Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.cer
File: CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.cer (raw, json)
Hash identifier: 5dOJ6z/o97aQWtFbPMXQrhUDxjtc93S2J5Dbh3c7HSI=
Subject key identifier: 09:E4:A8:D6:70:6D:9D:0F:9C:10:91:CA:69:95:1F:4A:BD:59:D4:2B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B78A21301D7418A82E49CC277AE94987C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 08:17:26 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 203591
IP: 178.22.248.0/21
IP: 185.6.240.0/22
IP: 2a03:2340::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:13:01:d7:41:8a:82:e4:9c:c2:77:ae:94:98:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=09e4a8d6706d9d0f9c1091ca69951f4abd59d42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:63:41:e8:a9:8b:3c:bd:b7:70:4c:e1:17:f7:
7e:bf:a1:ca:86:5e:b2:b5:75:26:50:df:9f:5b:df:
0e:ff:d3:b9:b0:47:17:b9:67:b4:c1:8f:d1:4f:48:
03:2a:2d:22:bc:1d:ef:5b:78:ea:db:0d:13:65:d2:
88:7e:b5:7d:2f:a4:51:56:69:ee:08:f7:7b:1d:12:
91:fe:60:68:5d:5e:bf:e6:58:1f:42:81:dd:dc:4e:
7b:89:d9:4c:0b:be:8b:1a:bd:dd:b0:95:b1:77:93:
d1:8a:43:36:c4:21:5e:d6:a4:98:f8:4b:1f:52:9e:
87:77:24:ce:f0:f3:4d:47:f6:ee:51:ed:ef:d7:ac:
26:e1:23:b3:ff:d9:f0:31:dc:2a:e5:ec:a7:f1:49:
8b:91:d7:a2:82:fc:11:a9:dc:f6:2d:bf:f6:5f:8c:
7c:6c:3d:9e:18:6f:e1:04:68:d9:49:af:94:92:b4:
df:f2:65:2a:b7:a6:6b:f6:8b:bd:ea:69:da:e3:9c:
80:56:71:0d:16:f2:13:d8:7a:67:d6:4b:f4:6f:05:
61:ae:b5:6e:2c:d4:e7:27:1b:21:3e:48:54:18:a4:
b7:b0:57:f0:67:ca:02:65:9a:80:a4:34:e0:0e:3a:
b5:36:58:cd:7b:0f:5b:ce:07:42:f8:09:e8:c9:95:
5a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E4:A8:D6:70:6D:9D:0F:9C:10:91:CA:69:95:1F:4A:BD:59:D4:2B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.248.0/21
185.6.240.0/22
IPv6:
2a03:2340::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203591
Signature Algorithm: sha256WithRSAEncryption
81:f5:08:66:c8:3f:71:9c:38:b0:a2:0f:05:f8:3b:71:e6:76:
1b:ca:ea:3a:54:51:29:7c:2e:db:22:c6:62:82:2a:6d:ac:3d:
66:5f:6c:31:f9:51:f1:6b:97:12:d6:fb:bf:e4:8e:07:62:93:
d7:43:28:f3:75:f1:ea:e7:af:e1:ed:48:d1:97:20:f6:bd:dd:
0e:7e:e3:ba:c7:99:ac:a4:7f:ae:33:ca:70:9e:22:e9:4f:a6:
fc:9d:f2:79:d6:ec:d8:5e:b5:4d:f8:89:78:7d:59:64:b7:2e:
fa:a9:ec:1a:b1:d1:02:0c:fe:37:c2:c7:2f:d6:b9:05:27:10:
3a:3a:eb:61:a2:03:c8:2c:99:47:16:27:2b:c8:12:3b:48:4f:
92:c7:24:f9:f0:ff:d0:1f:f0:1f:21:a4:05:66:7a:67:41:b2:
ce:25:a1:af:97:13:5c:b1:81:79:99:39:6a:c9:06:ec:b2:03:
02:86:9c:ed:c7:9d:b6:e7:3e:1c:02:b1:f8:d3:44:dc:81:64:
9f:52:c6:46:f9:e5:97:54:8b:87:dc:80:3b:77:04:60:56:7c:
43:46:3e:81:4b:14:a3:63:49:05:66:2c:29:58:7c:a9:51:07:
60:a1:c3:a0:bc:3f:9c:03:bd:01:d5:46:ba:e4:9c:20:1c:91:
fd:8a:d4:ee
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZt4ohMB10GKguScwneulJh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDgxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU0YThkNjcwNmQ5ZDBmOWMxMDkxY2E2OTk1MWY0YWJkNTlkNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2NB6KmLPL23cEzhF/d+v6HKhl6y
tXUmUN+fW98O/9O5sEcXuWe0wY/RT0gDKi0ivB3vW3jq2w0TZdKIfrV9L6RRVmnu
CPd7HRKR/mBoXV6/5lgfQoHd3E57idlMC76LGr3dsJWxd5PRikM2xCFe1qSY+Esf
Up6HdyTO8PNNR/buUe3v16wm4SOz/9nwMdwq5eyn8UmLkdeigvwRqdz2Lb/2X4x8
bD2eGG/hBGjZSa+UkrTf8mUqt6Zr9ou96mna45yAVnENFvIT2Hpn1kv0bwVhrrVu
LNTnJxshPkhUGKS3sFfwZ8oCZZqApDTgDjq1NljNew9bzgdC+AnoyZVa2wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFAnkqNZwbZ0PnBCRymmVH0q9WdQrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4LzQ3ZWI3
Yi1jM2JhLTQ3OGEtODE3OC00MDRkMzEyODBlNjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvNDdlYjdi
LWMzYmEtNDc4YS04MTc4LTQwNGQzMTI4MGU2MS8xL0NlU28xbkJ0blEtY0VKSEth
WlVmU3IxWjFDcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDshb4AwQCuQbwMA0EAgACMAcDBQAqAyNAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMbRzANBgkqhkiG9w0BAQsFAAOCAQEAgfUI
Zsg/cZw4sKIPBfg7ceZ2G8rqOlRRKXwu2yLGYoIqbaw9Zl9sMflR8WuXEtb7v+SO
B2KT10Mo83Xx6uev4e1I0Zcg9r3dDn7juseZrKR/rjPKcJ4i6U+m/J3yedbs2F61
TfiJeH1ZZLcu+qnsGrHRAgz+N8LHL9a5BScQOjrrYaIDyCyZRxYnK8gSO0hPksck
+fD/0B/wHyGkBWZ6Z0GyziWhr5cTXLGBeZk5askG7LIDAoac7cedtuc+HAKx+NNE
3IFkn1LGRvnll1SLh9yAO3cEYFZ8Q0Y+gUsUo2NJBWYsKVh8qVEHYKHDoLw/nAO9
AdVGuuScIByR/YrU7g==
-----END CERTIFICATE-----
Generated at Fri Mar 13 09:44:37 2026 by rpki-client