Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
File: FjB9KfVUPyHqMAm5Uj_nG48Taco.cer (raw, json)
Hash identifier: Gzy/+DHLYJgFJNmIbbHpzPgMM4s3izdGrNJu4aRYdis=
Subject key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A022CF0FEFC66D563EE73E15888965B3A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 20 Oct 2025 15:11:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 5089
AS: 5462
AS: 13076
AS: 42987
AS: 43629
AS: 50534
AS: 62016
IP: 62.30.0.0/15
IP: 62.252.0.0/14
IP: 77.96.0.0/13
IP: 80.0.0.0/13
IP: 80.192.0.0/14
IP: 80.235.128.0/17
IP: 80.255.192.0/19
IP: 81.96.0.0/12
IP: 82.0.0.0 -- 82.20.255.255
IP: 82.28.0.0/16
IP: 82.30.0.0 -- 82.37.255.255
IP: 82.42.0.0 -- 82.47.255.255
IP: 84.19.104.0 -- 84.19.127.255
IP: 86.0.0.0/11
IP: 92.232.0.0 -- 92.234.255.255
IP: 92.236.0.0/14
IP: 94.173.0.0 -- 94.175.255.255
IP: 185.228.252.0/22
IP: 193.38.64.0/18
IP: 193.39.32.0 -- 193.39.65.255
IP: 193.193.96.0/19
IP: 194.117.128.0/19
IP: 194.145.148.0/23
IP: 194.168.0.0/16
IP: 195.182.160.0/19
IP: 195.188.0.0/16
IP: 212.24.64.0/19
IP: 212.43.160.0/19
IP: 212.250.0.0/16
IP: 213.48.0.0/16
IP: 213.81.0.0/17
IP: 213.104.0.0/14
IP: 213.147.224.0/19
IP: 213.148.32.0/19
IP: 217.137.0.0/16
IP: 2a02:8800::/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:2c:f0:fe:fc:66:d5:63:ee:73:e1:58:88:96:5b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 20 15:11:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7c:de:15:df:0f:da:bf:75:92:eb:58:79:d8:
d7:57:da:73:8b:ff:e5:4e:52:ce:63:04:49:b1:6e:
42:ef:04:27:23:86:a8:f0:8c:92:b6:ef:ad:3d:67:
13:13:66:a8:5a:7d:3a:15:3a:17:03:c6:88:a7:09:
76:88:4e:19:8b:c1:9f:9d:c4:11:22:7a:ba:00:29:
1f:6d:26:6f:84:72:16:15:68:a4:24:84:5b:04:18:
f7:99:6c:56:bd:eb:a4:e8:3c:05:3a:71:23:a6:b3:
84:01:d7:de:8a:22:2b:71:03:37:d7:df:78:3f:4a:
c3:b0:48:6f:cd:34:f8:41:71:ca:1b:58:87:c7:36:
8f:f9:64:d4:93:1b:1e:b1:bc:1a:31:31:53:40:6d:
0d:5e:61:19:a2:fd:1b:6e:dd:5f:0f:8f:e0:ee:b0:
84:a8:40:35:25:54:74:af:fc:54:5c:4a:3b:5b:8e:
04:76:31:11:6c:41:b3:cd:b0:40:44:40:cb:b7:49:
32:f7:f8:82:35:7a:eb:5e:71:cb:79:c0:11:8f:07:
26:5a:6c:c8:71:dc:b6:40:46:d1:39:56:35:a1:cc:
03:5c:61:0f:04:bb:4a:d2:ee:e7:a4:7e:98:96:4c:
a9:c0:cd:4c:1e:53:d6:83:07:68:a6:c9:24:87:d6:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.30.0.0/15
62.252.0.0/14
77.96.0.0/13
80.0.0.0/13
80.192.0.0/14
80.235.128.0/17
80.255.192.0/19
81.96.0.0/12
82.0.0.0-82.20.255.255
82.28.0.0/16
82.30.0.0-82.37.255.255
82.42.0.0-82.47.255.255
84.19.104.0-84.19.127.255
86.0.0.0/11
92.232.0.0-92.234.255.255
92.236.0.0/14
94.173.0.0-94.175.255.255
185.228.252.0/22
193.38.64.0/18
193.39.32.0-193.39.65.255
193.193.96.0/19
194.117.128.0/19
194.145.148.0/23
194.168.0.0/16
195.182.160.0/19
195.188.0.0/16
212.24.64.0/19
212.43.160.0/19
212.250.0.0/16
213.48.0.0/16
213.81.0.0/17
213.104.0.0/14
