Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
File: PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer (raw, json)
Hash identifier: Q+f/s4Tf7M8hbq2nyL9/Blw9i7HXYVYw4lhhyvYuJCY=
Subject key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D6CCDDC536FFA54F5BB6D3D42E596284C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 08 Apr 2026 11:15:23 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 8201
AS: 8368
AS: 28707
AS: 29462
AS: 39721
AS: 43324
AS: 48517
AS: 50675
AS: 50998
AS: 199998
IP: 46.243.24.0/21
IP: 62.213.192.0/18
IP: 78.40.96.0/21
IP: 78.41.64.0/21
IP: 78.110.192.0/20
IP: 82.146.96.0/19
IP: 85.158.208.0/21
IP: 87.237.8.0/21
IP: 88.82.32.0/19
IP: 89.35.16.0/21
IP: 89.250.176.0/20
IP: 91.197.108.0/22
IP: 94.140.160.0/19
IP: 94.158.248.0/22
IP: 95.171.160.0/19
IP: 176.97.202.0/24
IP: 178.132.8.0/21
IP: 178.248.160.0/21
IP: 185.39.124.0/22
IP: 185.47.0.0/22
IP: 185.48.100.0/22
IP: 185.72.168.0/22
IP: 185.78.180.0/22
IP: 185.81.69.0/24
IP: 185.81.224.0/22
IP: 185.90.184.0/22
IP: 185.107.208.0/22
IP: 185.154.140.0/22
IP: 185.174.64.0/22
IP: 185.175.180.0/22
IP: 185.214.4.0/22
IP: 185.224.236.0/22
IP: 188.64.72.0/21
IP: 188.118.0.0/18
IP: 193.200.135.0/24
IP: 195.110.54.0/23
IP: 195.144.64.0/19
IP: 195.200.24.0/23
IP: 195.225.100.0/22
IP: 213.193.200.0/21
IP: 213.193.224.0/21
IP: 213.193.248.0/23
IP: 2001:4158::/29
IP: 2001:4c40::/32
IP: 2a00:c78::/32
IP: 2a00:1ad8::/32
IP: 2a00:1fb8::/32
IP: 2a01:43a0::/32
IP: 2a01:8c20::/32
IP: 2a03:2200::/32
IP: 2a05:3d00::/29
IP: 2a05:6a80::/29
IP: 2a07:8bc0::/29
IP: 2a0b:8b00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:cd:dc:53:6f:fa:54:f5:bb:6d:3d:42:e5:96:28:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 8 11:15:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:41:83:49:ef:8d:6f:e4:92:93:61:6e:84:c8:
48:a4:dd:21:f2:a6:2f:26:52:9e:ce:8b:c9:83:df:
00:72:54:79:4e:6a:7b:85:e6:9f:b5:c5:b9:27:64:
37:1c:70:12:15:1b:ac:de:cd:4e:fe:3f:72:e3:41:
61:4a:74:f3:70:f8:78:f1:f4:a5:ea:37:33:3c:f7:
4d:73:f5:01:fb:60:50:30:89:2e:b6:59:32:e6:d5:
b8:33:a9:39:69:08:70:41:fb:11:63:d5:8e:77:36:
48:22:36:39:4d:f4:b7:95:b2:df:e5:2f:25:93:0d:
3a:ea:d1:48:f3:34:7c:b8:dc:88:3f:3e:75:fc:b3:
f5:11:47:ea:17:f1:8f:8f:94:24:55:4f:c3:ca:1b:
72:b8:2f:06:c4:8d:74:b8:3d:50:85:99:92:b7:52:
d9:06:c4:bc:18:e8:3f:3a:40:53:34:84:96:29:ef:
06:85:59:e3:f6:42:61:af:7a:0e:4c:15:1d:03:1a:
b2:9a:80:7e:4f:96:46:57:da:91:c5:6e:7d:62:9a:
d2:7b:c2:39:ac:e1:c7:83:41:30:c1:39:20:3c:2f:
3a:d7:88:ca:1e:5a:8e:b5:fb:cd:f3:66:bb:2a:15:
fe:00:d0:cf:02:01:b0:96:88:89:b5:44:a3:37:b5:
0c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
62.213.192.0/18
78.40.96.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/22
95.171.160.0/19
176.97.202.0/24
178.132.8.0/21
178.248.160.0/21
185.39.124.0/22
185.47.0.0/22
185.48.100.0/22
185.72.168.0/22
185.78.180.0/22
185.81.69.0/24
185.81.224.0/22
185.90.184.0/22
185.107.208.0/22
185.154.140.0/22
185.174.64.0/22
185.175.180.0/22
185.214.4.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
193.200.135.0/24
195.110.54.0/23
195.144.64.0/19
195.200.24.0/23
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:c78::/32
