Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
File: K6HP11f1Hy_rdFCenDm-RoBr5kI.cer (raw, json)
Hash identifier: pWvcQkGRtJpaLRI+apokL5VOa9YFI8EnTH7XKOZnsRc=
Subject key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01971198159632FF9E88867D6E41EA09F841
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 27 May 2025 11:54:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 25441
IP: 62.231.32.0/19
IP: 78.135.128.0/17
IP: 83.141.64.0/18
IP: 85.134.128.0/17
IP: 87.192.0.0 -- 87.192.79.255
IP: 87.192.81.0 -- 87.192.87.255
IP: 87.192.128.0 -- 87.192.207.255
IP: 87.192.216.0/22
IP: 87.192.222.0 -- 87.192.255.255
IP: 87.232.0.0/19
IP: 87.232.192.0/24
IP: 87.232.194.0 -- 87.232.199.255
IP: 87.232.225.0/24
IP: 87.232.228.0/22
IP: 89.124.0.0 -- 89.124.241.255
IP: 89.124.245.0/24
IP: 89.124.248.0 -- 89.127.251.255
IP: 89.127.254.0/23
IP: 185.247.52.0/22
IP: 2001:4d68::/32
IP: 2a01:268::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:98:15:96:32:ff:9e:88:86:7d:6e:41:ea:09:f8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 27 11:54:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:61:ab:69:02:05:84:5c:f5:8f:aa:36:f7:35:
00:ed:dd:2f:28:72:fb:34:3b:3e:2c:47:71:78:12:
cf:08:2d:d9:37:c1:d5:bd:50:2a:14:ed:4d:b5:17:
e1:bc:e6:0d:db:8b:62:df:19:c4:85:43:d9:d0:34:
61:8d:ea:e4:2f:d4:64:f4:b3:3e:98:b6:51:10:08:
44:74:f1:06:1f:bd:f0:de:86:9f:ff:44:f4:10:78:
35:5b:ce:79:de:b4:0b:48:0f:7b:cf:ef:f0:be:64:
98:62:bc:18:7e:6a:1e:f4:6a:ee:96:c4:a4:f3:66:
d7:65:4e:8d:3d:53:8f:bc:9f:41:26:7e:d9:b3:39:
2c:32:e0:f3:5e:d1:0f:7a:34:c2:fe:02:9d:cc:80:
04:1a:5a:5b:b5:12:03:f3:83:c1:e2:44:55:3a:ca:
b5:d0:2d:d5:38:ad:68:d1:8b:bf:09:b5:35:5d:28:
ba:af:e5:79:a9:02:60:03:bf:64:cf:3c:00:00:87:
3e:40:ec:ea:a1:70:9a:6f:c5:71:04:6a:8f:50:55:
be:68:34:45:f4:b8:99:1e:5c:93:ab:0f:d7:9c:06:
8d:84:0e:72:1a:a3:5b:d9:6c:9c:d2:af:85:ed:80:
c1:45:63:e0:99:90:60:c1:a5:48:40:8f:38:d4:9b:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.81.0-87.192.87.255
87.192.128.0-87.192.207.255
87.192.216.0/22
87.192.222.0-87.192.255.255
87.232.0.0/19
87.232.192.0/24
87.232.194.0-87.232.199.255
87.232.225.0/24
87.232.228.0/22
89.124.0.0-89.124.241.255
89.124.245.0/24
89.124.248.0-89.127.251.255
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
2a01:268::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
25441
Signature Algorithm: sha256WithRSAEncryption
0a:2a:d6:76:c5:b8:a9:26:a6:97:53:69:42:d7:3d:d8:99:b3:
ec:3f:dd:46:ca:d7:25:c3:19:f8:9a:14:a4:4b:82:0d:ab:50:
