Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
File: 9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer (raw, json)
Hash identifier: hZ7OVdvrNYchTJabeHNva37d2NJ3qkqJz/63nPu9rPY=
Subject key identifier: F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CD2B2B7305359DB573DA6D06E658199CA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 09 Mar 2026 13:04:13 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 213811
IP: 185.65.116.0/24
IP: 193.143.16.0/23
IP: 2a14:b000::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:b2:b7:30:53:59:db:57:3d:a6:d0:6e:65:81:99:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 9 13:04:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:26:ff:e9:c0:94:19:e6:cb:35:c9:30:72:cd:
dd:61:d5:0f:80:d4:55:3c:8a:b1:35:26:a1:98:d9:
bc:cb:a4:9b:75:ed:28:98:95:d8:88:90:38:6a:d0:
82:07:3b:4b:14:6c:54:22:84:a0:bb:97:07:9d:c3:
b6:d2:9b:b1:63:a5:d9:69:1f:58:35:1b:e3:b5:02:
df:f2:54:2f:ab:75:93:bf:47:f2:a0:99:b4:e9:20:
42:a7:8c:85:74:1a:61:d0:aa:53:63:57:b8:11:db:
27:b7:05:d0:c3:1c:c3:a3:34:1e:14:ff:70:a5:59:
dc:29:3b:bd:f2:0d:07:c2:ff:9e:7f:d3:17:73:30:
10:33:48:d7:ee:0d:ff:ce:08:f4:47:f2:5e:5c:79:
a0:b7:c6:84:1d:1b:96:bf:b5:f6:dc:26:9b:f0:e4:
42:26:1a:f8:60:e6:15:b1:45:88:5f:df:2e:cc:38:
a4:4e:47:57:b2:0d:5a:19:2e:33:24:b0:f3:5c:5f:
a4:7a:2f:38:ec:4e:a5:e1:39:45:e5:10:66:3c:c9:
f7:37:2d:89:f4:29:1f:3f:ae:f1:5b:ca:80:13:fe:
b4:05:42:7b:4e:1a:e4:20:aa:dd:9c:16:13:4e:ba:
aa:f7:5d:1c:a5:28:0a:fd:5d:60:c0:5b:07:22:6e:
47:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.116.0/24
193.143.16.0/23
IPv6:
2a14:b000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213811
Signature Algorithm: sha256WithRSAEncryption
67:c2:c9:07:f4:1a:a4:cc:97:a8:d8:32:89:d8:3c:2a:3a:50:
e2:9f:02:c9:fd:71:40:1c:33:af:09:bb:eb:55:79:95:06:25:
2a:63:23:05:77:6d:7d:a3:38:d7:90:2c:c2:21:5d:36:17:ac:
58:31:04:e3:3c:0b:dd:dc:19:1c:6d:c0:3f:0e:ec:3b:06:1c:
ee:cb:70:3a:d0:dc:73:05:d4:23:6c:dc:0e:26:6b:c8:14:3d:
8a:a3:2d:70:22:a3:0a:77:7d:f6:3e:f4:56:8d:bd:3d:bc:d1:
7d:6c:54:84:54:07:79:f4:3a:91:c2:3a:5b:48:85:3c:63:ce:
a4:2c:cb:48:1c:2a:08:f0:99:f9:09:58:61:7e:41:80:c1:9c:
33:b9:97:21:00:41:5e:e4:9e:78:7c:8d:90:57:b4:9f:1f:60:
da:90:92:6d:11:6a:aa:3a:58:b7:f5:a4:50:d7:8d:50:10:f4:
e4:ae:d7:3a:4c:d4:5c:ec:4b:18:94:4e:36:fa:5d:a0:00:21:
e4:17:ef:cd:54:23:f2:a4:8b:4f:b5:4f:8e:ec:0d:c7:37:a0:
18:02:5e:44:0b:22:bd:2c:20:a8:0d:ec:3b:6a:ac:d2:8e:8a:
e8:b4:f4:e1:53:57:1e:ad:12:13:77:0c:12:85:10:31:33:ef:
8e:ba:47:93
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZzSsrcwU1nbVz2m0G5lgZnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzA5MTMwNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThlMGMzYjkzMzNjYjZmZDQxMzllNDU1YTVhYmJhZmQ1Njk1MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Cb/6cCUGebLNckwcs3dYdUPgNRV
PIqxNSahmNm8y6Sbde0omJXYiJA4atCCBztLFGxUIoSgu5cHncO20puxY6XZaR9Y
NRvjtQLf8lQvq3WTv0fyoJm06SBCp4yFdBph0KpTY1e4EdsntwXQwxzDozQeFP9w
pVncKTu98g0Hwv+ef9MXczAQM0jX7g3/zgj0R/JeXHmgt8aEHRuWv7X23Cab8ORC
Jhr4YOYVsUWIX98uzDikTkdXsg1aGS4zJLDzXF+kei847E6l4TlF5RBmPMn3Ny2J
9CkfP67xW8qAE/60BUJ7ThrkIKrdnBYTTrqq910cpSgK/V1gwFsHIm5H9wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFPWODDuTM8tv1BOeRVpau6/VaVMqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmL2IxY2E1
MS03NWRkLTQxYzktOTQ4NC0yYmMxYWUzZGJkYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvYjFjYTUx
LTc1ZGQtNDFjOS05NDg0LTJiYzFhZTNkYmRiZS8xLzlZNE1PNU16eTJfVUU1NUZX
bHE3cjlWcFV5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAuUF0AwQBwY8QMA0EAgACMAcDBQMqFLAAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwNDMzANBgkqhkiG9w0BAQsFAAOCAQEAZ8LJ
B/QapMyXqNgyidg8KjpQ4p8Cyf1xQBwzrwm761V5lQYlKmMjBXdtfaM415AswiFd
NhesWDEE4zwL3dwZHG3APw7sOwYc7stwOtDccwXUI2zcDiZryBQ9iqMtcCKjCnd9
9j70Vo29PbzRfWxUhFQHefQ6kcI6W0iFPGPOpCzLSBwqCPCZ+QlYYX5BgMGcM7mX
IQBBXuSeeHyNkFe0nx9g2pCSbRFqqjpYt/WkUNeNUBD05K7XOkzUXOxLGJRONvpd
oAAh5BfvzVQj8qSLT7VPjuwNxzegGAJeRAsivSwgqA3sO2qs0o6K6LT04VNXHq0S
E3cMEoUQMTPvjrpHkw==
-----END CERTIFICATE-----
Generated at Thu Mar 19 14:00:51 2026 by rpki-client