Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
File: Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer (raw, json)
Hash identifier: N4l4yRkt/jk4/7fqpu3nyA/Ztehdq8fSYfQ0Abrh/9E=
Subject key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0197E9D3EF924756D148731789ED58CB0CDC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 08 Jul 2025 11:37:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 5384
AS: 8959 -- 8961
AS: 8966
AS: 59981 -- 59983
IP: 2.48.0.0/14
IP: 5.38.0.0/17
IP: 5.107.0.0/16
IP: 5.192.0.0 -- 5.194.251.255
IP: 5.195.0.0/16
IP: 31.215.0.0/16
IP: 31.218.0.0/15
IP: 37.245.0.0/16
IP: 83.110.0.0/15
IP: 86.96.0.0/14
IP: 92.96.0.0/14
IP: 94.56.0.0/14
IP: 109.177.0.0/16
IP: 151.253.0.0/16
IP: 176.204.0.0/15
IP: 185.1.15.0/24
IP: 185.3.152.0/22
IP: 193.34.203.128/26
IP: 194.170.0.0/16
IP: 195.229.0.0/16
IP: 213.42.0.0 -- 213.42.47.255
IP: 213.42.57.0 -- 213.42.83.255
IP: 213.42.88.0 -- 213.42.255.255
IP: 217.164.0.0/15
IP: 2001:7f8:7a::/48
IP: 2001:7f8:96::/48
IP: 2001:8f8::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:d3:ef:92:47:56:d1:48:73:17:89:ed:58:cb:0c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 8 11:37:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0a:29:37:dc:0e:25:ce:2d:89:ca:4a:a0:68:
9d:c5:ff:dc:db:7f:76:19:c7:be:7c:eb:8f:02:c1:
ce:8f:05:56:c6:24:df:d4:85:86:f0:0d:eb:d8:21:
4a:46:27:ef:5e:e6:fa:5f:08:36:22:c1:a6:c0:b4:
28:65:e7:cf:81:5a:59:3f:58:9b:eb:65:79:01:fa:
6e:c2:96:45:72:6a:af:d1:97:75:bd:50:71:f6:f3:
1e:19:d5:0f:69:6d:28:59:6e:1a:7e:16:e2:6b:9c:
e7:cd:aa:4a:15:49:5a:93:f5:fd:a0:d7:d2:91:5a:
d9:ac:d3:c4:98:f1:dc:4c:86:e1:77:c5:39:20:24:
d2:6c:0c:99:ab:c1:12:e3:76:bb:ac:ba:86:6c:78:
fd:8a:96:73:d2:85:65:29:dd:06:7c:63:62:99:13:
6c:51:5f:1a:93:69:be:95:2a:33:f4:fc:93:d7:b9:
ad:36:2b:95:12:72:e4:41:4e:64:35:40:20:a1:2d:
33:51:11:e8:b1:30:a0:f5:95:71:36:1d:75:e9:be:
e5:45:df:27:97:eb:85:3e:0d:c1:59:d0:4b:93:e4:
8d:d1:23:53:4b:31:87:fd:9d:6a:9a:bf:84:b6:27:
88:9b:55:5a:7c:42:57:0d:4b:5d:e0:53:ec:20:2b:
65:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.48.0.0/14
5.38.0.0/17
5.107.0.0/16
5.192.0.0-5.194.251.255
5.195.0.0/16
31.215.0.0/16
31.218.0.0/15
37.245.0.0/16
83.110.0.0/15
86.96.0.0/14
92.96.0.0/14
94.56.0.0/14
109.177.0.0/16
151.253.0.0/16
176.204.0.0/15
185.1.15.0/24
185.3.152.0/22
193.34.203.128/26
194.170.0.0/16
195.229.0.0/16
213.42.0.0-213.42.47.255
213.42.57.0-213.42.83.255
213.42.88.0-213.42.255.255
217.164.0.0/15
IPv6:
2001:7f8:7a::/48
2001:7f8:96::/48
2001:8f8::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5384
8959-8961
8966
59981-59983
Signature Algorithm: sha256WithRSAEncryption
