Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5NU8R_Id1mUrZ_70lclP39FSjOs.cer
File: 5NU8R_Id1mUrZ_70lclP39FSjOs.cer (raw, json)
Hash identifier: GyUnbNHfedmr3KU5BMEMhBl15RK9kI6tdfupWm7BAYQ=
Subject key identifier: E4:D5:3C:47:F2:1D:D6:65:2B:67:FE:F4:95:C9:4F:DF:D1:52:8C:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0198F5CD1FB05E3C7D841A9AD491FBCA5C89
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/5NU8R_Id1mUrZ_70lclP39FSjOs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 29 Aug 2025 12:28:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35662
AS: 39451
AS: 47264
IP: 5.152.192.0/19
IP: 5.159.224.0/21
IP: 31.3.224.0/19
IP: 37.128.184.0/21
IP: 37.157.240.0/21
IP: 37.220.0.0/19
IP: 46.20.224.0/20
IP: 77.240.0.0/20
IP: 77.245.64.0/20
IP: 79.143.80.0/22
IP: 80.84.48.0/20
IP: 80.243.176.0/20
IP: 81.94.192.0/20
IP: 82.102.8.0/21
IP: 87.237.56.0/21
IP: 88.150.128.0/17
IP: 91.234.184.0/23
IP: 92.63.128.0/20
IP: 93.191.32.0/21
IP: 109.73.64.0/20
IP: 109.200.0.0/19
IP: 149.3.128.0/20
IP: 176.123.50.0/24
IP: 176.227.192.0/19
IP: 178.248.104.0/21
IP: 178.250.48.0/21
IP: 185.5.0.0/22
IP: 185.20.96.0/22
IP: 185.25.240.0/22
IP: 185.66.112.0/22
IP: 185.162.108.0/22
IP: 185.249.120.0/22
IP: 188.65.176.0/21
IP: 188.227.160.0/19
IP: 2a02:400::/32
IP: 2a02:2658::/32
IP: 2a03:b200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:cd:1f:b0:5e:3c:7d:84:1a:9a:d4:91:fb:ca:5c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 29 12:28:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4d53c47f21dd6652b67fef495c94fdfd1528ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:5a:fd:f5:c4:0c:68:df:37:31:c2:0a:70:92:
0d:c8:10:33:df:6f:04:30:00:3f:de:ce:71:5c:ac:
c7:87:ff:52:59:53:0c:e5:d7:53:68:46:7a:53:25:
d0:0b:00:a7:2e:b9:f2:19:07:10:bf:4b:cc:f8:75:
d6:aa:ef:b5:4c:a9:c3:4e:cd:24:39:43:79:9b:50:
54:5b:73:67:b6:9f:ed:8a:7b:7d:1d:a3:f8:54:11:
74:d4:6d:14:0a:85:3b:63:88:07:55:04:5b:91:63:
9f:87:c3:96:15:15:e4:eb:37:68:78:d4:0a:82:8a:
77:21:40:8d:62:71:68:12:57:71:fd:c7:b2:03:04:
97:d4:88:36:91:dd:45:4f:0a:85:dc:32:dc:33:d1:
d2:12:df:61:ec:75:98:ae:86:c4:d3:3c:33:bd:46:
26:bc:47:a5:5e:73:ac:58:ae:15:65:06:2a:1d:58:
7b:2a:76:33:00:49:15:16:e2:c5:89:c9:ae:3f:29:
c7:73:36:46:d8:1a:b2:31:80:cb:06:0a:ba:42:de:
dc:11:57:ea:66:58:10:22:b6:03:ab:8f:3a:5d:87:
4f:27:17:2a:5f:59:b7:0c:0b:d1:ee:14:09:c9:06:
47:ed:38:26:be:15:14:db:5e:dd:dd:be:e5:bd:54:
24:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D5:3C:47:F2:1D:D6:65:2B:67:FE:F4:95:C9:4F:DF:D1:52:8C:EB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/5NU8R_Id1mUrZ_70lclP39FSjOs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.192.0/19
5.159.224.0/21
31.3.224.0/19
37.128.184.0/21
37.157.240.0/21
37.220.0.0/19
46.20.224.0/20
77.240.0.0/20
77.245.64.0/20
79.143.80.0/22
80.84.48.0/20
80.243.176.0/20
81.94.192.0/20
82.102.8.0/21
87.237.56.0/21
88.150.128.0/17
91.234.184.0/23
92.63.128.0/20
93.191.32.0/21
109.73.64.0/20
109.200.0.0/19
149.3.128.0/20
176.123.50.0/24
176.227.192.0/19