10:bb:6e:10:30:e0:27:7c:44:ca:99:19:4d:70:91:e8:36:20:
0e:0c:dc:c3:9c:d1:49:18:dd:92:07:ac:75:e8:47:24:ec:15:
44:e4:a5:99:82:71:57:b9:92:4c:74:9d:e9:d9:82:06:3a:33:
d8:e3:44:7b:90:71:e9:4c:a7:b6:6a:e3:39:c5:59:08:30:81:
bb:d9:f8:6b:2e:d2:0c:03:2a:dc:fb:7d:86:14:c0:cb:fe:c8:
f8:24:8b:71:6f:81:40:fc:db:3e:d4:cd:11:06:d2:fe:c5:2d:
73:54:51:9f:40:a7:8c:60:e1:78:04:c0:a2:37:2e:26:e2:8c:
e3:b6:d5:84:ef:ca:ae:b4:38:d3:b3:85:03:b8:bd:ad:93:aa:
87:71:2e:40:4f:92:2e:51:c5:58:15:3c:20:b4:ac:0a:e3:24:
38:b9:c5:be:55:97:48:4f:39:a1:56:41:c4:3c:27:37:62:99:
7c:3f:3a:5c:9d:51:c2:9f:10:99:75:f1:69:0f:4a:dd:cb:4d:
51:16:e3:cb:06:45:d3:6c:94:ab:d1:6a:69:71:13:58:88:45:
49:72:23:16
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZcRmBWWMv+eiIZ9bkHqCfhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTI3MTE1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmExY2ZkNzU3ZjUxZjJmZWI3NDUwOWU5YzM5YmU0NjgwNmJlNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWGraQIFhFz1j6o29zUA7d0vKHL7
NDs+LEdxeBLPCC3ZN8HVvVAqFO1NtRfhvOYN24ti3xnEhUPZ0DRhjerkL9Rk9LM+
mLZREAhEdPEGH73w3oaf/0T0EHg1W8553rQLSA97z+/wvmSYYrwYfmoe9GrulsSk
82bXZU6NPVOPvJ9BJn7ZszksMuDzXtEPejTC/gKdzIAEGlpbtRID84PB4kRVOsq1
0C3VOK1o0Yu/CbU1XSi6r+V5qQJgA79kzzwAAIc+QOzqoXCab8VxBGqPUFW+aDRF
9LiZHlyTqw/XnAaNhA5yGqNb2Wyc0q+F7YDBRWPgmZBgwaVIQI841JvxqwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFCuhz9dX9R8v63RQnpw5vkaAa+ZCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5Lzc0NTkx
MC04NmM2LTQzZDEtOTc2NS01Nzg5ZGU0MjRhNDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvNzQ1OTEw
LTg2YzYtNDNkMS05NzY1LTU3ODlkZTQyNGE0Mi8xL0s2SFAxMWYxSHlfcmRGQ2Vu
RG0tUm9CcjVrSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHaBggrBgEF
BQcBBwEB/wSByjCBxzCBrgQCAAEwgacDBAU+5yADBAdOh4ADBAZTjUADBAdVhoAw
CwMDBlfAAwQEV8BAMAwDBABXwFEDBANXwFAwDAMEB1fAgAMEBFfAwAMEAlfA2DAL
AwQBV8DeAwMAV8ADBAVX6AADBABX6MAwDAMEAVfowgMEA1fowAMEAFfo4QMEAlfo
5DALAwMCWXwDBAFZfPADBABZfPUwDAMEA1l8+AMEAll/+AMEAVl//gMEArn3NDAU
BAIAAjAOAwUAIAFNaAMFACoBAmgwGQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICY2Ew
DQYJKoZIhvcNAQELBQADggEBAAoq1nbFuKkmppdTaULXPdiZs+w/3UbK1yXDGfia
FKRLgg2rUBC7bhAw4Cd8RMqZGU1wkeg2IA4M3MOc0UkY3ZIHrHXoRyTsFUTkpZmC
cVe5kkx0nenZggY6M9jjRHuQcelMp7Zq4znFWQgwgbvZ+Gsu0gwDKtz7fYYUwMv+
yPgki3FvgUD82z7UzREG0v7FLXNUUZ9Ap4xg4XgEwKI3LibijOO21YTvyq60ONOz
hQO4va2TqodxLkBPki5RxVgVPCC0rArjJDi5xb5Vl0hPOaFWQcQ8JzdimXw/Olyd
UcKfEJl18WkPSt3LTVEW48sGRdNslKvRamlxE1iIRUlyIxY=
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:17:30 2025 by rpki-client