Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JwafGIPczJOnhpxB7D6XL_X9SwE.cer
File: JwafGIPczJOnhpxB7D6XL_X9SwE.cer (raw, json)
Hash identifier: aIZ4GOKRgWuHNj3wrl+pPRAogsc3DoUfDW6oSDozojY=
Subject key identifier: 27:06:9F:18:83:DC:CC:93:A7:86:9C:41:EC:3E:97:2F:F5:FD:4B:01
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01974452428837579F4D5E1DC005FC0D519E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 06 Jun 2025 08:18:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 21107
AS: 42571
AS: 198252
IP: 31.216.184.0/21
IP: 31.223.208.0/20
IP: 62.68.96.0/19
IP: 77.239.64.0/19
IP: 79.142.180.0/22
IP: 79.143.160.0/20
IP: 80.242.112.0/20
IP: 92.241.128.0/19
IP: 93.180.144.0/21
IP: 134.90.128.0/21
IP: 185.32.172.0/22
IP: 185.36.84.0/22
IP: 185.39.0.0/22
IP: 185.187.4.0/22
IP: 188.124.192.0/19
IP: 188.246.64.0/19
IP: 194.41.40.0/22
IP: 213.91.72.0 -- 213.91.95.255
IP: 217.23.192.0/20
IP: 217.71.49.0 -- 217.71.55.255
IP: 2a00:1a98::/32
IP: 2a02:2030::/32
IP: 2a03:f180::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:52:42:88:37:57:9f:4d:5e:1d:c0:05:fc:0d:51:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 6 08:18:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27069f1883dccc93a7869c41ec3e972ff5fd4b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:2b:40:11:49:35:bc:4a:d5:07:ec:4b:74:
37:01:7c:0d:63:b2:b4:80:78:eb:02:af:e9:d4:04:
11:96:fb:10:22:bd:75:ea:f7:d0:cd:58:08:07:92:
51:73:bc:34:3e:a9:c7:b1:55:ab:34:bf:c5:74:d4:
9d:e9:58:e5:4b:f0:76:6b:f8:a4:a4:28:0b:ba:38:
08:43:1d:d7:f3:cd:62:4e:f1:95:bd:08:c7:0b:9e:
59:6b:9f:fb:23:e7:17:05:2b:79:b0:9a:0e:b7:e6:
ae:3f:fa:5e:c3:b3:5b:e5:80:f1:72:f0:f7:8e:f6:
d8:9a:e8:5d:22:bb:37:5a:4a:da:ab:8a:15:4e:fc:
81:44:dc:c7:fc:20:35:8c:e0:23:de:a9:29:30:42:
4c:5f:a2:e4:65:51:7f:cd:58:a1:75:08:13:82:bd:
72:b9:cf:50:3d:c0:92:16:f7:86:3b:c0:e8:cf:a7:
d6:f2:a1:64:7a:47:10:fb:0f:d0:1d:27:67:9d:ac:
b7:32:0f:c6:82:5b:a4:0b:35:15:32:10:ae:40:49:
ba:77:df:45:e0:53:eb:3d:ee:c7:4a:f4:1b:d9:a9:
f0:d4:bb:82:29:27:1d:9a:f3:0b:9c:b6:c1:b6:15:
2d:0a:e5:69:0c:34:04:f6:7e:6b:d5:6f:39:d9:b7:
55:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:06:9F:18:83:DC:CC:93:A7:86:9C:41:EC:3E:97:2F:F5:FD:4B:01
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.184.0/21
31.223.208.0/20
62.68.96.0/19
77.239.64.0/19
79.142.180.0/22
79.143.160.0/20
80.242.112.0/20
92.241.128.0/19
93.180.144.0/21
134.90.128.0/21
185.32.172.0/22
185.36.84.0/22
185.39.0.0/22
185.187.4.0/22
188.124.192.0/19
188.246.64.0/19
194.41.40.0/22
213.91.72.0-213.91.95.255
217.23.192.0/20
217.71.49.0-217.71.55.255
IPv6:
2a00:1a98::/32
2a02:2030::/32
2a03:f180::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
