Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
File: SIxl3DWbWMprpdPa64dPBYaE6MY.cer (raw, json)
Hash identifier: R6bOPIHgxhi//Yt4gEKFdtZH4sNvbVVwmGD4sK4zpDY=
Subject key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0197F3A5251D944B6301DFE7E5AC4A145AF2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 10 Jul 2025 09:22:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29290
AS: 35744
AS: 48635
AS: 200549
AS: 200746
AS: 200837
AS: 202861
AS: 205631
IP: 2.57.56.0/22
IP: 5.157.80.0/21
IP: 31.25.96.0/21
IP: 31.186.168.0/21
IP: 46.17.0.0/21
IP: 62.84.240.0/21
IP: 62.221.248.0/21
IP: 77.94.248.0/21
IP: 79.99.128.0/21
IP: 91.198.106.0/24
IP: 91.203.76.0/22
IP: 91.238.176.0/23
IP: 92.63.168.0/21
IP: 93.180.64.0/21
IP: 93.187.220.0/22
IP: 109.70.0.0/21
IP: 109.72.80.0/20
IP: 109.106.160.0/19
IP: 128.140.216.0/21
IP: 145.131.0.0 -- 145.131.47.255
IP: 176.117.58.0/23
IP: 185.27.140.0/22
IP: 185.27.172.0/22
IP: 185.28.56.0/22
IP: 185.37.68.0/22
IP: 185.56.144.0/22
IP: 185.66.248.0/22
IP: 185.87.184.0/22
IP: 185.89.4.0/22
IP: 185.94.228.0/22
IP: 185.95.28.0/22
IP: 185.103.156.0/22
IP: 185.103.240.0/22
IP: 185.107.212.0/22
IP: 185.107.224.0/22
IP: 185.109.216.0 -- 185.109.227.255
IP: 185.159.240.0/22
IP: 185.175.200.0/22
IP: 185.182.56.0/22
IP: 185.187.12.0/22
IP: 185.223.32.0/22
IP: 185.224.88.0/22
IP: 185.231.200.0/22
IP: 185.232.248.0/22
IP: 185.233.28.0/22
IP: 193.23.143.0/24
IP: 193.164.192.0/23
IP: 194.247.30.0/23
IP: 195.8.208.0/23
IP: 195.20.8.0/22
IP: 195.39.204.0/23
IP: 195.39.214.0/23
IP: 195.238.74.0/23
IP: 2001:678:76c::/48
IP: 2001:67c:28fc::/48
IP: 2a00:f10::/29
IP: 2a00:f60::/32
IP: 2a00:9b60::/32
IP: 2a01:b940::/29
IP: 2a02:2968::/29
IP: 2a02:40c0::/29
IP: 2a03:3060::/29
IP: 2a04:6bc0::/29
IP: 2a04:76c0::/29
IP: 2a05:1500::/29
IP: 2a06:4040::/29
IP: 2a0b:7280::/29
IP: 2a0b:8f80::/29
IP: 2a0c:84c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:a5:25:1d:94:4b:63:01:df:e7:e5:ac:4a:14:5a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 10 09:22:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fc:db:e3:ad:49:4e:e1:01:b7:a3:75:51:50:
61:18:ac:ff:8e:00:09:07:de:f4:b2:27:99:0e:f9:
96:3d:c0:e9:5c:c9:9a:c9:c6:86:2c:67:f3:28:09:
44:3f:1c:b7:f7:13:4e:87:72:34:4c:56:75:9a:c2:
14:23:d1:cf:f9:4f:6c:90:fb:37:0e:00:42:dd:53:
7d:ea:e4:c6:1e:27:02:05:da:7b:17:7a:80:7a:11:
78:29:04:5e:26:40:b5:1c:fa:8d:4f:14:5c:ac:a1:
aa:fc:4c:58:22:49:3b:61:ef:16:94:c0:4d:36:6a:
79:d7:f9:a1:1a:e0:e4:95:f5:8d:42:89:0b:49:ea:
fb:3c:8c:c2:86:7c:78:07:9a:09:7d:4e:b0:86:0c:
c4:be:8e:a4:50:0f:1f:aa:8e:f7:a5:71:34:0b:f6:
5e:34:08:b9:c5:18:e0:29:97:9b:73:e4:1c:5e:c2:
15:10:d8:15:d3:e4:e2:63:42:3f:b7:26:9e:4f:fc:
69:ad:d5:54:e6:72:c2:15:bf:31:2e:83:c2:d9:af:
15:25:99:5c:14:e2:b7:39:48:25:45:36:cb:38:33:
00:b6:8d:ee:f3:b9:e6:d6:d9:53:8c:6d:a4:97:d1:
4f:25:df:47:0c:63:5c:aa:f7:c5:e9:d9:d7:8c:f2:
af:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/22
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
46.17.0.0/21
62.84.240.0/21
62.221.248.0/21
77.94.248.0/21
79.99.128.0/21
91.198.106.0/24
91.203.76.0/22
91.238.176.0/23
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.70.0.0/21
109.72.80.0/20
109.106.160.0/19
128.140.216.0/21
145.131.0.0-145.131.47.255
176.117.58.0/23
185.27.140.0/22
185.27.172.0/22
185.28.56.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.89.4.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/22
185.109.216.0-185.109.227.255
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.231.200.0/22
185.232.248.0/22
185.233.28.0/22
193.23.143.0/24
193.164.192.0/23
194.247.30.0/23
195.8.208.0/23
195.20.8.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2001:678:76c::/48
2001:67c:28fc::/48
2a00:f10::/29
2a00:f60::/32
2a00:9b60::/32
2a01:b940::/29
2a02:2968::/29
2a02:40c0::/29
2a03:3060::/29
2a04:6bc0::/29
2a04:76c0::/29
2a05:1500::/29
2a06:4040::/29
2a0b:7280::/29
2a0b:8f80::/29
2a0c:84c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29290
35744
48635
200549
200746
200837
202861
205631
Signature Algorithm: sha256WithRSAEncryption
29:da:18:bd:2e:d7:b3:1b:4d:f5:f0:5e:12:30:b9:20:d7:68:
c6:20:ec:bb:e3:55:af:d5:11:e4:1d:e9:a8:9e:41:e1:9c:b1:
3e:22:93:b0:d9:3e:8b:6e:c7:75:2d:d2:d8:52:84:eb:67:62:
60:68:b5:0e:bb:30:26:31:aa:5d:d3:06:ab:78:ec:bc:c5:c4:
26:1f:77:aa:9a:17:bc:63:e6:a6:7d:5a:76:d9:58:f5:c9:3d:
7d:d7:85:15:50:ba:24:73:fe:37:56:00:62:0e:ae:12:7a:80:
bf:64:eb:6f:42:1a:b4:20:53:46:d8:ec:c7:d0:ce:0c:72:e5:
f8:9b:54:24:de:c1:3e:15:34:dd:c8:02:2f:e0:29:5b:c1:d2:
d6:4a:14:dc:48:e4:6f:79:b7:eb:45:2d:66:78:64:92:ef:1c:
af:4b:2d:4a:dc:f3:0b:a3:e7:81:b7:0a:93:fd:8b:39:ae:a3:
0b:08:61:64:8e:c3:69:06:03:20:8a:5e:57:ac:22:44:23:56:
dc:d8:c8:28:48:44:cf:4a:97:de:8c:73:57:70:18:44:87:d9:
