Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.cer
File: cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.cer (raw, json)
Hash identifier: n+Nu9HJFDOtG952vEg2I+PbTfFI3kZCq7vpixDADKNU=
Subject key identifier: 71:68:42:DC:43:98:36:63:5A:5C:9E:D6:C0:A4:95:B3:E6:34:4A:03
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01983B5CF6AC5BE587C7F7FF6AB2712EDD2C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 24 Jul 2025 07:36:44 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 61165
IP: 146.19.252.0/24
IP: 176.117.111.0/24
IP: 2a14:5d80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3b:5c:f6:ac:5b:e5:87:c7:f7:ff:6a:b2:71:2e:dd:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 24 07:36:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=716842dc439836635a5c9ed6c0a495b3e6344a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8d:04:fb:fd:14:b5:bb:01:ec:6d:48:1b:7f:
2e:51:76:ef:fb:63:77:b9:39:90:5a:7b:ba:7e:71:
d4:85:b4:66:8a:8d:33:6f:8d:59:8d:36:8c:d0:b2:
3b:dd:30:14:ed:dc:ae:d2:64:b4:39:af:ee:fc:eb:
a4:35:f0:83:00:c5:76:2c:e2:86:72:91:5c:3e:3f:
b3:6c:d6:b8:bf:ef:67:ae:07:a8:6b:d4:27:5e:8c:
cf:40:b9:dd:c3:28:7f:ce:bc:06:b4:eb:6d:45:e1:
42:64:c1:17:3d:45:b8:24:e7:59:01:4e:4f:d0:c9:
47:f6:3b:bf:cb:c6:f0:39:6f:2c:57:bf:ac:e1:29:
42:22:8a:3f:53:eb:16:93:55:1f:1f:f9:3b:e7:a8:
d9:38:37:c6:ae:6f:51:7e:ca:15:09:42:48:ad:69:
d3:9d:60:99:66:a8:d8:ae:60:49:21:73:f5:0d:5d:
28:dd:a3:fa:4e:14:eb:7e:3b:78:21:3b:cc:e8:89:
1a:d6:c3:14:59:26:8e:9e:db:9a:78:83:d1:dd:44:
74:aa:05:16:92:6e:d1:cb:25:9f:fe:83:68:47:bb:
9a:f5:34:cd:c8:38:27:a1:a5:91:d8:1b:89:bc:ff:
67:89:ba:98:b7:20:4a:7f:f2:c9:6a:fb:71:56:99:
ff:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:68:42:DC:43:98:36:63:5A:5C:9E:D6:C0:A4:95:B3:E6:34:4A:03
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
176.117.111.0/24
IPv6:
2a14:5d80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61165
Signature Algorithm: sha256WithRSAEncryption
53:1c:4e:9a:79:3d:15:87:77:f3:3f:b7:aa:d7:5e:c4:65:15:
69:b7:53:c3:88:21:d4:23:7f:2c:34:c6:52:c1:52:32:88:0e:
24:03:b0:3b:0a:c2:36:8e:16:89:55:f1:fa:3e:41:1b:9e:d6:
83:8e:52:dd:f0:5c:a8:6e:64:d5:c6:31:3b:cb:2a:be:b9:de:
e9:b5:b2:9e:7c:db:1a:a3:15:2c:97:89:b7:b1:e3:17:10:8a:
70:5e:08:4f:61:95:db:1a:55:fa:f9:dd:8a:36:82:e5:e6:54:
ef:7e:b3:4d:8a:a9:5f:1b:05:a3:dc:9e:ee:79:75:18:7c:ba:
ce:ce:74:02:16:b7:cd:e3:c0:39:20:fe:37:98:c8:5c:68:77:
17:5d:ba:f5:2d:73:54:54:ad:70:3e:f4:59:3f:07:6f:70:56:
c9:45:9a:38:b1:27:62:ce:c0:9f:fd:6d:29:37:a4:74:df:10:
36:96:c1:d7:fa:8a:8b:83:99:6a:9e:4a:b2:29:d2:76:96:9b:
90:10:6f:18:6e:61:c3:28:8e:85:d1:5d:fa:fa:1f:a1:da:a0:
ef:f0:c8:d0:ba:f0:12:f3:19:70:6c:d6:7b:cf:f0:90:3a:7f:
d2:9a:db:f8:8b:6b:75:20:0f:2b:4f:db:13:ed:5e:c6:5d:b5:
13:0f:23:6f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZg7XPasW+WHx/f/arJxLt0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzI0MDczNjQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTY4NDJkYzQzOTgzNjYzNWE1YzllZDZjMGE0OTViM2U2MzQ0YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo0E+/0UtbsB7G1IG38uUXbv+2N3
uTmQWnu6fnHUhbRmio0zb41ZjTaM0LI73TAU7dyu0mS0Oa/u/OukNfCDAMV2LOKG
cpFcPj+zbNa4v+9nrgeoa9QnXozPQLndwyh/zrwGtOttReFCZMEXPUW4JOdZAU5P
0MlH9ju/y8bwOW8sV7+s4SlCIoo/U+sWk1UfH/k756jZODfGrm9RfsoVCUJIrWnT
nWCZZqjYrmBJIXP1DV0o3aP6ThTrfjt4ITvM6Ika1sMUWSaOntuaeIPR3UR0qgUW
km7RyyWf/oNoR7ua9TTNyDgnoaWR2BuJvP9nibqYtyBKf/LJavtxVpn/XQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFHFoQtxDmDZjWlye1sCklbPmNEoDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2L2Y4NjAw
Ny1hOTY0LTRkMWYtODM1ZC03MDYwMjc1NmNjOGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvZjg2MDA3
LWE5NjQtNGQxZi04MzVkLTcwNjAyNzU2Y2M4ZC8xL2NXaEMzRU9ZTm1OYVhKN1d3
S1NWcy1ZMFNnTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAkhP8AwQAsHVvMA0EAgACMAcDBQMqFF2AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDu7TANBgkqhkiG9w0BAQsFAAOCAQEAUxxO
mnk9FYd38z+3qtdexGUVabdTw4gh1CN/LDTGUsFSMogOJAOwOwrCNo4WiVXx+j5B
G57Wg45S3fBcqG5k1cYxO8sqvrne6bWynnzbGqMVLJeJt7HjFxCKcF4IT2GV2xpV
+vndijaC5eZU736zTYqpXxsFo9ye7nl1GHy6zs50Aha3zePAOSD+N5jIXGh3F126
9S1zVFStcD70WT8Hb3BWyUWaOLEnYs7An/1tKTekdN8QNpbB1/qKi4OZap5KsinS
dpabkBBvGG5hwyiOhdFd+vofodqg7/DI0LrwEvMZcGzWe8/wkDp/0prb+ItrdSAP
K0/bE+1exl21Ew8jbw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:28:53 2025 by rpki-client