Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9hUWPY_cRSP7uCJN89wgese94ck.cer
File: 9hUWPY_cRSP7uCJN89wgese94ck.cer (raw, json)
Hash identifier: z93/skAY9v9Yif+lbr/GqNJSXm2fPROgEld+gfBFsmk=
Subject key identifier: F6:15:16:3D:8F:DC:45:23:FB:B8:22:4D:F3:DC:20:7A:C7:BD:E1:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A16D6CEC2461557958853E3E9C1628D61
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e7/05b659-d19b-43cd-9fcc-d539857e2e2f/1/9hUWPY_cRSP7uCJN89wgese94ck.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e7/05b659-d19b-43cd-9fcc-d539857e2e2f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 24 Oct 2025 15:29:27 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 3287
AS: 213691
IP: 83.143.152.0/23
IP: 91.213.213.0/24
IP: 185.238.196.0/23
IP: 193.106.232.0/22
IP: 217.72.8.0/22
IP: 2a0c:bc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:d6:ce:c2:46:15:57:95:88:53:e3:e9:c1:62:8d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 24 15:29:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f615163d8fdc4523fbb8224df3dc207ac7bde1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:0b:77:8b:41:b4:a8:1c:ce:4d:22:7f:92:
80:77:85:52:53:7e:8f:5d:5e:e7:6e:fd:d3:b9:e2:
9f:27:d0:ce:81:41:11:07:0a:3a:49:84:8b:f1:b8:
3f:94:cc:a3:73:89:a7:9c:28:b0:38:11:cb:b7:0a:
54:28:da:67:38:0b:4c:b4:1a:9f:da:61:dc:30:0e:
8f:b8:1e:12:e2:e6:ec:95:2c:c1:9c:5b:89:7c:d5:
49:87:ab:12:5e:f5:1e:23:e8:bd:00:b5:0a:82:61:
b5:fa:94:1c:6c:48:60:2e:c2:11:7c:13:5b:94:99:
cd:12:f5:bc:d3:b1:0e:09:2a:a1:88:b7:ff:78:73:
59:4b:03:f3:ba:9e:80:cb:19:f5:16:7a:34:71:48:
87:a6:91:8b:9d:3f:65:59:d4:60:57:25:6b:fe:5e:
a8:38:f8:c3:4c:89:25:59:45:5e:6e:7f:f2:8b:00:
97:9d:ce:b9:5e:77:bd:69:98:5f:86:2f:26:83:ba:
21:26:de:60:a5:f3:0b:e9:93:d3:dd:55:84:1a:39:
df:96:f9:29:4b:bd:3e:aa:56:cb:84:ab:5f:6f:9b:
6e:74:20:15:61:4f:34:ee:bc:ac:9d:f9:1c:ee:d9:
d8:76:41:73:c1:d3:00:e6:43:16:33:da:2d:76:bb:
64:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:15:16:3D:8F:DC:45:23:FB:B8:22:4D:F3:DC:20:7A:C7:BD:E1:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/05b659-d19b-43cd-9fcc-d539857e2e2f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/05b659-d19b-43cd-9fcc-d539857e2e2f/1/9hUWPY_cRSP7uCJN89wgese94ck.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.152.0/23
91.213.213.0/24
185.238.196.0/23
193.106.232.0/22
217.72.8.0/22
IPv6:
2a0c:bc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3287