2a00:1ad8::/32
2a00:1fb8::/32
2a01:43a0::/32
2a01:8c20::/32
2a03:2200::/32
2a05:3d00::/29
2a05:6a80::/29
2a07:8bc0::/29
2a0b:8b00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8201
8368
28707
29462
39721
43324
48517
50675
50998
199998
Signature Algorithm: sha256WithRSAEncryption
98:d4:78:fc:2b:94:ab:9f:5e:8e:d4:eb:b1:a7:5d:a3:32:90:
64:3f:4b:0c:9e:a8:95:b4:d2:25:51:b1:c7:c5:49:38:52:2e:
41:e1:f4:3a:ea:d5:ce:9b:d9:f2:35:da:c3:3a:10:f6:9b:3a:
ac:7c:ca:ef:0c:54:c3:f6:da:ca:20:43:db:88:43:5b:9c:bb:
50:fc:31:18:5c:b9:67:21:03:69:fd:06:69:ca:f1:fc:38:67:
7a:16:3f:71:be:be:ec:15:23:73:9a:b8:7e:b8:a8:67:8a:4c:
aa:62:1e:88:7d:b7:01:c7:b8:08:85:45:18:e6:f1:06:bd:4e:
3a:c7:55:a9:34:7c:3b:f0:ba:d2:74:ba:03:e4:4a:c3:9d:5e:
ee:1f:6e:c2:aa:3f:66:dc:be:a0:f5:9c:b1:2c:bc:f8:42:29:
c7:9d:37:70:1f:20:88:24:3e:e4:36:a1:c9:4e:00:7e:f7:5f:
e5:fd:7f:bb:7b:65:73:f9:72:61:ec:bd:93:bc:c3:cf:a6:4f:
25:9f:c2:7b:ee:28:5d:e2:6a:ac:3e:f9:42:bf:8b:6e:da:19:
a8:1f:27:bf:5e:6a:6d:23:67:eb:03:67:ce:1e:1e:16:e4:54:
a7:c4:3a:f3:95:9e:3e:db:3f:b1:c1:4d:b5:50:45:62:a7:0c:
3e:b4:81:dc
-----BEGIN CERTIFICATE-----
MIIHGDCCBgCgAwIBAgISAZ1szdxTb/pU9bttPULllihMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDA4MTExNTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNTUzZTA1ZjAzMTliZjQ1MmZhMjA2YzE0Y2NkYTg3MzA0NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0GDSe+Nb+SSk2FuhMhIpN0h8qYv
JlKezovJg98AclR5Tmp7heaftcW5J2Q3HHASFRus3s1O/j9y40FhSnTzcPh48fSl
6jczPPdNc/UB+2BQMIkutlky5tW4M6k5aQhwQfsRY9WOdzZIIjY5TfS3lbLf5S8l
kw066tFI8zR8uNyIPz51/LP1EUfqF/GPj5QkVU/DyhtyuC8GxI10uD1QhZmSt1LZ
BsS8GOg/OkBTNISWKe8GhVnj9kJhr3oOTBUdAxqymoB+T5ZGV9qRxW59YprSe8I5
rOHHg0EwwTkgPC8614jKHlqOtfvN82a7KhX+ANDPAgGwloiJtUSjN7UMSQIDAQAB
o4IEJDCCBCAwHQYDVR0OBBYEFD2KVT4F8DGb9FL6IGwUzNqHMEZUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzUyY2U1
NC1lNDljLTQxMWMtODUyNy0wZmI0ODIzZjViODcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvNTJjZTU0
LWU0OWMtNDExYy04NTI3LTBmYjQ4MjNmNWI4Ny8xL1BZcFZQZ1h3TVp2MFV2b2di
QlRNMm9jd1JsUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBeAYIKwYB
BQUHAQcBAf8EggFnMIIBYzCCAQMEAgABMIH8AwQDLvMYAwQGPtXAAwQDTihgAwQD
TilAAwQETm7AAwQFUpJgAwQDVZ7QAwQDV+0IAwQFWFIgAwQDWSMQAwQEWfqwAwQC
W8VsAwQFXoygAwQCXp74AwQFX6ugAwQAsGHKAwQDsoQIAwQDsvigAwQCuSd8AwQC
uS8AAwQCuTBkAwQCuUioAwQCuU60AwQAuVFFAwQCuVHgAwQCuVq4AwQCuWvQAwQC
uZqMAwQCua5AAwQCua+0AwQCudYEAwQCueDsAwQDvEBIAwQGvHYAAwQAwciHAwQB
w242AwQFw5BAAwQBw8gYAwQCw+FkAwQD1cHIAwQD1cHgAwQB1cH4MFoEAgACMFQD
BQMgAUFYAwUAIAFMQAMFACoADHgDBQAqABrYAwUAKgAfuAMFACoBQ6ADBQAqAYwg
AwUAKgMiAAMFAyoFPQADBQMqBWqAAwUDKgeLwAMFAyoLiwAwQwYIKwYBBQUHAQgB
Af8ENDAyoDAwLgICIAkCAiCwAgJwIwICcxYCAwCbKQIDAKk8AgMAvYUCAwDF8wID
AMc2AgMDDT4wDQYJKoZIhvcNAQELBQADggEBAJjUePwrlKufXo7U67GnXaMykGQ/
SwyeqJW00iVRscfFSThSLkHh9Drq1c6b2fI12sM6EPabOqx8yu8MVMP22sogQ9uI
Q1ucu1D8MRhcuWchA2n9BmnK8fw4Z3oWP3G+vuwVI3OauH64qGeKTKpiHoh9twHH
uAiFRRjm8Qa9TjrHVak0fDvwutJ0ugPkSsOdXu4fbsKqP2bcvqD1nLEsvPhCKced
N3AfIIgkPuQ2oclOAH73X+X9f7t7ZXP5cmHsvZO8w8+mTyWfwnvuKF3iaqw++UK/
i27aGagfJ79eam0jZ+sDZ84eHhbkVKfEOvOVnj7bP7HBTbVQRWKnDD60gdw=
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:06:56 2026 by rpki-client