Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
File: IYzG4kEF3mxckAPWUkOJPLPP3QE.cer (raw, json)
Hash identifier: QljEVSGULnkr6ueh1fYGrTAhSUVdo0DV2qwQRqq4j4E=
Subject key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019C8ADF7A160DFC5194A7853DB76CE6C1C8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 23 Feb 2026 14:20:27 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 210277
AS: 213060
AS: 213074
AS: 213085
IP: 82.21.0.0 -- 82.27.255.255
IP: 82.29.0.0/16
IP: 82.38.0.0 -- 82.41.255.255
IP: 82.46.0.0/16
IP: 84.75.0.0/16
IP: 178.83.0.0/16
IP: 2a13:9500::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:df:7a:16:0d:fc:51:94:a7:85:3d:b7:6c:e6:c1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 23 14:20:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f9:96:ea:84:58:ba:6d:1c:bb:e7:ef:d6:86:
76:8c:ed:d1:6d:03:27:6d:8d:13:84:78:1f:79:c2:
4e:59:ca:66:c1:58:3c:b3:b9:ff:29:c2:c6:1b:40:
d3:af:15:75:51:db:fe:0f:5f:dc:ce:82:e8:e8:5e:
48:93:59:a4:3e:25:5e:b9:50:05:b9:a6:98:e7:62:
e5:ae:8d:ae:ec:32:0b:3c:64:56:2e:af:bd:84:65:
f5:6f:18:81:6a:36:40:6c:f5:44:ea:c1:84:37:f5:
8e:97:ac:f1:2b:9d:c1:d5:54:a2:9a:33:52:b8:04:
eb:f5:45:5e:88:87:82:db:ce:ef:6c:95:e4:ca:88:
b5:f7:30:72:a7:ad:c3:8f:96:2e:62:94:b4:03:9d:
c2:91:09:56:3c:29:06:12:34:aa:4c:d1:f2:3a:5f:
3a:2c:4d:0e:84:3d:ae:a2:1e:6d:67:56:d6:aa:fc:
50:2c:e7:49:bf:10:46:34:51:3c:a3:4e:56:a2:b6:
6a:a3:5a:07:93:55:5a:fc:1d:12:b3:dd:9a:35:93:
0c:a5:07:30:00:b7:25:ca:f9:25:9e:3c:4b:84:7e:
42:04:a5:39:d8:ba:f0:ba:04:92:0e:3b:01:2e:c7:
e2:dc:88:89:45:c8:63:e6:c6:18:65:04:06:08:45:
3a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0-82.27.255.255
82.29.0.0/16
82.38.0.0-82.41.255.255
82.46.0.0/16
84.75.0.0/16
178.83.0.0/16
IPv6:
2a13:9500::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210277
213060
213074
213085
Signature Algorithm: sha256WithRSAEncryption
9c:bc:b4:3f:e4:05:2c:e1:66:79:ca:ae:69:63:88:8e:f9:45:
3c:cd:39:78:08:47:11:88:9f:6a:d4:7f:af:ba:0a:a6:e8:60:
39:bd:53:f6:56:37:ad:c4:9b:5b:e6:90:e5:68:e2:75:7b:d8:
ff:3e:db:48:e2:ed:0b:fc:04:1e:87:b5:f3:de:f6:fe:47:63:
75:6b:cf:a0:c5:5e:9b:07:5e:ee:3c:68:4e:f8:6f:74:23:fb:
e3:a9:3d:ab:76:ac:92:30:39:5d:db:80:59:e1:86:cb:ef:97:
7e:8d:e4:25:41:2f:42:52:65:a5:02:a4:4b:95:80:80:5d:a8:
c6:a1:f9:bc:e3:f2:4a:69:2d:3d:94:8f:ac:0f:ac:01:08:4a:
41:01:99:03:a5:78:a3:13:4b:5c:e1:f2:ae:c8:61:d3:79:0a:
b5:88:76:e9:59:4f:f0:66:85:70:5c:48:cc:21:76:02:e3:05:
c9:3c:b0:44:c0:e6:86:e2:8a:5f:74:ab:a8:4a:ae:91:0f:a8:
2e:bd:a7:46:13:fe:15:49:3f:0c:d6:51:1a:90:8d:6a:cb:c3:
5e:75:98:22:69:ff:16:77:f6:5f:09:df:47:e5:2e:61:bc:7e:
28:b1:7c:27:54:60:0e:01:b2:5b:60:bc:43:c4:e0:4e:3f:12:
7e:96:b3:1f
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgISAZyK33oWDfxRlKeFPbds5sHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMjIzMTQyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjYzZlMjQxMDVkZTZjNWM5MDAzZDY1MjQzODkzY2IzY2ZkZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfmW6oRYum0cu+fv1oZ2jO3RbQMn
bY0ThHgfecJOWcpmwVg8s7n/KcLGG0DTrxV1Udv+D1/czoLo6F5Ik1mkPiVeuVAF
uaaY52Llro2u7DILPGRWLq+9hGX1bxiBajZAbPVE6sGEN/WOl6zxK53B1VSimjNS
uATr9UVeiIeC287vbJXkyoi19zByp63Dj5YuYpS0A53CkQlWPCkGEjSqTNHyOl86
LE0OhD2uoh5tZ1bWqvxQLOdJvxBGNFE8o05WorZqo1oHk1Va/B0Ss92aNZMMpQcw
ALclyvklnjxLhH5CBKU52LrwugSSDjsBLsfi3IiJRchj5sYYZQQGCEU6OwIDAQAB
o4IDADCCAvwwHQYDVR0OBBYEFCGMxuJBBd5sXJAD1lJDiTyzz90BMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGEx
YjRmLWI2NGMtNDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4
YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMjE4Q0M2RTI0MTA1
REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBUBggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLDAK
AwMAUhUDAwJSGAMDAFIdMAoDAwFSJgMDAVIoAwMAUi4DAwBUSwMDALJTMA0EAgAC
MAcDBQMqE5UAMCkGCCsGAQUFBwEIAQH/BBowGKAWMBQCAwM1ZQIDA0BEAgMDQFIC
AwNAXTANBgkqhkiG9w0BAQsFAAOCAQEAnLy0P+QFLOFmecquaWOIjvlFPM05eAhH
EYifatR/r7oKpuhgOb1T9lY3rcSbW+aQ5WjidXvY/z7bSOLtC/wEHoe18972/kdj
dWvPoMVemwde7jxoTvhvdCP746k9q3askjA5XduAWeGGy++Xfo3kJUEvQlJlpQKk
S5WAgF2oxqH5vOPySmktPZSPrA+sAQhKQQGZA6V4oxNLXOHyrshh03kKtYh26VlP
8GaFcFxIzCF2AuMFyTywRMDmhuKKX3SrqEqukQ+oLr2nRhP+FUk/DNZRGpCNasvD
XnWYImn/Fnf2XwnfR+UuYbx+KLF8J1RgDgGyW2C8Q8TgTj8SfpazHw==
-----END CERTIFICATE-----
Generated at Wed Mar 4 14:34:15 2026 by rpki-client