Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
File: 9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer (raw, json)
Hash identifier: 1BA7TZ8q8ZXhT1MoOyTuib8ouGocEWQqsvqIYKUT6wo=
Subject key identifier: F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D433CAD17AAE59CCF229A0BCCAAB91A22
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 31 Mar 2026 09:32:23 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 61081
AS: 213811
IP: 185.24.72.0/22
IP: 185.65.116.0/24
IP: 193.143.16.0/23
IP: 2a14:b000::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:3c:ad:17:aa:e5:9c:cf:22:9a:0b:cc:aa:b9:1a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 31 09:32:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:26:ff:e9:c0:94:19:e6:cb:35:c9:30:72:cd:
dd:61:d5:0f:80:d4:55:3c:8a:b1:35:26:a1:98:d9:
bc:cb:a4:9b:75:ed:28:98:95:d8:88:90:38:6a:d0:
82:07:3b:4b:14:6c:54:22:84:a0:bb:97:07:9d:c3:
b6:d2:9b:b1:63:a5:d9:69:1f:58:35:1b:e3:b5:02:
df:f2:54:2f:ab:75:93:bf:47:f2:a0:99:b4:e9:20:
42:a7:8c:85:74:1a:61:d0:aa:53:63:57:b8:11:db:
27:b7:05:d0:c3:1c:c3:a3:34:1e:14:ff:70:a5:59:
dc:29:3b:bd:f2:0d:07:c2:ff:9e:7f:d3:17:73:30:
10:33:48:d7:ee:0d:ff:ce:08:f4:47:f2:5e:5c:79:
a0:b7:c6:84:1d:1b:96:bf:b5:f6:dc:26:9b:f0:e4:
42:26:1a:f8:60:e6:15:b1:45:88:5f:df:2e:cc:38:
a4:4e:47:57:b2:0d:5a:19:2e:33:24:b0:f3:5c:5f:
a4:7a:2f:38:ec:4e:a5:e1:39:45:e5:10:66:3c:c9:
f7:37:2d:89:f4:29:1f:3f:ae:f1:5b:ca:80:13:fe:
b4:05:42:7b:4e:1a:e4:20:aa:dd:9c:16:13:4e:ba:
aa:f7:5d:1c:a5:28:0a:fd:5d:60:c0:5b:07:22:6e:
47:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.72.0/22
185.65.116.0/24
193.143.16.0/23
IPv6:
2a14:b000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61081
213811
Signature Algorithm: sha256WithRSAEncryption
38:1e:29:01:95:b5:30:90:3c:da:0b:51:e2:2f:4d:b7:28:3a:
4e:0c:74:f7:2d:7e:6b:fb:d8:79:99:21:86:58:2b:52:6c:5a:
c2:f2:b7:84:02:9c:dc:a0:aa:8d:3d:22:10:81:3b:27:09:96:
37:a3:42:2e:0c:d3:c4:b4:e3:02:c8:f0:e5:05:f8:16:25:d2:
0d:8f:e3:c8:35:55:76:48:c7:9c:f3:26:f4:05:33:b3:6a:bd:
d1:43:d1:c1:78:71:2d:8f:fc:1d:b8:c9:56:80:bc:f5:36:94:
7d:24:e2:08:75:9d:17:df:79:90:50:b1:05:d7:78:82:57:7e:
f9:21:d4:99:11:63:f3:f8:38:61:9f:fc:db:53:d2:0f:66:72:
94:29:47:54:12:c2:c7:35:e9:a7:a9:e2:df:da:21:91:9c:55:
ce:8e:d3:3e:6c:d1:89:89:c5:c2:0d:c4:d8:77:f9:b6:61:eb:
a5:50:d2:87:c4:df:aa:9e:7b:04:3a:c8:e5:5b:10:99:d9:3b:
65:ff:6d:18:b6:b1:29:3e:7a:6a:c2:b4:97:38:7d:b5:bb:0c:
54:76:63:e9:b8:c2:e1:1c:21:9f:99:58:00:51:0e:2a:42:0a:
77:70:9d:92:61:75:37:29:4f:fb:cd:22:d7:f3:32:cc:18:98:
c7:21:7f:fb
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZ1DPK0XquWczyKaC8yquRoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzMxMDkzMjIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThlMGMzYjkzMzNjYjZmZDQxMzllNDU1YTVhYmJhZmQ1Njk1MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Cb/6cCUGebLNckwcs3dYdUPgNRV
PIqxNSahmNm8y6Sbde0omJXYiJA4atCCBztLFGxUIoSgu5cHncO20puxY6XZaR9Y
NRvjtQLf8lQvq3WTv0fyoJm06SBCp4yFdBph0KpTY1e4EdsntwXQwxzDozQeFP9w
pVncKTu98g0Hwv+ef9MXczAQM0jX7g3/zgj0R/JeXHmgt8aEHRuWv7X23Cab8ORC
Jhr4YOYVsUWIX98uzDikTkdXsg1aGS4zJLDzXF+kei847E6l4TlF5RBmPMn3Ny2J
9CkfP67xW8qAE/60BUJ7ThrkIKrdnBYTTrqq910cpSgK/V1gwFsHIm5H9wIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFPWODDuTM8tv1BOeRVpau6/VaVMqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmL2IxY2E1
MS03NWRkLTQxYzktOTQ4NC0yYmMxYWUzZGJkYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvYjFjYTUx
LTc1ZGQtNDFjOS05NDg0LTJiYzFhZTNkYmRiZS8xLzlZNE1PNU16eTJfVUU1NUZX
bHE3cjlWcFV5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCuRhIAwQAuUF0AwQBwY8QMA0EAgACMAcDBQMq
FLAAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDumQIDA0MzMA0GCSqGSIb3DQEB
CwUAA4IBAQA4HikBlbUwkDzaC1HiL023KDpODHT3LX5r+9h5mSGGWCtSbFrC8reE
ApzcoKqNPSIQgTsnCZY3o0IuDNPEtOMCyPDlBfgWJdINj+PINVV2SMec8yb0BTOz
ar3RQ9HBeHEtj/wduMlWgLz1NpR9JOIIdZ0X33mQULEF13iCV375IdSZEWPz+Dhh
n/zbU9IPZnKUKUdUEsLHNemnqeLf2iGRnFXOjtM+bNGJicXCDcTYd/m2YeulUNKH
xN+qnnsEOsjlWxCZ2Ttl/20YtrEpPnpqwrSXOH21uwxUdmPpuMLhHCGfmVgAUQ4q
Qgp3cJ2SYXU3KU/7zSLX8zLMGJjHIX/7
-----END CERTIFICATE-----
Generated at Sun May 3 15:29:10 2026 by rpki-client