Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
File: K6HP11f1Hy_rdFCenDm-RoBr5kI.cer (raw, json)
Hash identifier: ubRkdx0VcFFpfA59zm8XVfTSO7o1W72x67gKo+obIZY=
Subject key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0198A7D8F1DC90AD0F9A1C442E1DF0937805
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 14 Aug 2025 09:11:09 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 25441
IP: 62.231.32.0/19
IP: 78.135.128.0/17
IP: 83.141.64.0/18
IP: 85.134.128.0/17
IP: 87.192.0.0 -- 87.192.79.255
IP: 87.192.81.0 -- 87.192.87.255
IP: 87.192.192.0/20
IP: 87.192.216.0/22
IP: 87.192.222.0/23
IP: 87.232.0.0/19
IP: 87.232.192.0/24
IP: 87.232.194.0 -- 87.232.199.255
IP: 87.232.225.0/24
IP: 87.232.228.0/22
IP: 89.124.0.0/19
IP: 89.124.64.0 -- 89.124.241.255
IP: 89.124.245.0/24
IP: 89.124.248.0/23
IP: 89.124.251.0 -- 89.126.207.255
IP: 89.126.224.0 -- 89.127.251.255
IP: 89.127.254.0/23
IP: 185.247.52.0/22
IP: 2001:4d68::/32
IP: 2a01:268::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:d8:f1:dc:90:ad:0f:9a:1c:44:2e:1d:f0:93:78:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 14 09:11:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:61:ab:69:02:05:84:5c:f5:8f:aa:36:f7:35:
00:ed:dd:2f:28:72:fb:34:3b:3e:2c:47:71:78:12:
cf:08:2d:d9:37:c1:d5:bd:50:2a:14:ed:4d:b5:17:
e1:bc:e6:0d:db:8b:62:df:19:c4:85:43:d9:d0:34:
61:8d:ea:e4:2f:d4:64:f4:b3:3e:98:b6:51:10:08:
44:74:f1:06:1f:bd:f0:de:86:9f:ff:44:f4:10:78:
35:5b:ce:79:de:b4:0b:48:0f:7b:cf:ef:f0:be:64:
98:62:bc:18:7e:6a:1e:f4:6a:ee:96:c4:a4:f3:66:
d7:65:4e:8d:3d:53:8f:bc:9f:41:26:7e:d9:b3:39:
2c:32:e0:f3:5e:d1:0f:7a:34:c2:fe:02:9d:cc:80:
04:1a:5a:5b:b5:12:03:f3:83:c1:e2:44:55:3a:ca:
b5:d0:2d:d5:38:ad:68:d1:8b:bf:09:b5:35:5d:28:
ba:af:e5:79:a9:02:60:03:bf:64:cf:3c:00:00:87:
3e:40:ec:ea:a1:70:9a:6f:c5:71:04:6a:8f:50:55:
be:68:34:45:f4:b8:99:1e:5c:93:ab:0f:d7:9c:06:
8d:84:0e:72:1a:a3:5b:d9:6c:9c:d2:af:85:ed:80:
c1:45:63:e0:99:90:60:c1:a5:48:40:8f:38:d4:9b:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.81.0-87.192.87.255
87.192.192.0/20
87.192.216.0/22
87.192.222.0/23
87.232.0.0/19
87.232.192.0/24
87.232.194.0-87.232.199.255
87.232.225.0/24
87.232.228.0/22
89.124.0.0/19
89.124.64.0-89.124.241.255
89.124.245.0/24
89.124.248.0/23
89.124.251.0-89.126.207.255
89.126.224.0-89.127.251.255
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
2a01:268::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
25441
Signature Algorithm: sha256WithRSAEncryption
13:db:a0:e6:59:d8:0c:b8:38:b0:97:50:27:df:5e:a1:11:81:
