Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
File: KIVYUqS80b8eyBPzwTsPHzcvOXE.cer (raw, json)
Hash identifier: R/CmeEqtRAtWs9MV1vG/qdpq7MzNra8I4CMHfHck7P8=
Subject key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196F80F2E2D4D5A0EB5C20E5A7BC36BF8F4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 22 May 2025 12:54:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200532
AS: 202958
AS: 205231
AS: 207333
IP: 31.14.27.0/24
IP: 37.140.243.0/24
IP: 46.226.123.0/24
IP: 77.246.247.0/24
IP: 86.107.44.0/23
IP: 86.107.198.0/23
IP: 89.33.41.0/24
IP: 89.35.124.0/23
IP: 89.46.33.0 -- 89.46.34.255
IP: 89.207.248.0/21
IP: 91.243.71.0/24
IP: 92.114.7.0/24
IP: 93.115.14.0/24
IP: 109.235.112.0/21
IP: 185.98.4.0/22
IP: 185.100.64.0/22
IP: 185.111.104.0/22
IP: 185.113.132.0/22
IP: 185.116.192.0/22
IP: 185.121.80.0/22
IP: 185.125.88.0/22
IP: 185.129.48.0/22
IP: 185.249.192.0/22
IP: 188.241.216.0/23
IP: 188.244.115.0/24
IP: 193.201.11.0/24
IP: 194.4.56.0/22
IP: 194.146.40.0/22
IP: 213.109.146.0/24
IP: 2a06:940::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:0f:2e:2d:4d:5a:0e:b5:c2:0e:5a:7b:c3:6b:f8:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 22 12:54:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:07:fb:88:04:5a:d3:e1:f1:d9:43:13:d3:
23:77:41:33:d1:4d:ba:ed:fb:ef:15:1a:10:e3:7f:
c7:63:84:d4:d0:7c:5f:43:47:1d:9a:65:6b:fc:65:
67:30:ff:26:65:0a:1f:24:17:c4:56:20:5c:e0:ff:
cc:8d:3f:0c:d0:bb:9a:e1:27:27:cf:32:ea:7e:e2:
16:a3:38:e1:d8:a2:fa:1d:3e:ac:b5:53:d3:d6:32:
5b:60:0f:86:a7:54:4d:03:1c:75:29:a8:20:5c:2a:
84:bf:dc:9e:16:04:63:c8:26:2d:41:89:4f:f3:46:
62:06:a5:71:dc:10:4a:a0:12:7d:88:d9:1e:79:74:
87:cf:29:0f:40:c0:7c:2d:76:94:25:8d:67:24:2d:
6a:3b:fa:28:2f:30:c3:71:23:b3:ef:ef:a8:3c:63:
c1:0b:61:26:9c:45:a8:bc:77:08:65:5c:52:a0:58:
cf:ef:5c:6b:18:63:17:8f:d6:58:1e:40:71:70:01:
c1:81:dd:0f:fc:db:56:c8:c9:fb:43:66:89:7e:de:
4e:88:d7:c8:e1:62:2a:f2:c1:4b:1d:12:42:59:0a:
b1:23:a3:66:9a:c4:0e:51:3e:77:84:06:2f:ca:00:
55:07:72:2d:97:af:84:69:86:67:b4:09:54:46:02:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.35.124.0/23
89.46.33.0-89.46.34.255
89.207.248.0/21
91.243.71.0/24
92.114.7.0/24
93.115.14.0/24
109.235.112.0/21
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
185.249.192.0/22
188.241.216.0/23
188.244.115.0/24
193.201.11.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:940::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200532
202958
205231
207333
Signature Algorithm: sha256WithRSAEncryption