213691
Signature Algorithm: sha256WithRSAEncryption
9a:22:ef:27:b0:ff:d4:6b:7a:f7:49:66:2a:15:f3:1b:a1:f1:
01:2c:65:5c:b8:31:5a:ef:f3:f1:d2:af:c3:7a:97:1b:9b:af:
40:3a:80:50:2d:7e:9f:41:a1:19:54:19:c5:9f:27:8b:8c:b2:
cd:de:70:35:c2:ef:e5:f2:f0:18:bb:d9:e8:d1:d7:12:0d:f3:
5a:3e:1b:04:f1:40:a8:87:a0:db:e5:e3:63:b0:e4:cb:e2:75:
64:1d:2c:26:e0:33:a7:05:ee:9e:71:9b:71:64:03:81:d9:07:
d3:3a:bc:e1:b3:9b:05:c3:87:80:59:e3:8e:8c:2c:e6:32:1c:
fd:49:0a:56:15:e0:66:ba:82:43:94:b8:94:ae:a3:aa:f2:63:
2c:5e:49:cc:f9:68:21:b1:00:c0:1f:94:cf:b9:85:7a:03:b8:
a2:79:84:f8:71:9c:78:64:55:fe:f8:57:d2:3e:8a:ac:a0:d4:
b4:7b:d0:6d:e9:5c:b8:42:fe:d4:8b:ae:d4:2d:fd:8a:7b:90:
0d:1c:cc:6f:e8:63:6e:0f:4f:8b:24:30:5b:60:2b:8c:db:86:
5c:97:bf:49:ec:40:14:0b:75:6b:5a:b8:c5:af:4c:3c:34:c1:
5c:8a:22:68:d3:2c:07:19:43:5c:b6:15:9a:10:5a:9f:5d:8b:
b1:4a:75:6b
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAZoW1s7CRhVXlYhT4+nBYo1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMDI0MTUyOTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE1MTYzZDhmZGM0NTIzZmJiODIyNGRmM2RjMjA3YWM3YmRlMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgALd4tBtKgczk0if5KAd4VSU36P
XV7nbv3TueKfJ9DOgUERBwo6SYSL8bg/lMyjc4mnnCiwOBHLtwpUKNpnOAtMtBqf
2mHcMA6PuB4S4ubslSzBnFuJfNVJh6sSXvUeI+i9ALUKgmG1+pQcbEhgLsIRfBNb
lJnNEvW807EOCSqhiLf/eHNZSwPzup6Ayxn1Fno0cUiHppGLnT9lWdRgVyVr/l6o
OPjDTIklWUVebn/yiwCXnc65Xne9aZhfhi8mg7ohJt5gpfML6ZPT3VWEGjnflvkp
S70+qlbLhKtfb5tudCAVYU807rysnfkc7tnYdkFzwdMA5kMWM9otdrtkMQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFPYVFj2P3EUj+7giTfPcIHrHveHJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U3LzA1YjY1
OS1kMTliLTQzY2QtOWZjYy1kNTM5ODU3ZTJlMmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcvMDViNjU5
LWQxOWItNDNjZC05ZmNjLWQ1Mzk4NTdlMmUyZi8xLzloVVdQWV9jUlNQN3VDSk44
OXdnZXNlOTRjay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQBU4+YAwQAW9XVAwQBue7EAwQCwWroAwQC2UgI
MA0EAgACMAcDBQMqDAvAMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAgzXAgMDQrsw
DQYJKoZIhvcNAQELBQADggEBAJoi7yew/9RrevdJZioV8xuh8QEsZVy4MVrv8/HS
r8N6lxubr0A6gFAtfp9BoRlUGcWfJ4uMss3ecDXC7+Xy8Bi72ejR1xIN81o+GwTx
QKiHoNvl42Ow5MvidWQdLCbgM6cF7p5xm3FkA4HZB9M6vOGzmwXDh4BZ446MLOYy
HP1JClYV4Ga6gkOUuJSuo6ryYyxeScz5aCGxAMAflM+5hXoDuKJ5hPhxnHhkVf74
V9I+iqyg1LR70G3pXLhC/tSLrtQt/Yp7kA0czG/oY24PT4skMFtgK4zbhlyXv0ns
QBQLdWtauMWvTDw0wVyKImjTLAcZQ1y2FZoQWp9di7FKdWs=
-----END CERTIFICATE-----
Generated at Tue Nov 11 10:03:45 2025 by rpki-client