Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
File: G-JAAhoofymJc9nqKN_IBzX9WAA.cer (raw, json)
Hash identifier: ESXKTlzMYv3nuAf24DhrtFPia1Fnl4B5AHwv6WgON+8=
Subject key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E88443346637A1AD6027B7A6314CFB27A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Tue 02 Jun 2026 12:17:11 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 44324
AS: 214720
IP: 2a0f:1cc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:88:44:33:46:63:7a:1a:d6:02:7b:7a:63:14:cf:b2:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 2 12:17:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1be240021a287f298973d9ea28dfc80735fd5800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fb:7c:5e:a8:47:ed:ae:21:e5:91:54:62:ad:
60:ee:a8:8c:0e:0d:4c:8b:f1:7f:36:34:6f:8c:56:
a4:07:90:66:d9:e9:29:c9:e7:4d:cb:13:ad:26:fc:
f1:06:cb:6f:26:c6:43:fc:16:a0:af:d0:f7:b0:10:
db:f6:26:bf:83:74:0b:d4:62:37:db:5e:b3:b4:39:
63:48:62:61:1e:eb:9e:2a:d9:b7:28:3d:c7:83:cd:
78:b6:39:1d:7a:55:00:dc:25:b3:2c:8a:92:f1:15:
a4:e8:ab:00:af:df:27:10:ff:92:6a:d0:2f:c2:6a:
c4:15:15:21:24:9b:40:b8:9d:9e:e3:91:19:79:25:
a3:50:73:41:7d:f3:60:15:bb:c8:c9:72:80:2b:99:
b9:17:0d:f5:67:bd:81:23:88:5a:c6:48:60:96:03:
21:6b:b3:97:7f:3f:84:08:09:73:ab:52:52:a8:e8:
7d:df:89:e9:ea:0d:e5:77:8c:50:78:d6:fd:e4:0f:
81:dc:e0:92:9d:51:52:6f:4f:be:e7:10:54:4c:da:
22:f0:2c:58:91:89:24:27:66:67:fe:35:2e:ef:bf:
43:29:d1:b0:6f:1c:bc:79:5e:b5:ce:ed:8b:3e:7a:
e1:f7:66:33:90:c6:14:93:f1:0d:48:6f:85:5a:98:
04:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44324
214720
Signature Algorithm: sha256WithRSAEncryption
0e:71:8a:e2:b3:74:f2:12:7d:be:4d:ca:68:ab:5a:3f:bc:64:
38:1f:23:38:03:2f:69:a7:e0:c1:5d:76:48:84:e8:6f:76:fa:
e9:ca:47:4f:f7:90:dd:03:8c:d0:b0:72:ae:f6:bb:7f:eb:f0:
5e:b3:36:71:e7:cb:be:0d:d0:b7:d1:90:05:83:a1:e5:d4:37:
73:06:dc:37:b9:1d:28:7f:ee:6c:23:9a:95:a1:cd:ec:da:1b:
22:05:88:08:ee:23:98:55:9f:71:60:4d:fb:fa:cb:21:f6:d9:
94:88:25:dd:fb:49:d5:3b:50:eb:f7:76:9e:0c:6d:e9:85:12:
b5:29:6c:8c:94:c2:12:b5:c0:4d:c3:98:cc:0c:4c:28:ef:08:
87:e7:5e:51:b7:c6:2d:a1:90:1e:4e:d6:d3:b0:c9:db:85:44:
97:9c:57:87:cf:c8:d2:81:fd:2b:87:76:88:28:13:29:e1:a6:
b6:f0:32:26:be:bd:61:ac:bc:0a:7b:55:11:ec:51:dc:97:63:
25:b0:39:5d:9d:7d:ff:51:69:89:a1:09:8f:b1:41:27:60:01:
26:a8:82:58:70:e5:df:15:f0:5d:57:ea:46:ca:96:92:a4:86:
3b:bd:bf:98:38:d9:a6:5c:71:07:31:e6:1b:db:eb:a3:a0:c0:
61:44:b4:75
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZ6IRDNGY3oa1gJ7emMUz7J6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNjAyMTIxNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmUyNDAwMjFhMjg3ZjI5ODk3M2Q5ZWEyOGRmYzgwNzM1ZmQ1ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/t8XqhH7a4h5ZFUYq1g7qiMDg1M
i/F/NjRvjFakB5Bm2ekpyedNyxOtJvzxBstvJsZD/Bagr9D3sBDb9ia/g3QL1GI3
216ztDljSGJhHuueKtm3KD3Hg814tjkdelUA3CWzLIqS8RWk6KsAr98nEP+SatAv
wmrEFRUhJJtAuJ2e45EZeSWjUHNBffNgFbvIyXKAK5m5Fw31Z72BI4haxkhglgMh
a7OXfz+ECAlzq1JSqOh934np6g3ld4xQeNb95A+B3OCSnVFSb0++5xBUTNoi8CxY
kYkkJ2Zn/jUu779DKdGwbxy8eV61zu2LPnrh92YzkMYUk/ENSG+FWpgEeQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFBviQAIaKH8piXPZ6ijfyAc1/VgAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzhhZmI1
ZmUyLTNjMmEtNDkzOS05NWU5LTAwNzdiODBiNGYwZS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFm
YjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMUJFMjQwMDIxQTI4
N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
AyoPHMAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAK0kAgMDRsAwDQYJKoZIhvcN
AQELBQADggEBAA5xiuKzdPISfb5NymirWj+8ZDgfIzgDL2mn4MFddkiE6G92+unK
R0/3kN0DjNCwcq72u3/r8F6zNnHny74N0LfRkAWDoeXUN3MG3De5HSh/7mwjmpWh
zezaGyIFiAjuI5hVn3FgTfv6yyH22ZSIJd37SdU7UOv3dp4MbemFErUpbIyUwhK1
wE3DmMwMTCjvCIfnXlG3xi2hkB5O1tOwyduFRJecV4fPyNKB/SuHdogoEynhprbw
Mia+vWGsvAp7VRHsUdyXYyWwOV2dff9RaYmhCY+xQSdgASaoglhw5d8V8F1X6kbK
lpKkhju9v5g42aZccQcx5hvb66OgwGFEtHU=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:32:02 2026 by rpki-client