213.147.224.0/19
213.148.32.0/19
217.137.0.0/16
IPv6:
2a02:8800::/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5089
5462
13076
42987
43629
50534
62016
Signature Algorithm: sha256WithRSAEncryption
57:8c:57:c4:49:89:55:96:12:b5:db:45:a6:24:d3:fd:e9:7b:
ea:e9:53:6f:ee:ae:9d:d3:20:86:98:00:bc:6c:49:ed:0c:ba:
1d:a2:1c:c6:73:14:f7:89:49:7c:65:f0:d7:1a:c6:05:16:27:
4e:c4:42:08:6c:06:c3:cc:ab:34:7d:5d:70:5b:76:d5:7d:b1:
23:9a:53:9c:12:ae:2f:32:4f:6d:4d:a9:b7:d5:73:f0:a2:ee:
73:99:58:6f:c2:6e:2e:7f:3d:89:fb:8c:bb:9c:b7:23:45:66:
40:d9:ea:6e:df:6a:f3:02:0d:5c:41:19:06:78:59:18:3b:59:
7c:3d:2d:d5:6e:21:a9:a5:e6:46:8c:d6:de:a6:e9:91:f0:12:
23:3c:20:27:3d:6d:e0:fc:95:81:df:76:7c:30:f1:7b:ef:54:
44:5b:e1:9d:bf:97:3a:91:7a:ef:40:bb:6a:73:1b:85:8b:09:
ad:fe:be:0a:a9:e0:86:45:7a:01:34:82:55:13:af:fa:76:fa:
31:45:d8:e3:92:b9:fb:44:80:66:6f:f7:5c:58:71:a5:34:a4:
73:a7:03:e6:92:1e:62:8f:28:bb:d8:1a:96:9c:23:ba:73:44:
c7:4f:50:7b:e6:43:69:bf:1c:2a:c6:83:fc:6a:90:74:dd:49:
ee:3e:87:16
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgISAZoCLPD+/GbVY+5z4ViIlls6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMDIwMTUxMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33zeFd8P2r91kutYedjXV9pzi//l
TlLOYwRJsW5C7wQnI4ao8IyStu+tPWcTE2aoWn06FToXA8aIpwl2iE4Zi8GfncQR
Inq6ACkfbSZvhHIWFWikJIRbBBj3mWxWveuk6DwFOnEjprOEAdfeiiIrcQM31994
P0rDsEhvzTT4QXHKG1iHxzaP+WTUkxsesbwaMTFTQG0NXmEZov0bbt1fD4/g7rCE
qEA1JVR0r/xUXEo7W44EdjERbEGzzbBAREDLt0ky9/iCNXrrXnHLecARjwcmWmzI
cdy2QEbROVY1ocwDXGEPBLtK0u7npH6YlkypwM1MHlPWgwdopskkh9ZvWQIDAQAB
o4IDuzCCA7cwHQYDVR0OBBYEFBYwfSn1VD8h6jAJuVI/5xuPE2nKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2JmNWU3
MC02NjY1LTQ5ZGUtYjljZi00Y2ZlNDBmMDdhNmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvYmY1ZTcw
LTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlIcU1BbTVV
al9uRzQ4VGFjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBHQYIKwYB
BQUHAQcBAf8EggEMMIIBCDCB9wQCAAEwgfADAwE+HgMDAj78AwMDTWADAwNQAAMD
AlDAAwQHUOuAAwQFUP/AAwMEUWAwCQMCAVIDAwBSFAMDAFIcMAoDAwFSHgMDAVIk
MAoDAwFSKgMDBFIgMAwDBANUE2gDBAdUEwADAwVWADAKAwMDXOgDAwBc6gMDAlzs
MAoDAwBerQMDBF6gAwQCueT8AwQGwSZAMAwDBAXBJyADBAHBJ0ADBAXBwWADBAXC
dYADBAHCkZQDAwDCqAMEBcO2oAMDAMO8AwQF1BhAAwQF1CugAwMA1PoDAwDVMAME
B9VRAAMDAtVoAwQF1ZPgAwQF1ZQgAwMA2YkwDAQCAAIwBgMEACoCiDA1BggrBgEF
BQcBCAEB/wQmMCSgIjAgAgIT4QICFVYCAjMUAgMAp+sCAwCqbQIDAMVmAgMA8kAw
DQYJKoZIhvcNAQELBQADggEBAFeMV8RJiVWWErXbRaYk0/3pe+rpU2/urp3TIIaY
ALxsSe0Muh2iHMZzFPeJSXxl8NcaxgUWJ07EQghsBsPMqzR9XXBbdtV9sSOaU5wS
ri8yT21NqbfVc/Ci7nOZWG/Cbi5/PYn7jLuctyNFZkDZ6m7favMCDVxBGQZ4WRg7
WXw9LdVuIaml5kaM1t6m6ZHwEiM8ICc9beD8lYHfdnww8XvvVERb4Z2/lzqReu9A
u2pzG4WLCa3+vgqp4IZFegE0glUTr/p2+jFF2OOSuftEgGZv91xYcaU0pHOnA+aS
HmKPKLvYGpacI7pzRMdPUHvmQ2m/HCrGg/xqkHTdSe4+hxY=
-----END CERTIFICATE-----
Generated at Wed Oct 22 10:28:04 2025 by rpki-client