21107
42571
198252
Signature Algorithm: sha256WithRSAEncryption
52:57:ce:65:29:a4:f6:25:cb:9c:b4:02:0c:05:3c:50:bc:b4:
90:e9:62:a0:0b:c7:0c:e7:76:50:8f:77:4f:a3:5f:aa:3a:cf:
50:2b:e5:d0:f2:9e:5b:f4:37:3f:dc:bd:f6:20:e1:e8:d1:2d:
27:3a:08:01:ce:15:c3:16:bf:0d:e0:93:1f:fe:df:56:b6:03:
fe:35:92:e8:bb:c5:55:ec:e7:d2:61:dc:66:23:17:92:63:d7:
cb:1e:eb:76:4d:e3:51:43:65:f3:0d:c5:29:73:08:5f:77:03:
34:3d:d8:50:37:6c:fe:b9:7f:eb:bc:d8:cd:4a:d4:22:64:e5:
aa:60:ab:ef:59:c4:93:ba:06:2f:08:48:70:17:28:ce:5e:17:
05:9f:94:68:c0:20:66:d3:62:19:26:8d:b1:ee:de:e7:e9:ea:
e0:40:4a:43:3a:6a:15:38:a5:ca:c5:7f:13:4b:93:b7:2b:fa:
b7:91:6f:cb:8c:e7:1e:32:23:04:d0:75:71:96:26:c6:9d:de:
22:9c:5b:63:27:81:da:8e:3b:c0:aa:4a:f7:2e:b7:ba:6e:8b:
b8:b9:c5:13:52:d0:59:11:5a:b7:4a:08:3c:a1:de:16:b7:a7:
e1:cf:24:ba:91:e8:8e:f9:ac:27:5d:6b:ae:0b:c0:95:9d:36:
65:ba:67:a8
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZdEUkKIN1efTV4dwAX8DVGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjA2MDgxODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA2OWYxODgzZGNjYzkzYTc4NjljNDFlYzNlOTcyZmY1ZmQ0YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVsrQBFJNbxK1QfsS3Q3AXwNY7K0
gHjrAq/p1AQRlvsQIr116vfQzVgIB5JRc7w0PqnHsVWrNL/FdNSd6VjlS/B2a/ik
pCgLujgIQx3X881iTvGVvQjHC55Za5/7I+cXBSt5sJoOt+auP/pew7Nb5YDxcvD3
jvbYmuhdIrs3Wkraq4oVTvyBRNzH/CA1jOAj3qkpMEJMX6LkZVF/zVihdQgTgr1y
uc9QPcCSFveGO8Doz6fW8qFkekcQ+w/QHSdnnay3Mg/GglukCzUVMhCuQEm6d99F
4FPrPe7HSvQb2anw1LuCKScdmvMLnLbBthUtCuVpDDQE9n5r1W852bdVLQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFCcGnxiD3MyTp4acQew+ly/1/UsBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdmLzQyZTA3
OS02ZjdjLTQ2OGQtYjAyOC0wNDYyYjY0ODRkNjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2YvNDJlMDc5
LTZmN2MtNDY4ZC1iMDI4LTA0NjJiNjQ4NGQ2MC8xL0p3YWZHSVBjekpPbmhweEI3
RDZYTF9YOVN3RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHCBggrBgEF
BQcBBwEB/wSBsjCBrzCBjwQCAAEwgYgDBAMf2LgDBAQf39ADBAU+RGADBAVN70AD
BAJPjrQDBARPj6ADBARQ8nADBAVc8YADBANdtJADBAOGWoADBAK5IKwDBAK5JFQD
BAK5JwADBAK5uwQDBAW8fMADBAW89kADBALCKSgwDAMEA9VbSAMEBdVbQAMEBNkX
wDAMAwQA2UcxAwQD2UcwMBsEAgACMBUDBQAqABqYAwUAKgIgMAMFACoD8YAwIwYI
KwYBBQUHAQgBAf8EFDASoBAwDgICUnMCAwCmSwIDAwZsMA0GCSqGSIb3DQEBCwUA
A4IBAQBSV85lKaT2JcuctAIMBTxQvLSQ6WKgC8cM53ZQj3dPo1+qOs9QK+XQ8p5b
9Dc/3L32IOHo0S0nOggBzhXDFr8N4JMf/t9WtgP+NZLou8VV7OfSYdxmIxeSY9fL
Hut2TeNRQ2XzDcUpcwhfdwM0PdhQN2z+uX/rvNjNStQiZOWqYKvvWcSTugYvCEhw
FyjOXhcFn5RowCBm02IZJo2x7t7n6ergQEpDOmoVOKXKxX8TS5O3K/q3kW/LjOce
MiME0HVxlibGnd4inFtjJ4HajjvAqkr3Lre6bou4ucUTUtBZEVq3Sgg8od4Wt6fh
zyS6keiO+awnXWuuC8CVnTZlumeo
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:20:07 2025 by rpki-client