Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
File: QGYnM7yHPRPh-fZujf91yCDV0vc.cer (raw, json)
Hash identifier: KzzrF6uxYvPX5YXbzcOvR6ZRNzNSZ8w6PGJ7Plyiujk=
Subject key identifier: 40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B79100E59D0CC55CCBFD4B3F87BA08434
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 10:17:34 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 56488
IP: 217.28.136.0/24
IP: 2a12:2540::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 01:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:0e:59:d0:cc:55:cc:bf:d4:b3:f8:7b:a0:84:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:17:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:07:07:69:e1:cc:a2:d0:d8:dd:db:f3:95:
af:b8:06:fe:ca:0b:7f:5d:44:ab:5a:3a:c4:12:81:
bf:a0:02:5f:eb:00:1d:c1:2f:24:32:3a:16:ea:2f:
28:2c:af:cd:f5:5c:42:f1:0c:5e:7d:3a:53:84:af:
16:5c:c0:23:2f:d5:8a:8d:31:58:9f:2f:7d:92:02:
8b:d9:a9:f3:8d:c0:af:e1:03:5f:be:5a:05:d5:c6:
70:d4:06:3b:30:59:e4:fe:1d:c2:b1:8c:6e:a4:6d:
eb:37:53:3e:46:c7:07:48:f0:5a:0f:bf:23:a6:9a:
ef:4a:85:ad:f5:8a:74:09:60:75:ad:1c:7e:ec:9f:
6f:57:b3:06:81:cf:b6:6f:f1:f5:21:0e:ea:e9:6b:
8b:f9:27:df:06:c4:b3:ec:3a:44:e0:59:a0:51:3c:
6c:f6:64:62:1e:24:57:fe:9e:ce:aa:70:91:11:6a:
7e:3a:a6:bf:2f:25:31:b9:8d:8d:b8:b0:c6:bf:6c:
ad:98:4a:59:76:65:3f:62:b4:e1:a4:92:0f:4a:b7:
19:27:fb:7a:a3:3a:3a:c5:22:85:b7:f9:db:8e:07:
03:1e:fa:7f:42:33:7e:8d:f4:94:5f:13:82:9c:50:
dd:68:f4:92:d2:83:5d:5d:93:ba:e7:ac:a1:02:46:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.136.0/24
IPv6:
2a12:2540::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56488
Signature Algorithm: sha256WithRSAEncryption
a7:64:38:c4:ab:80:cf:3c:3a:89:c1:39:b8:60:d3:f8:fd:ce:
a0:12:77:6d:f6:31:36:75:b1:70:ee:27:c2:84:79:c3:80:bc:
58:16:72:2e:8b:50:dd:2e:5a:29:72:1e:a6:df:c0:62:e6:0e:
b4:8e:1f:2e:2e:40:67:c2:6a:dc:56:78:b7:f1:f5:8b:12:ae:
0b:e5:a5:da:08:fe:56:99:55:62:c8:f3:b8:06:ed:a0:35:b1:
a8:5e:bd:2d:99:ba:8a:56:de:cf:61:0c:99:ce:e4:34:3d:89:
13:db:c7:a2:29:e4:8b:f2:7a:b2:f1:9c:c1:f7:6a:71:d5:53:
ad:91:99:c3:7b:37:61:89:0e:3e:8c:69:c4:71:cf:e0:5b:8c:
5d:11:7d:5e:08:70:09:02:57:ef:a7:ab:a1:6f:43:f5:80:ad:
d1:99:f0:f5:2e:ff:f5:16:e9:49:8a:36:5c:7e:d9:69:55:66:
a2:72:d1:a9:af:52:e4:cc:42:6f:74:31:d0:d6:01:ba:be:10:
71:fc:a6:0f:e2:40:54:c7:f8:a8:c9:2b:b3:7e:99:53:a1:bc:
21:7a:33:87:6a:fd:d2:c9:9c:8f:e0:60:6c:5e:3a:5c:e9:e6:
a7:52:c5:06:12:be:db:ac:54:1b:43:c1:c5:02:25:02:64:72:
24:5d:15:b1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt5EA5Z0MxVzL/Us/h7oIQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTAxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY2MjczM2JjODczZDEzZTFmOWY2NmU4ZGZmNzVjODIwZDVkMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN8HB2nhzKLQ2N3b85WvuAb+ygt/
XUSrWjrEEoG/oAJf6wAdwS8kMjoW6i8oLK/N9VxC8QxefTpThK8WXMAjL9WKjTFY
ny99kgKL2anzjcCv4QNfvloF1cZw1AY7MFnk/h3CsYxupG3rN1M+RscHSPBaD78j
pprvSoWt9Yp0CWB1rRx+7J9vV7MGgc+2b/H1IQ7q6WuL+SffBsSz7DpE4FmgUTxs
9mRiHiRX/p7OqnCREWp+Oqa/LyUxuY2NuLDGv2ytmEpZdmU/YrThpJIPSrcZJ/t6
ozo6xSKFt/nbjgcDHvp/QjN+jfSUXxOCnFDdaPSS0oNdXZO656yhAkZAPwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEBmJzO8hz0T4fn2bo3/dcgg1dL3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU5L2Q5MTBk
MS05NGM2LTQ0MTItODUwNi05Y2I1MWU1MWZmNzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvZDkxMGQx
LTk0YzYtNDQxMi04NTA2LTljYjUxZTUxZmY3Ny8xL1FHWW5NN3lIUFJQaC1mWnVq
ZjkxeUNEVjB2Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA2RyIMA0EAgACMAcDBQMqEiVAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDcqDANBgkqhkiG9w0BAQsFAAOCAQEAp2Q4xKuAzzw6
icE5uGDT+P3OoBJ3bfYxNnWxcO4nwoR5w4C8WBZyLotQ3S5aKXIept/AYuYOtI4f
Li5AZ8Jq3FZ4t/H1ixKuC+Wl2gj+VplVYsjzuAbtoDWxqF69LZm6ilbez2EMmc7k
ND2JE9vHoinki/J6svGcwfdqcdVTrZGZw3s3YYkOPoxpxHHP4FuMXRF9XghwCQJX
76eroW9D9YCt0Znw9S7/9RbpSYo2XH7ZaVVmonLRqa9S5MxCb3Qx0NYBur4Qcfym
D+JAVMf4qMkrs36ZU6G8IXozh2r90smcj+BgbF46XOnmp1LFBhK+26xUG0PBxQIl
AmRyJF0VsQ==
-----END CERTIFICATE-----
Generated at Fri Mar 6 03:58:47 2026 by rpki-client