4b:b8:21:1d:78:e2:ef:e1:cc:9c:d2:12:06:2b:07:27:1b:39:
8f:ea:54:00:d5:1b:87:ac:a1:94:74:67:93:84:e6:f0:dc:5c:
39:62:39:b5:84:4a:89:e9:7d:92:99:c0:ca:bf:da:89:eb:a9:
3c:22:85:d8:af:4a:f6:6a:d6:3c:a4:01:ac:b3:28:df:1e:bd:
9b:a8:db:0c:74:cc:58:a6:41:3a:3b:7f:ac:02:0e:ad:6a:c0:
49:1c:0b:86:4c:0c:7f:da:03:7e:2e:f5:b2:55:82:03:98:b3:
e7:50:01:a8:ad:35:e8:18:1e:ec:ed:00:02:74:c6:6f:f9:c5:
3a:cf:47:ee:b5:cc:e4:d0:d5:a7:82:71:b9:d2:51:5f:17:14:
06:f4:26:4d:08:2e:c5:e7:6e:e7:37:5f:1e:2c:90:b7:e8:54:
c0:bb:c8:a4:48:5a:5a:59:4e:7a:ee:6c:ed:a4:72:dd:64:33:
fb:46:f4:95:9d:b6:97:00:91:55:97:59:7a:64:79:f3:75:aa:
56:29:93:6b:20:f5:a3:ff:fb:76:61:63:d3:2c:3b:de:1e:b3:
ef:c7:97:71:8b:1c:84:64:24:a5:c2:bd:b5:77:65:eb:2c:7c:
5b:30:56:1f:42:61:38:ef:31:e5:28:6c:52:05:89:10:82:91:
4d:56:59:ed
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAZb4Dy4tTVoOtcIOWnvDa/j0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTIyMTI1NDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NAH+4gEWtPh8dlDE9Mjd0Ez0U26
7fvvFRoQ43/HY4TU0HxfQ0cdmmVr/GVnMP8mZQofJBfEViBc4P/MjT8M0Lua4Scn
zzLqfuIWozjh2KL6HT6stVPT1jJbYA+Gp1RNAxx1KaggXCqEv9yeFgRjyCYtQYlP
80ZiBqVx3BBKoBJ9iNkeeXSHzykPQMB8LXaUJY1nJC1qO/ooLzDDcSOz7++oPGPB
C2EmnEWovHcIZVxSoFjP71xrGGMXj9ZYHkBxcAHBgd0P/NtWyMn7Q2aJft5OiNfI
4WIq8sFLHRJCWQqxI6NmmsQOUT53hAYvygBVB3Itl6+EaYZntAlURgJPgQIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFCiFWFKkvNG/HsgT88E7Dx83LzlxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzBlMzZm
Yy1iYTBiLTRjZTYtYWY2YS03MDQ0NjNlYmFkMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMGUzNmZj
LWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4ZXlCUHp3
VHNQSHpjdk9YRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHiBggrBgEF
BQcBBwEB/wSB0jCBzzCBvQQCAAEwgbYDBAAfDhsDBAAljPMDBAAu4nsDBABN9vcD
BAFWaywDBAFWa8YDBABZISkDBAFZI3wwDAMEAFkuIQMEAFkuIgMEA1nP+AMEAFvz
RwMEAFxyBwMEAF1zDgMEA23rcAMEArliBAMEArlkQAMEArlvaAMEArlxhAMEArl0
wAMEArl5UAMEArl9WAMEArmBMAMEArn5wAMEAbzx2AMEALz0cwMEAMHJCwMEAsIE
OAMEAsKSKAMEANVtkjANBAIAAjAHAwUDKgYJQDApBggrBgEFBQcBCAEB/wQaMBig
FjAUAgMDD1QCAwMYzgIDAyGvAgMDKeUwDQYJKoZIhvcNAQELBQADggEBAEu4IR14
4u/hzJzSEgYrBycbOY/qVADVG4esoZR0Z5OE5vDcXDliObWESonpfZKZwMq/2onr
qTwihdivSvZq1jykAayzKN8evZuo2wx0zFimQTo7f6wCDq1qwEkcC4ZMDH/aA34u
9bJVggOYs+dQAaitNegYHuztAAJ0xm/5xTrPR+61zOTQ1aeCcbnSUV8XFAb0Jk0I
LsXnbuc3Xx4skLfoVMC7yKRIWlpZTnrubO2kct1kM/tG9JWdtpcAkVWXWXpkefN1
qlYpk2sg9aP/+3ZhY9MsO94es+/Hl3GLHIRkJKXCvbV3ZessfFswVh9CYTjvMeUo
bFIFiRCCkU1WWe0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:46:20 2025 by rpki-client