Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
File: JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer (raw, json)
Hash identifier: va2EPR4dKkpW6Rm+eLbpOu81CJ46GgDUr92tWiTUcQ8=
Subject key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01990A9E1D1BE055B455611C3E8E0FD8DC28
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Sep 2025 13:29:18 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 34388
AS: 51559
IP: 31.12.74.0/24
IP: 31.192.208.0/21
IP: 37.1.144.0/21
IP: 89.43.28.0/22
IP: 89.43.64.0/22
IP: 89.252.128.0 -- 89.252.177.255
IP: 93.113.60.0/22
IP: 93.115.76.0/22
IP: 94.102.0.0/20
IP: 95.173.160.0/19
IP: 159.253.32.0/20
IP: 185.21.5.0/24
IP: 185.88.133.0 -- 185.88.135.255
IP: 185.95.84.0/22
IP: 185.172.48.0/22
IP: 2a02:f80::/32
IP: 2a03:2100::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:9e:1d:1b:e0:55:b4:55:61:1c:3e:8e:0f:d8:dc:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 2 13:29:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2a:9a:9f:02:bd:5f:7b:b7:62:b7:5f:f3:18:
41:b4:aa:4a:d5:2d:3f:f5:94:af:be:46:d0:c1:36:
07:11:13:a8:ee:2d:bf:74:12:69:1f:cd:bd:6c:30:
c1:d4:de:46:5c:1c:01:f2:a8:2c:6d:09:44:ad:f6:
6c:2a:29:08:74:10:c2:fe:70:ae:b3:8b:20:30:b2:
07:ce:48:1c:77:87:4f:65:ed:7d:ac:08:1b:6d:d1:
ad:fd:19:c5:70:b6:21:11:cd:d6:f0:27:03:c6:86:
54:07:1f:57:06:2c:e7:19:16:b1:2e:c0:c4:59:6f:
37:d4:9b:3e:35:6a:e3:cd:37:5e:33:1e:63:3b:1c:
5f:70:c4:ac:8e:1b:94:f7:07:91:0f:85:ca:48:00:
7d:12:cb:5d:5d:9c:ea:f9:7b:43:fb:bc:8f:02:b7:
9a:3e:62:a9:b3:aa:85:a2:01:4d:2f:85:ae:f9:d0:
01:1f:d1:87:04:c4:cd:d0:4b:85:96:9e:30:1f:ba:
76:95:a9:1a:00:bb:91:a1:18:ff:00:65:1a:80:dd:
3e:1f:cc:82:8b:d1:cf:e0:ea:ea:c0:56:51:6e:b7:
31:96:4b:bc:e7:aa:62:73:25:88:f5:c4:d9:69:ea:
7f:c3:76:71:0c:eb:00:da:01:9e:6f:a0:3c:8f:c0:
ff:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.74.0/24
31.192.208.0/21
37.1.144.0/21
89.43.28.0/22
89.43.64.0/22
89.252.128.0-89.252.177.255
93.113.60.0/22
93.115.76.0/22
94.102.0.0/20
95.173.160.0/19
159.253.32.0/20
185.21.5.0/24
185.88.133.0-185.88.135.255
185.95.84.0/22
185.172.48.0/22
IPv6:
2a02:f80::/32
2a03:2100::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34388
51559
Signature Algorithm: sha256WithRSAEncryption
29:d2:b9:6b:4d:8c:46:66:dd:86:fa:01:6b:e1:ad:df:6d:0a:
5d:32:82:2c:5b:3f:8b:98:57:b6:2e:7b:35:eb:0b:07:c8:0b:
95:41:d8:2b:43:02:87:5a:bc:92:9c:f8:95:e1:b2:90:70:c3:
d5:1b:12:c5:0a:cf:99:62:29:3b:e5:37:de:37:03:78:8b:50:
2c:8c:fd:30:23:1b:17:20:f2:d1:7c:35:af:61:b0:f8:cc:d4:
c2:b6:44:f7:66:f9:0b:d8:b2:49:26:63:0a:08:97:09:25:0b:
09:9c:90:55:b6:fa:85:5a:a9:1b:5b:32:79:d0:68:93:04:fa:
31:cf:0e:20:b5:87:df:90:25:68:74:9f:86:2b:a0:31:33:b6:
47:51:68:ef:c5:be:37:24:06:55:c0:06:c3:9b:76:f2:87:19:
25:b2:43:1c:8c:0f:bc:e8:78:90:9d:e1:ca:35:e4:43:31:ef:
53:49:1c:f0:50:57:d3:2c:d7:24:40:ec:65:64:26:99:49:49:
e1:b8:76:46:f2:e8:7f:cd:a9:25:87:f9:06:8e:c1:e2:51:c3:
d2:48:87:4b:4b:ea:35:d2:38:8a:8c:e8:f2:76:ed:f6:97:6e:
2b:36:e2:5e:ca:3e:b5:cc:70:c2:bd:d3:49:4d:79:98:be:d7:
f2:73:b3:1a
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAZkKnh0b4FW0VWEcPo4P2NwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTAyMTMyOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWU0YWVkM2VmNzJiZWUzMTQxNjYwZDExNDllMTZkMDc5MjA1ZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCqanwK9X3u3Yrdf8xhBtKpK1S0/
9ZSvvkbQwTYHEROo7i2/dBJpH829bDDB1N5GXBwB8qgsbQlErfZsKikIdBDC/nCu
s4sgMLIHzkgcd4dPZe19rAgbbdGt/RnFcLYhEc3W8CcDxoZUBx9XBiznGRaxLsDE
WW831Js+NWrjzTdeMx5jOxxfcMSsjhuU9weRD4XKSAB9EstdXZzq+XtD+7yPArea
PmKps6qFogFNL4Wu+dABH9GHBMTN0EuFlp4wH7p2lakaALuRoRj/AGUagN0+H8yC
i9HP4OrqwFZRbrcxlku856picyWI9cTZaep/w3ZxDOsA2gGeb6A8j8D/TwIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFCXkrtPvcr7jFBZg0RSeFtB5IF88MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5LzYzMzZk
MC05NDk0LTQ2ZDMtOTg2MS1lZDNlMzhmOTU3N2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkvNjMzNmQw
LTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8xL0plU3UwLTl5dnVNVUZtRFJG
SjRXMEhrZ1h6dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGbBggrBgEF
BQcBBwEB/wSBizCBiDBwBAIAATBqAwQAHwxKAwQDH8DQAwQDJQGQAwQCWSscAwQC
WStAMAwDBAdZ/IADBAFZ/LADBAJdcTwDBAJdc0wDBAReZgADBAVfraADBASf/SAD
BAC5FQUwDAMEALlYhQMEA7lYgAMEArlfVAMEArmsMDAUBAIAAjAOAwUAKgIPgAMF
AyoDIQAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAIZUAgMAyWcwDQYJKoZIhvcN
AQELBQADggEBACnSuWtNjEZm3Yb6AWvhrd9tCl0ygixbP4uYV7YuezXrCwfIC5VB
2CtDAodavJKc+JXhspBww9UbEsUKz5liKTvlN943A3iLUCyM/TAjGxcg8tF8Na9h
sPjM1MK2RPdm+QvYskkmYwoIlwklCwmckFW2+oVaqRtbMnnQaJME+jHPDiC1h9+Q
JWh0n4YroDEztkdRaO/FvjckBlXABsObdvKHGSWyQxyMD7zoeJCd4co15EMx71NJ
HPBQV9Ms1yRA7GVkJplJSeG4dkby6H/NqSWH+QaOweJRw9JIh0tL6jXSOIqM6PJ2
7faXbis24l7KPrXMcMK900lNeZi+1/Jzsxo=
-----END CERTIFICATE-----
Generated at Fri Sep 5 06:09:09 2025 by rpki-client