Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.cer
File: 8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.cer (raw, json)
Hash identifier: M+orvHWC9sV3vLP62HtTJwIb8m3hX2k6pqh2AmgMZwY=
Subject key identifier: F2:A9:59:DC:16:71:5C:8A:54:C8:09:42:67:B8:E4:91:FE:32:1D:2C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196D8A56421CACA77421AB2039B1A024716
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 16 May 2025 10:30:39 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197615
IP: 91.223.167.0/24
IP: 91.224.180.0/23
IP: 91.230.88.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:a5:64:21:ca:ca:77:42:1a:b2:03:9b:1a:02:47:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 16 10:30:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2a959dc16715c8a54c8094267b8e491fe321d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ca:b5:f4:f1:52:68:c9:a9:e8:56:7c:56:8e:
a7:f1:f9:4e:28:56:4a:ee:9b:aa:f0:ff:8b:42:54:
f7:6c:a8:83:5b:71:f7:56:a2:60:5f:12:22:20:fb:
68:5b:a8:89:f8:9b:5b:56:a1:bd:f2:89:90:ab:55:
34:b4:3c:a8:36:44:4d:50:f5:7f:d5:01:1e:f9:86:
cb:75:08:11:38:03:56:43:b9:8f:81:5a:00:fa:96:
0c:33:8b:ea:88:22:b1:4c:45:b2:2f:3b:50:15:91:
73:61:df:cf:69:40:a6:4b:32:6a:64:34:b8:d1:1a:
2c:87:83:48:84:a5:08:c7:52:ab:87:e7:14:2b:4d:
0b:ea:e5:a9:df:b6:1d:78:bd:a9:b3:9a:af:2c:6f:
67:3a:5d:9b:77:a6:2a:40:24:c4:a7:c2:e5:9c:16:
be:e8:1a:99:86:c9:24:71:e9:8a:42:97:66:26:9d:
07:8b:df:56:9a:a1:05:1c:e4:b5:e3:8b:df:55:7f:
f3:c5:35:dd:25:2e:db:91:8d:98:5e:68:8b:5e:6c:
86:a1:76:60:c9:db:e4:66:46:a7:ea:3d:08:9a:ba:
0d:34:f9:b1:91:3f:87:0a:43:57:de:df:4a:51:50:
af:2c:e1:44:c2:30:aa:02:12:6e:30:f3:2e:b8:6b:
03:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A9:59:DC:16:71:5C:8A:54:C8:09:42:67:B8:E4:91:FE:32:1D:2C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.167.0/24
91.224.180.0/23
91.230.88.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197615
Signature Algorithm: sha256WithRSAEncryption
aa:f6:0d:14:16:a4:1b:9a:3e:bc:88:3c:86:01:80:64:2b:d1:
57:34:67:e7:f1:74:3b:be:ad:6d:b2:4b:dd:68:f0:50:ae:b7:
d7:5c:57:25:b7:5c:bc:18:9e:bb:23:4d:de:4a:d0:80:72:e8:
9b:8c:08:61:55:ce:b8:c1:d5:60:a7:f6:c1:37:86:c7:d0:55:
12:b0:24:fe:ab:bb:68:4e:44:82:b6:44:58:5f:c1:95:fa:c0:
42:5c:4d:9f:56:64:88:97:c5:d5:ac:a9:91:23:53:9e:96:db:
4e:22:df:0c:39:fd:28:48:ed:48:d2:03:25:a6:af:be:5b:5e:
82:d0:45:5d:a7:bc:59:59:9e:97:3b:5a:21:74:04:df:6b:a4:
26:46:f0:ca:0d:5e:9e:c3:98:75:f0:55:25:34:c4:42:dd:ca:
19:1f:0d:b3:b8:9b:38:38:9e:0f:d8:13:15:18:e4:38:27:85:
ea:a8:88:7b:53:b9:19:76:97:9b:44:42:63:f5:b4:85:2a:f1:
33:cb:83:7c:df:9b:bd:ff:e4:91:fc:3a:b0:94:53:0c:47:d0:
83:79:0a:dd:16:c5:f5:16:1e:b1:72:2d:a5:16:db:a4:10:b8:
c2:f4:b0:01:14:0d:05:36:2f:ac:f6:3c:82:92:1b:91:b3:35:
3d:0f:d0:5a
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZbYpWQhysp3QhqyA5saAkcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTE2MTAzMDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE5NTlkYzE2NzE1YzhhNTRjODA5NDI2N2I4ZTQ5MWZlMzIxZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Mq19PFSaMmp6FZ8Vo6n8flOKFZK
7puq8P+LQlT3bKiDW3H3VqJgXxIiIPtoW6iJ+JtbVqG98omQq1U0tDyoNkRNUPV/
1QEe+YbLdQgROANWQ7mPgVoA+pYMM4vqiCKxTEWyLztQFZFzYd/PaUCmSzJqZDS4
0Rosh4NIhKUIx1Krh+cUK00L6uWp37YdeL2ps5qvLG9nOl2bd6YqQCTEp8LlnBa+
6BqZhskkcemKQpdmJp0Hi99WmqEFHOS144vfVX/zxTXdJS7bkY2YXmiLXmyGoXZg
ydvkZkan6j0ImroNNPmxkT+HCkNX3t9KUVCvLOFEwjCqAhJuMPMuuGsDCwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFPKpWdwWcVyKVMgJQme45JH+Mh0sMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFmLzg4YTM4
My0wMzBjLTQ1NDUtOWU5Yy00ZWJlZWM3ZTgyNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYvODhhMzgz
LTAzMGMtNDU0NS05ZTljLTRlYmVlYzdlODI3NS8xLzhxbFozQlp4WElwVXlBbENa
N2pra2Y0eUhTdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQAW9+nAwQBW+C0AwQBW+ZYMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwMD7zANBgkqhkiG9w0BAQsFAAOCAQEAqvYNFBakG5o+vIg8
hgGAZCvRVzRn5/F0O76tbbJL3WjwUK6311xXJbdcvBieuyNN3krQgHLom4wIYVXO
uMHVYKf2wTeGx9BVErAk/qu7aE5EgrZEWF/BlfrAQlxNn1ZkiJfF1aypkSNTnpbb
TiLfDDn9KEjtSNIDJaavvltegtBFXae8WVmelztaIXQE32ukJkbwyg1ensOYdfBV
JTTEQt3KGR8Ns7ibODieD9gTFRjkOCeF6qiIe1O5GXaXm0RCY/W0hSrxM8uDfN+b
vf/kkfw6sJRTDEfQg3kK3RbF9RYesXItpRbbpBC4wvSwARQNBTYvrPY8gpIbkbM1
PQ/QWg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:55:52 2025 by rpki-client