Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer
File: pYQcxzKsc43B4_5nwS5RBL74Y7o.cer (raw, json)
Hash identifier: oTPf2c8z1gJUutZfR76sIU8WGVw/TZIbQseGVZeqMaU=
Subject key identifier: A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0198507216CEF4157A831AA0FFAA8A3333E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 28 Jul 2025 09:51:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206880
IP: 109.104.113.0/24
IP: 193.164.147.0/24
IP: 2a12:6ac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:72:16:ce:f4:15:7a:83:1a:a0:ff:aa:8a:33:33:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 28 09:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f1:d9:c3:3d:53:4f:d3:b7:43:1a:9f:e2:c1:
a2:2d:7c:a9:ab:6b:6b:30:f1:db:39:16:51:be:ba:
91:c0:53:af:0e:78:a9:c6:e1:fb:99:f7:e2:80:f7:
f8:a3:e3:a1:ac:8d:47:dd:64:2e:4d:51:55:dc:bc:
d9:6b:e3:6b:7d:f2:eb:67:56:76:4b:e3:d9:89:1f:
fb:3b:94:21:dc:0c:f3:b7:ff:bb:f3:41:72:78:e0:
b7:ba:a4:8a:4a:15:cd:6f:88:4e:13:39:b3:8f:17:
65:49:7d:f8:33:4c:52:a7:77:cb:d4:dd:61:0c:ac:
a5:6e:67:fe:9f:bd:62:07:7f:84:2d:e9:45:61:97:
09:fd:5b:b4:2c:ea:0f:d7:90:59:46:c5:ca:da:9b:
58:02:ef:04:f8:84:04:98:28:2b:bc:e7:c6:7b:14:
65:ba:4d:9a:46:ef:f4:fd:1d:33:d3:32:d9:8b:f4:
cf:b5:a3:cc:9f:ed:94:42:61:52:e6:da:a1:39:d3:
e8:00:60:f3:d5:15:ff:db:5f:80:99:d0:03:b9:06:
8c:01:4a:39:7b:0f:5f:3c:96:01:ff:3e:59:41:e0:
16:d4:8f:b3:f6:a6:ed:94:6a:44:2e:62:b5:93:90:
57:da:45:3c:f6:a9:ac:c3:9a:14:cc:da:5b:11:df:
ba:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.113.0/24
193.164.147.0/24
IPv6:
2a12:6ac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206880
Signature Algorithm: sha256WithRSAEncryption
19:32:78:61:03:1e:e0:52:27:2e:cc:34:41:f3:d7:c5:e6:32:
f1:bd:81:19:7b:33:6e:e3:12:d4:cd:3a:26:b4:44:55:a0:a7:
1e:5a:73:68:52:da:1f:e0:a8:36:db:f9:1f:3c:ea:74:d4:a8:
a9:42:f9:25:0f:af:4f:ef:37:db:5b:b6:12:76:1c:c8:8a:33:
99:42:2a:09:32:03:ee:6f:34:82:8e:23:ae:e7:dd:cf:b8:0d:
da:1f:c1:bc:5a:0c:00:52:d9:b1:01:96:cf:00:e8:56:35:4d:
a4:38:ce:4d:24:68:e3:fe:00:f5:03:67:24:b1:3e:28:7e:5f:
a6:29:6e:b1:94:e4:cb:2c:19:91:23:08:4a:be:00:c4:b0:c9:
bc:d9:82:fe:83:b5:4a:59:27:cd:3b:a2:30:56:09:db:6d:91:
5e:bb:64:45:a1:42:e1:9a:92:64:de:c8:3b:6d:1e:7e:26:4b:
07:0b:a3:24:ff:42:09:12:02:56:53:13:ba:c3:9d:2c:d3:e8:
e5:14:e5:ae:4f:5f:82:ee:08:13:21:02:d1:b3:27:e0:ce:25:
79:92:d0:e1:65:0c:14:df:d7:ba:20:4f:d2:14:15:85:b1:53:
23:82:74:f9:48:28:01:9b:f2:43:60:58:53:b6:a3:13:1f:02:
d3:ab:19:38
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZhQchbO9BV6gxqg/6qKMzPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzI4MDk1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg0MWNjNzMyYWM3MzhkYzFlM2ZlNjdjMTJlNTEwNGJlZjg2M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPHZwz1TT9O3Qxqf4sGiLXypq2tr
MPHbORZRvrqRwFOvDnipxuH7mffigPf4o+OhrI1H3WQuTVFV3LzZa+NrffLrZ1Z2
S+PZiR/7O5Qh3Azzt/+780FyeOC3uqSKShXNb4hOEzmzjxdlSX34M0xSp3fL1N1h
DKylbmf+n71iB3+ELelFYZcJ/Vu0LOoP15BZRsXK2ptYAu8E+IQEmCgrvOfGexRl
uk2aRu/0/R0z0zLZi/TPtaPMn+2UQmFS5tqhOdPoAGDz1RX/21+AmdADuQaMAUo5
ew9fPJYB/z5ZQeAW1I+z9qbtlGpELmK1k5BX2kU89qmsw5oUzNpbEd+6awIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFKWEHMcyrHONweP+Z8EuUQS++GO6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJiLzE0MWEy
YS0xOTRiLTQwMmItOTJkZC02NjY2MGIyMjJmYjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvMTQxYTJh
LTE5NGItNDAyYi05MmRkLTY2NjYwYjIyMmZiMC8xL3BZUWN4ektzYzQzQjRfNW53
UzVSQkw3NFk3by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAbWhxAwQAwaSTMA0EAgACMAcDBQMqEmrAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMoIDANBgkqhkiG9w0BAQsFAAOCAQEAGTJ4
YQMe4FInLsw0QfPXxeYy8b2BGXszbuMS1M06JrREVaCnHlpzaFLaH+CoNtv5Hzzq
dNSoqUL5JQ+vT+8321u2EnYcyIozmUIqCTID7m80go4jrufdz7gN2h/BvFoMAFLZ
sQGWzwDoVjVNpDjOTSRo4/4A9QNnJLE+KH5fpilusZTkyywZkSMISr4AxLDJvNmC
/oO1SlknzTuiMFYJ222RXrtkRaFC4ZqSZN7IO20efiZLBwujJP9CCRICVlMTusOd
LNPo5RTlrk9fgu4IEyEC0bMn4M4leZLQ4WUMFN/XuiBP0hQVhbFTI4J0+UgoAZvy
Q2BYU7ajEx8C06sZOA==
-----END CERTIFICATE-----
Generated at Tue Jul 29 14:52:49 2025 by rpki-client