544us2H8CG5fmNC4Jwsijg6+/A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:10:21 2025 by rpki-client