2e:58:ee:cb:64:09:b5:03:ea:93:f3:bb:11:7a:37:4d:5f:17:
77:79:c0:4d:d3:8b:44:3e:5d:c8:2b:9c:82:af:0f:46:ee:07:
8d:10:47:e2
-----BEGIN CERTIFICATE-----
MIIHgzCCBmugAwIBAgISAZfzpSUdlEtjAd/n5axKFFryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzEwMDkyMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODhjNjVkYzM1OWI1OGNhNmJhNWQzZGFlYjg3NGYwNTg2ODRlOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvzb461JTuEBt6N1UVBhGKz/jgAJ
B970sieZDvmWPcDpXMmaycaGLGfzKAlEPxy39xNOh3I0TFZ1msIUI9HP+U9skPs3
DgBC3VN96uTGHicCBdp7F3qAehF4KQReJkC1HPqNTxRcrKGq/ExYIkk7Ye8WlMBN
Nmp51/mhGuDklfWNQokLSer7PIzChnx4B5oJfU6whgzEvo6kUA8fqo73pXE0C/Ze
NAi5xRjgKZebc+QcXsIVENgV0+TiY0I/tyaeT/xprdVU5nLCFb8xLoPC2a8VJZlc
FOK3OUglRTbLODMAto3u87nm1tlTjG2kl9FPJd9HDGNcqvfF6dnXjPKvZwIDAQAB
o4IEjzCCBIswHQYDVR0OBBYEFEiMZdw1m1jKa6XT2uuHTwWGhOjGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2M0ODI3
MS1kZWU1LTQ4NDEtYTdkZC1iMGQ3MmU5MTBlZmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvYzQ4Mjcx
LWRlZTUtNDg0MS1hN2RkLWIwZDcyZTkxMGVmZS8xL1NJeGwzRFdiV01wcnBkUGE2
NGRQQllhRTZNWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIB6gYIKwYB
BQUHAQcBAf8EggHZMIIB1TCCAVUEAgABMIIBTQMEAgI5OAMEAwWdUAMEAx8ZYAME
Ax+6qAMEAy4RAAMEAz5U8AMEAz7d+AMEA01e+AMEA09jgAMEAFvGagMEAlvLTAME
AVvusAMEA1w/qAMEA120QAMEAl273AMEA21GAAMEBG1IUAMEBW1qoAMEA4CM2DAL
AwMAkYMDBASRgyADBAGwdToDBAK5G4wDBAK5G6wDBAK5HDgDBAK5JUQDBAK5OJAD
BAK5QvgDBAK5V7gDBAK5WQQDBAK5XuQDBAK5XxwDBAK5Z5wDBAK5Z/ADBAK5a9QD
BAK5a+AwDAMEA7lt2AMEArlt4AMEArmf8AMEArmvyAMEArm2OAMEArm7DAMEArnf
IAMEArngWAMEArnnyAMEArno+AMEArnpHAMEAMEXjwMEAcGkwAMEAcL3HgMEAcMI
0AMEAsMUCAMEAcMnzAMEAcMn1gMEAcPuSjB6BAIAAjB0AwcAIAEGeAdsAwcAIAEG
fCj8AwUDKgAPEAMFACoAD2ADBQAqAJtgAwUDKgG5QAMFAyoCKWgDBQMqAkDAAwUD
KgMwYAMFAyoEa8ADBQMqBHbAAwUDKgUVAAMFAyoGQEADBQMqC3KAAwUDKguPgAMF
AyoMhMAwPAYIKwYBBQUHAQgBAf8ELTAroCkwJwICcmoCAwCLoAIDAL37AgMDD2UC
AwMQKgIDAxCFAgMDGG0CAwMjPzANBgkqhkiG9w0BAQsFAAOCAQEAKdoYvS7XsxtN
9fBeEjC5INdoxiDsu+NVr9UR5B3pqJ5B4ZyxPiKTsNk+i27HdS3S2FKE62diYGi1
DrswJjGqXdMGq3jsvMXEJh93qpoXvGPmpn1adtlY9ck9fdeFFVC6JHP+N1YAYg6u
EnqAv2Trb0IatCBTRtjsx9DODHLl+JtUJN7BPhU03cgCL+ApW8HS1koU3Ejkb3m3
60UtZnhkku8cr0stStzzC6PngbcKk/2LOa6jCwhhZI7DaQYDIIpeV6wiRCNW3NjI
KEhEz0qX3oxzV3AYRIfZLljuy2QJtQPqk/O7EXo3TV8Xd3nATdOLRD5dyCucgq8P
Ru4HjRBH4g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 06:15:13 2025 by rpki-client