Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PmxFIHWfOk74uamifiUzznMsVBE.cer
File: PmxFIHWfOk74uamifiUzznMsVBE.cer (raw, json)
Hash identifier: POqyLAiXJIT/pxDdwuzYG5W6aGDgGrl4ANq5u8jqnvE=
Subject key identifier: 3E:6C:45:20:75:9F:3A:4E:F8:B9:A9:A2:7E:25:33:CE:73:2C:54:11
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7F857602B7B79C938EE66B83343D7B7F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/PmxFIHWfOk74uamifiUzznMsVBE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 16:23:31 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 49688
IP: 195.35.98.0/24
IP: 195.35.102.0/24
IP: 195.35.108.0/24
IP: 195.38.21.0/24
IP: 2a0f:b7c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:85:76:02:b7:b7:9c:93:8e:e6:6b:83:34:3d:7b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 16:23:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3e6c4520759f3a4ef8b9a9a27e2533ce732c5411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3b:7a:33:ca:83:bc:ba:33:c8:a8:ad:dd:f7:
71:fe:54:9d:cb:a4:02:be:93:1e:8b:be:4c:a4:27:
9c:ca:3b:5d:b5:72:08:9e:25:ea:29:98:d5:4c:6a:
d9:f8:83:9c:75:03:55:c8:5c:87:91:a1:a7:56:5b:
96:12:02:7c:cb:3d:1c:0e:a5:53:40:78:d1:a3:a5:
fb:cd:08:b9:5b:76:e5:4b:c9:ca:4a:d0:10:83:b0:
da:b9:32:75:a5:a7:20:a7:46:ff:c7:45:a1:20:68:
1d:49:6f:c9:9e:7d:e5:8b:bd:1d:ae:0b:e3:5a:c5:
22:ea:9f:dc:79:90:c2:41:27:eb:a3:6b:ad:51:b2:
5f:ac:09:9a:f5:4a:6e:72:3f:c7:97:6c:88:45:2b:
ca:cb:8b:9d:83:62:f9:6a:ea:b6:5b:55:3b:ef:53:
80:bb:07:e3:0c:bd:9a:37:07:78:41:0f:de:ed:c0:
2d:0a:43:12:40:2f:6f:1e:53:7e:4e:9f:ca:88:c1:
e0:48:67:1c:98:34:59:5c:63:4e:c3:a5:34:31:37:
77:00:8e:a2:48:ae:62:a9:22:74:79:47:2e:ad:2f:
f4:a8:69:2b:a3:db:90:1e:e3:33:a5:8a:12:40:85:
f4:91:c6:12:d6:85:57:ba:c1:08:1f:d3:8d:fe:97:
52:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6C:45:20:75:9F:3A:4E:F8:B9:A9:A2:7E:25:33:CE:73:2C:54:11
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/PmxFIHWfOk74uamifiUzznMsVBE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.98.0/24
195.35.102.0/24
195.35.108.0/24
195.38.21.0/24
IPv6:
2a0f:b7c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49688
Signature Algorithm: sha256WithRSAEncryption
86:30:4f:a5:93:ab:0d:7f:13:c5:7f:4a:38:64:56:4c:2f:c3:
bc:fe:44:03:27:95:dd:9f:b1:42:af:c2:d0:62:99:ff:9f:eb:
82:b3:8d:3e:3b:58:1a:d1:77:d1:06:6b:c4:c3:9f:ac:9f:61:
4e:c2:83:57:d8:79:10:f0:2a:c7:fc:65:77:b0:73:57:cb:c9:
c2:5f:df:e7:64:a1:10:1b:fc:8b:56:34:07:92:ef:22:d9:30:
eb:03:48:e9:71:0a:49:cf:ed:53:c0:6b:b9:79:4a:22:21:50:
ed:31:00:b9:44:6d:b4:26:f8:3d:cd:33:8e:69:8d:6d:ff:6d:
64:f9:a2:73:ed:55:db:e0:fd:1f:13:bc:30:7f:73:bf:ca:cb:
21:3a:6a:19:7b:2e:47:1c:9f:ed:e2:97:71:c9:70:a3:2d:2b:
9b:71:cc:aa:95:bf:b7:10:38:c1:68:a8:10:e5:a9:a6:d6:ee:
50:93:cf:03:a5:03:28:63:2e:48:fb:8c:a0:77:d0:5f:e8:3e:
5d:a7:63:e2:2c:6e:4a:8c:ed:ea:b8:8b:13:b8:80:43:a1:a0:
03:94:97:62:15:5f:22:6b:7d:4e:c1:c9:f5:58:73:ef:2d:c2:
ce:a8:09:53:38:af:a2:fe:90:d3:89:8a:79:f8:ff:32:11:f5:
0d:2e:36:c4
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZt/hXYCt7eck47ma4M0PXt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTYyMzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZjNDUyMDc1OWYzYTRlZjhiOWE5YTI3ZTI1MzNjZTczMmM1NDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDt6M8qDvLozyKit3fdx/lSdy6QC
vpMei75MpCecyjtdtXIIniXqKZjVTGrZ+IOcdQNVyFyHkaGnVluWEgJ8yz0cDqVT
QHjRo6X7zQi5W3blS8nKStAQg7DauTJ1pacgp0b/x0WhIGgdSW/Jnn3li70drgvj
WsUi6p/ceZDCQSfro2utUbJfrAma9Upucj/Hl2yIRSvKy4udg2L5auq2W1U771OA
uwfjDL2aNwd4QQ/e7cAtCkMSQC9vHlN+Tp/KiMHgSGccmDRZXGNOw6U0MTd3AI6i
SK5iqSJ0eUcurS/0qGkro9uQHuMzpYoSQIX0kcYS1oVXusEIH9ON/pdSDQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFD5sRSB1nzpO+Lmpon4lM85zLFQRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg2LzQ4M2Uz
My1jNzY3LTQ2YjctOGYzYS05YzBhMGUyNzY3YWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYvNDgzZTMz
LWM3NjctNDZiNy04ZjNhLTljMGEwZTI3NjdhYS8xL1BteEZJSFdmT2s3NHVhbWlm
aVV6em5Nc1ZCRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQAwyNiAwQAwyNmAwQAwyNsAwQAwyYVMA0EAgAC
MAcDBQMqD7fAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDCGDANBgkqhkiG9w0B
AQsFAAOCAQEAhjBPpZOrDX8TxX9KOGRWTC/DvP5EAyeV3Z+xQq/C0GKZ/5/rgrON
PjtYGtF30QZrxMOfrJ9hTsKDV9h5EPAqx/xld7BzV8vJwl/f52ShEBv8i1Y0B5Lv
Itkw6wNI6XEKSc/tU8BruXlKIiFQ7TEAuURttCb4Pc0zjmmNbf9tZPmic+1V2+D9
HxO8MH9zv8rLITpqGXsuRxyf7eKXcclwoy0rm3HMqpW/txA4wWioEOWpptbuUJPP
A6UDKGMuSPuMoHfQX+g+Xadj4ixuSozt6riLE7iAQ6GgA5SXYhVfImt9TsHJ9Vhz
7y3CzqgJUzivov6Q04mKefj/MhH1DS42xA==
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:30:20 2026 by rpki-client