b6:98:3a:d3:93:f0:fe:4b:be:b8:7e:76:be:70:06:be:40:a1:
23:d1:03:11:88:f0:f4:0c:ec:88:42:00:a2:04:40:94:fb:bf:
c4:fb:6a:9b:5f:e8:a0:87:a8:84:cc:c7:90:71:c3:46:b9:77:
55:6d:2e:ff:32:6c:b7:8e:01:b5:10:c5:33:43:ad:00:d7:a4:
22:6f:bc:fe:fb:09:d8:74:68:c1:21:18:7e:03:04:84:b1:4f:
10:eb:2d:80:66:9d:4a:b6:9f:db:af:53:9b:6c:80:0b:ae:e1:
37:c4:c4:fc:67:05:d0:16:f1:ad:f4:01:12:d4:9a:04:7f:9a:
fe:38:2a:25:f7:18:15:bc:9b:bc:4a:ce:a0:1f:47:a0:99:3b:
c7:4c:c1:f0:5b:81:22:88:98:53:9d:13:3b:30:73:dc:be:56:
60:14:15:6e:f0:f7:8e:b0:8d:15:cd:19:d6:19:90:b4:06:5f:
4a:40:74:10:25:8d:8b:ec:2f:4d:45:e5:e6:21:e7:42:73:05:
6e:b8:2d:f8:89:5b:16:ec:bf:1f:fc:63:78:11:ab:87:f4:90:
4c:e8:42:2e:85:3a:09:f5:eb:fa:f1:3c:77:58:74:bb:31:2b:
1c:7e:bb:d5
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAZin2PHckK0PmhxELh3wk3gFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODE0MDkxMTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmExY2ZkNzU3ZjUxZjJmZWI3NDUwOWU5YzM5YmU0NjgwNmJlNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWGraQIFhFz1j6o29zUA7d0vKHL7
NDs+LEdxeBLPCC3ZN8HVvVAqFO1NtRfhvOYN24ti3xnEhUPZ0DRhjerkL9Rk9LM+
mLZREAhEdPEGH73w3oaf/0T0EHg1W8553rQLSA97z+/wvmSYYrwYfmoe9GrulsSk
82bXZU6NPVOPvJ9BJn7ZszksMuDzXtEPejTC/gKdzIAEGlpbtRID84PB4kRVOsq1
0C3VOK1o0Yu/CbU1XSi6r+V5qQJgA79kzzwAAIc+QOzqoXCab8VxBGqPUFW+aDRF
9LiZHlyTqw/XnAaNhA5yGqNb2Wyc0q+F7YDBRWPgmZBgwaVIQI841JvxqwIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFCuhz9dX9R8v63RQnpw5vkaAa+ZCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5Lzc0NTkx
MC04NmM2LTQzZDEtOTc2NS01Nzg5ZGU0MjRhNDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvNzQ1OTEw
LTg2YzYtNDNkMS05NzY1LTU3ODlkZTQyNGE0Mi8xL0s2SFAxMWYxSHlfcmRGQ2Vu
RG0tUm9CcjVrSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHmBggrBgEF
BQcBBwEB/wSB1jCB0zCBugQCAAEwgbMDBAU+5yADBAdOh4ADBAZTjUADBAdVhoAw
CwMDBlfAAwQEV8BAMAwDBABXwFEDBANXwFADBARXwMADBAJXwNgDBAFXwN4DBAVX
6AADBABX6MAwDAMEAVfowgMEA1fowAMEAFfo4QMEAlfo5AMEBVl8ADAMAwQGWXxA
AwQBWXzwAwQAWXz1AwQBWXz4MAwDBABZfPsDBARZfsAwDAMEBVl+4AMEAll/+AME
AVl//gMEArn3NDAUBAIAAjAOAwUAIAFNaAMFACoBAmgwGQYIKwYBBQUHAQgBAf8E
CjAIoAYwBAICY2EwDQYJKoZIhvcNAQELBQADggEBABPboOZZ2Ay4OLCXUCffXqER
gbaYOtOT8P5Lvrh+dr5wBr5AoSPRAxGI8PQM7IhCAKIEQJT7v8T7aptf6KCHqITM
x5Bxw0a5d1VtLv8ybLeOAbUQxTNDrQDXpCJvvP77Cdh0aMEhGH4DBISxTxDrLYBm
nUq2n9uvU5tsgAuu4TfExPxnBdAW8a30ARLUmgR/mv44KiX3GBW8m7xKzqAfR6CZ
O8dMwfBbgSKImFOdEzswc9y+VmAUFW7w946wjRXNGdYZkLQGX0pAdBAljYvsL01F
5eYh50JzBW64LfiJWxbsvx/8Y3gRq4f0kEzoQi6FOgn16/rxPHdYdLsxKxx+u9U=
-----END CERTIFICATE-----
Generated at Thu Aug 21 03:55:13 2025 by rpki-client