0e:eb:02:33:6a:7a:cd:00:50:a7:d1:b7:4a:5b:c6:31:52:a7:
dd:e1:31:27:40:f9:14:bd:15:12:f3:e3:13:98:33:2d:c4:0b:
5d:03:37:03:d7:77:c5:45:99:d8:64:11:07:55:1f:46:9b:7f:
3c:96:8e:7d:19:55:09:2e:6b:4e:71:27:33:82:80:00:f3:c0:
67:db:46:b8:71:2b:db:6c:c1:da:f4:2d:15:02:db:b0:9d:62:
a9:87:51:34:de:03:ee:d8:4c:35:c2:90:2c:64:aa:58:b7:6e:
f1:b9:3c:5b:1e:ee:d2:7a:c4:d9:77:85:8d:82:37:f2:59:76:
37:6c:93:39:ec:86:2c:68:e8:27:14:cf:cc:5e:68:a5:6a:df:
0b:2a:6d:13:96:2c:3d:e7:63:e8:f4:59:35:22:b2:cc:48:d8:
0c:3b:4a:0f:9c:47:de:0d:82:00:2d:4f:95:a9:6b:28:fd:6e:
8d:eb:67:e6:03:f7:a0:6d:a5:5b:e7:75:39:14:ff:f8:0b:68:
ec:90:ea:dd:51:7e:57:3e:d7:03:95:28:02:26:0e:af:db:92:
30:4f:ef:78:7d:c0:a8:45:6f:5e:89:ae:20:b2:bd:0f:fb:d5:
b5:d9:e3:24:cb:37:48:5c:ff:ab:83:7c:c8:16:92:c5:df:c9:
44:3d:95:ae
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAZfp0++SR1bRSHMXie1YywzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzA4MTEzNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWVlNWYxNmZjMTQ0YWNiOTg5Nzc0NDlmYWEwYWI3N2RlMWJkY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwopN9wOJc4ticpKoGidxf/c2392
Gce+fOuPAsHOjwVWxiTf1IWG8A3r2CFKRifvXub6Xwg2IsGmwLQoZefPgVpZP1ib
62V5AfpuwpZFcmqv0Zd1vVBx9vMeGdUPaW0oWW4afhbia5znzapKFUlak/X9oNfS
kVrZrNPEmPHcTIbhd8U5ICTSbAyZq8ES43a7rLqGbHj9ipZz0oVlKd0GfGNimRNs
UV8ak2m+lSoz9PyT17mtNiuVEnLkQU5kNUAgoS0zURHosTCg9ZVxNh116b7lRd8n
l+uFPg3BWdBLk+SN0SNTSzGH/Z1qmr+EtieIm1VafEJXDUtd4FPsICtl0wIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFBnuXxb8FErLmJd0Sfqgq3feG9zJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzc0MjM3
MC1lMTBmLTQ1NDEtYWE2Yy02MWFmYjY2ZDFlOGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvNzQyMzcw
LWUxMGYtNDU0MS1hYTZjLTYxYWZiNjZkMWU4Yy8xL0dlNWZGdndVU3N1WWwzUkot
cUNyZDk0YjNNay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHcBggrBgEF
BQcBBwEB/wSBzDCByTCBpQQCAAEwgZ4DAwICMAMEBwUmAAMDAAVrMAsDAwYFwAME
AgXC+AMDAAXDAwMAH9cDAwEf2gMDACX1AwMBU24DAwJWYAMDAlxgAwMCXjgDAwBt
sQMDAJf9AwMBsMwDBAC5AQ8DBAK5A5gDBQbBIsuAAwMAwqoDAwDD5TALAwMB1SoD
BATVKiAwDAMEANUqOQMEAtUqUDALAwQD1SpYAwMA1SoDAwHZpDAfBAIAAjAZAwcA
IAEH+AB6AwcAIAEH+ACWAwUDIAEI+DAzBggrBgEFBQcBCAEB/wQkMCKgIDAeAgIV
CDAIAgIi/wICIwECAiMGMAoCAwDqTQIDAOpPMA0GCSqGSIb3DQEBCwUAA4IBAQAO
6wIzanrNAFCn0bdKW8YxUqfd4TEnQPkUvRUS8+MTmDMtxAtdAzcD13fFRZnYZBEH
VR9Gm388lo59GVUJLmtOcSczgoAA88Bn20a4cSvbbMHa9C0VAtuwnWKph1E03gPu
2Ew1wpAsZKpYt27xuTxbHu7SesTZd4WNgjfyWXY3bJM57IYsaOgnFM/MXmilat8L
Km0Tliw952Po9Fk1IrLMSNgMO0oPnEfeDYIALU+VqWso/W6N62fmA/egbaVb53U5
FP/4C2jskOrdUX5XPtcDlSgCJg6v25IwT+94fcCoRW9eia4gsr0P+9W12eMkyzdI
XP+rg3zIFpLF38lEPZWu
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:51:10 2025 by rpki-client