Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
File: P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer (raw, json)
Hash identifier: eEzfp56X2dmJMzXGwQQmu5ik7qr+E7Sdw1FjVEDFaSE=
Subject key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A05C5089DB9B66504E2FCF0DF62B82385
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Tue 21 Oct 2025 07:56:30 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8820
IP: 46.236.192.0/18
IP: 78.41.48.0/22
IP: 81.92.0.0/20
IP: 82.139.192.0/18
IP: 195.8.224.0/19
IP: 212.17.224.0/19
IP: 212.60.128.0/19
IP: 213.240.128.0/18
IP: 2a01:170::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:c5:08:9d:b9:b6:65:04:e2:fc:f0:df:62:b8:23:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 21 07:56:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:45:9f:69:09:1c:00:c0:24:98:93:07:ad:a9:
67:9b:0a:fa:cf:02:e2:4f:c4:84:45:06:22:b5:c8:
1c:6b:24:a7:c5:5a:7a:ba:e5:2f:96:2c:ca:5f:5e:
de:a4:3f:68:b8:92:92:5b:f1:97:d7:4e:84:7c:b7:
55:f5:06:21:d3:58:66:40:48:51:4f:14:00:4d:25:
b5:d3:6e:80:d8:25:eb:6a:95:02:61:96:65:ad:7d:
ab:c3:e7:fb:f0:ce:3b:12:95:70:bc:11:c8:59:fe:
41:69:6c:4d:01:80:6d:20:3d:cc:7e:9b:c1:e2:60:
d7:f0:a9:d7:d4:0f:a5:95:ac:1e:52:cc:f0:76:0b:
fd:e7:19:5c:dd:7c:31:48:2a:76:01:94:0f:69:0e:
62:c6:a2:d7:d2:49:5b:f6:7f:a8:b1:15:3e:8e:dd:
5e:00:75:d9:5d:f4:91:89:c9:4f:2d:da:c7:42:30:
4a:98:9f:17:d4:8f:1f:55:2c:9f:9e:d4:49:71:11:
77:e8:c3:d7:1d:68:7f:97:d1:37:5a:17:51:bd:03:
ed:bd:fa:f5:a7:3e:3e:cc:09:11:dc:a5:57:be:af:
4d:83:60:82:b0:6b:0d:2e:ce:4f:e9:db:05:41:4a:
03:54:38:e9:1e:61:6c:b8:af:0f:b7:4e:a4:44:51:
f1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/18
78.41.48.0/22
81.92.0.0/20
82.139.192.0/18
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8820
Signature Algorithm: sha256WithRSAEncryption
92:e7:d9:18:49:6c:09:5d:9a:8b:8d:9c:8f:72:86:a5:0f:24:
df:d5:99:56:16:31:b3:63:5b:ce:9e:75:14:95:a3:20:38:60:
be:3e:ee:0b:ed:7f:b0:7c:66:ac:4d:98:4a:7a:77:f7:a6:cb:
3c:d6:95:77:f4:93:f6:b3:e3:3e:37:67:69:27:16:b1:ff:83:
a1:e2:ec:18:a4:7f:c3:9d:4a:17:29:17:ed:35:16:23:6c:ea:
4a:d8:e9:6b:69:80:0c:dc:01:0b:ab:f2:4d:7d:76:ea:0d:78:
b1:78:48:2f:38:3b:d8:55:9b:01:04:a8:9d:7d:55:6d:b2:b3:
41:3b:7c:32:c3:2f:b6:30:76:89:dd:bf:09:c9:48:d6:cc:7f:
b5:bb:3f:f3:6d:24:15:7d:3f:36:c5:e4:63:da:78:62:e4:2c:
2b:18:53:3d:5c:58:d6:08:ca:a4:c3:ba:92:47:74:c1:dd:98:
26:51:ea:8e:b4:69:f1:0f:aa:0c:cb:78:4d:8e:41:81:cf:7e:
a9:54:ab:d5:b6:db:08:eb:99:3a:89:41:f0:c6:a0:bb:fb:3e:
22:ea:84:9d:c5:80:13:24:5f:ac:8c:8e:25:be:4f:ea:0a:66:
de:53:89:54:ac:e7:89:7c:30:35:c1:16:f5:f9:46:87:f5:e9:
7e:66:05:79
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZoFxQidubZlBOL88N9iuCOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMDIxMDc1NjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmVjY2IxN2JlNTFlZTU5ZWM3NGQ2NGVlZDkxN2UyMjFlZTI4YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUWfaQkcAMAkmJMHralnmwr6zwLi
T8SERQYitcgcaySnxVp6uuUvlizKX17epD9ouJKSW/GX106EfLdV9QYh01hmQEhR
TxQATSW1026A2CXrapUCYZZlrX2rw+f78M47EpVwvBHIWf5BaWxNAYBtID3MfpvB
4mDX8KnX1A+llaweUszwdgv95xlc3XwxSCp2AZQPaQ5ixqLX0klb9n+osRU+jt1e
AHXZXfSRiclPLdrHQjBKmJ8X1I8fVSyfntRJcRF36MPXHWh/l9E3WhdRvQPtvfr1
pz4+zAkR3KVXvq9Ng2CCsGsNLs5P6dsFQUoDVDjpHmFsuK8Pt06kRFHxtwIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFD/syxe+Ue5Z7HTWTu2RfiIe4oobMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3
NTU1LTlhYTQtNDk4My05MzE2LTczODA5ZGQzNTRiYy8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJk
Yjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvM0ZFQ0NCMTdCRTUx
RUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAME
Bi7swAMEAk4pMAMEBFFcAAMEBlKLwAMEBcMI4AMEBdQR4AMEBdQ8gAMEBtXwgDAN
BAIAAjAHAwUDKgEBcDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgIidDANBgkqhkiG
9w0BAQsFAAOCAQEAkufZGElsCV2ai42cj3KGpQ8k39WZVhYxs2Nbzp51FJWjIDhg
vj7uC+1/sHxmrE2YSnp396bLPNaVd/ST9rPjPjdnaScWsf+DoeLsGKR/w51KFykX
7TUWI2zqStjpa2mADNwBC6vyTX126g14sXhILzg72FWbAQSonX1VbbKzQTt8MsMv
tjB2id2/CclI1sx/tbs/820kFX0/NsXkY9p4YuQsKxhTPVxY1gjKpMO6kkd0wd2Y
JlHqjrRp8Q+qDMt4TY5Bgc9+qVSr1bbbCOuZOolB8Magu/s+IuqEncWAEyRfrIyO
Jb5P6gpm3lOJVKzniXwwNcEW9flGh/XpfmYFeQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 22:36:16 2025 by rpki-client