178.248.104.0/21
178.250.48.0/21
185.5.0.0/22
185.20.96.0/22
185.25.240.0/22
185.66.112.0/22
185.162.108.0/22
185.249.120.0/22
188.65.176.0/21
188.227.160.0/19
IPv6:
2a02:400::/32
2a02:2658::/32
2a03:b200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35662
39451
47264
Signature Algorithm: sha256WithRSAEncryption
74:7b:57:bf:3f:02:ee:3b:d9:d4:c0:b8:79:2a:fb:d5:21:52:
a1:a7:1d:c3:25:82:40:d4:b5:d3:2c:1b:0d:2a:be:5b:bb:e0:
16:41:2e:a8:5d:57:8a:ad:50:b3:78:70:9e:2c:86:12:c7:fd:
13:df:ce:2a:5f:0d:d2:b8:82:a6:d2:98:5d:e9:32:c3:2e:c5:
2c:49:9a:da:f5:95:97:98:2f:25:0e:90:3b:45:6d:ef:b0:ee:
f0:18:2e:15:51:89:99:43:62:89:97:ce:a4:da:56:30:b8:69:
6a:ef:e9:ed:fa:e5:46:92:77:15:86:9a:ac:d6:2e:08:20:f3:
3f:ab:9d:b4:fe:31:de:b1:e0:74:05:b0:1e:c4:18:9a:a3:c4:
30:ea:af:9a:97:ac:15:80:89:f0:0e:e3:89:15:fe:76:51:8d:
cc:44:84:ac:75:ec:40:bd:9d:46:ff:1f:bc:21:ec:53:f8:d6:
94:19:69:79:f8:74:a8:71:33:5b:d5:19:17:2e:3f:c2:b1:75:
c5:85:75:df:37:5c:a1:15:12:c9:27:91:c5:43:d1:cb:cc:00:
e0:55:e9:8a:2b:14:af:ee:f1:4d:a0:05:d8:84:d9:92:27:8f:
1c:28:ad:4e:4a:a7:9f:ef:71:25:40:5e:3d:11:47:4c:5c:de:
72:aa:65:25
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgISAZj1zR+wXjx9hBqa1JH7ylyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODI5MTIyODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQ1M2M0N2YyMWRkNjY1MmI2N2ZlZjQ5NWM5NGZkZmQxNTI4Y2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Vr99cQMaN83McIKcJINyBAz328E
MAA/3s5xXKzHh/9SWVMM5ddTaEZ6UyXQCwCnLrnyGQcQv0vM+HXWqu+1TKnDTs0k
OUN5m1BUW3Nntp/tint9HaP4VBF01G0UCoU7Y4gHVQRbkWOfh8OWFRXk6zdoeNQK
gop3IUCNYnFoEldx/ceyAwSX1Ig2kd1FTwqF3DLcM9HSEt9h7HWYrobE0zwzvUYm
vEelXnOsWK4VZQYqHVh7KnYzAEkVFuLFicmuPynHczZG2BqyMYDLBgq6Qt7cEVfq
ZlgQIrYDq486XYdPJxcqX1m3DAvR7hQJyQZH7TgmvhUU217d3b7lvVQkcQIDAQAB
o4IDkzCCA48wHQYDVR0OBBYEFOTVPEfyHdZlK2f+9JXJT9/RUozrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzL2Q2NmFm
My0yOGI1LTQyZWItYWQwMS05NWQ1M2I1MzE1NDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvZDY2YWYz
LTI4YjUtNDJlYi1hZDAxLTk1ZDUzYjUzMTU0NS8xLzVOVThSX0lkMW1VclpfNzBs
Y2xQMzlGU2pPcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBgYIKwYB
BQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwQFBZjAAwQDBZ/gAwQFHwPgAwQDJYC4
AwQDJZ3wAwQFJdwAAwQELhTgAwQETfAAAwQETfVAAwQCT49QAwQEUFQwAwQEUPOw
AwQEUV7AAwQDUmYIAwQDV+04AwQHWJaAAwQBW+q4AwQEXD+AAwQDXb8gAwQEbUlA
AwQFbcgAAwQElQOAAwQAsHsyAwQFsOPAAwQDsvhoAwQDsvowAwQCuQUAAwQCuRRg
AwQCuRnwAwQCuUJwAwQCuaJsAwQCufl4AwQDvEGwAwQFvOOgMBsEAgACMBUDBQAq
AgQAAwUAKgImWAMFAyoDsgAwJAYIKwYBBQUHAQgBAf8EFTAToBEwDwIDAItOAgMA
mhsCAwC4oDANBgkqhkiG9w0BAQsFAAOCAQEAdHtXvz8C7jvZ1MC4eSr71SFSoacd
wyWCQNS10ywbDSq+W7vgFkEuqF1Xiq1Qs3hwniyGEsf9E9/OKl8N0riCptKYXeky
wy7FLEma2vWVl5gvJQ6QO0Vt77Du8BguFVGJmUNiiZfOpNpWMLhpau/p7frlRpJ3
FYaarNYuCCDzP6udtP4x3rHgdAWwHsQYmqPEMOqvmpesFYCJ8A7jiRX+dlGNzESE
rHXsQL2dRv8fvCHsU/jWlBlpefh0qHEzW9UZFy4/wrF1xYV13zdcoRUSySeRxUPR
y8wA4FXpiisUr+7xTaAF2ITZkiePHCitTkqnn+9xJUBePRFHTFzecqplJQ==
-----END CERTIFICATE-----
Generated at Fri Sep 5 04:35:50 2025 by rpki-client