Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer
File: VzBZUuVZXOl-QzVLLv3cewc72ck.cer (raw, json)
Hash identifier: Dkghy7M+00Ln+LiHvipteNAmpqfaCYuMkEdBZ1HPx+k=
Subject key identifier: 57:30:59:52:E5:59:5C:E9:7E:43:35:4B:2E:FD:DC:7B:07:3B:D9:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A06BCC4D952AE9000392A74EB1E012848
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 21 Oct 2025 12:27:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 56500
IP: 188.65.224.0/21
IP: 2a00:1848::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:bc:c4:d9:52:ae:90:00:39:2a:74:eb:1e:01:28:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 21 12:27:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57305952e5595ce97e43354b2efddc7b073bd9c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:55:a3:d7:5b:eb:c1:1b:d1:19:ea:91:37:
59:5d:84:24:15:e9:8f:e4:e1:ac:6d:46:3c:ca:ed:
14:fc:dd:99:0b:f2:8d:02:70:91:1c:32:b3:d4:95:
ed:c8:46:d4:69:5b:21:67:d8:2d:ba:b3:9a:b5:b1:
53:1e:f3:12:6d:4e:c1:10:29:ef:90:45:64:a7:89:
b5:28:bb:c1:8c:93:71:3f:9b:45:ab:5e:1c:c4:b8:
7a:e7:4b:ea:ec:89:85:d0:ee:fd:51:89:61:4a:7c:
ca:09:bc:43:02:49:a9:c0:35:2f:14:de:70:3c:31:
ba:33:fa:3a:f0:16:dd:e8:46:bc:b0:08:b8:94:2f:
4f:14:6a:ff:59:8e:e1:2e:32:04:2b:c3:84:a0:e7:
f1:a5:1d:52:69:c2:ea:5e:92:01:e2:e4:4f:92:62:
fb:40:73:b9:20:42:bc:02:30:f0:1f:fd:67:ae:8f:
96:f9:fd:f3:d8:9f:2d:3f:43:3e:20:6b:3e:a0:4a:
62:5d:a6:be:a2:8a:cb:8d:dc:59:c1:9b:48:5b:71:
a4:f4:fc:89:ea:9a:7a:22:4c:6f:0b:9f:d9:73:c4:
e4:ae:ec:16:84:fd:9b:ba:ce:e1:b2:df:61:fd:16:
79:ed:a2:48:d2:8b:ee:92:e6:3e:d1:aa:7d:46:58:
07:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:30:59:52:E5:59:5C:E9:7E:43:35:4B:2E:FD:DC:7B:07:3B:D9:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.65.224.0/21
IPv6:
2a00:1848::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56500
Signature Algorithm: sha256WithRSAEncryption
15:e6:34:d5:80:46:6a:cd:d8:f1:6d:fd:d0:da:d1:74:3c:dc:
2e:46:d1:6b:be:a2:44:70:bd:d6:82:fc:c7:e9:cc:87:18:ce:
a4:d6:2c:e8:00:30:f3:92:e9:91:af:c1:02:fd:ab:dd:ce:1b:
5c:19:a9:51:c3:75:2d:f4:8d:74:20:b0:1b:0e:77:92:95:82:
ec:11:d6:e1:70:6f:e4:86:40:76:36:f2:a6:3f:bf:1f:17:8c:
f6:b5:b0:71:0b:15:43:36:2c:c3:f5:57:bd:6d:e5:8f:5d:80:
74:a5:e8:b8:d0:a8:1f:d9:68:15:a4:43:bf:b7:ba:b6:86:3d:
4b:d3:bc:dd:bf:86:c2:66:22:f6:42:87:8e:ae:1c:0d:c2:27:
11:61:b9:e7:ca:f4:82:b8:9e:f0:22:12:71:1d:aa:17:50:b8:
f0:ef:bd:30:a2:2a:6c:c5:c4:64:1f:f2:2e:77:10:60:0a:1c:
09:65:c4:4e:2a:08:74:37:76:cf:3e:61:b5:7c:01:27:53:37:
b3:3b:bf:e7:d1:5e:40:c3:58:ea:24:30:65:fe:36:da:40:bc:
2d:c6:38:24:df:40:87:2a:47:90:ff:07:84:5e:e5:15:a2:af:
71:b4:f9:f9:51:54:79:e3:b6:37:d8:4e:62:a7:0d:8c:39:72:
63:d0:b4:4a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZoGvMTZUq6QADkqdOseAShIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMDIxMTIyNzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMwNTk1MmU1NTk1Y2U5N2U0MzM1NGIyZWZkZGM3YjA3M2JkOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwBVo9db68Eb0RnqkTdZXYQkFemP
5OGsbUY8yu0U/N2ZC/KNAnCRHDKz1JXtyEbUaVshZ9gturOatbFTHvMSbU7BECnv
kEVkp4m1KLvBjJNxP5tFq14cxLh650vq7ImF0O79UYlhSnzKCbxDAkmpwDUvFN5w
PDG6M/o68Bbd6Ea8sAi4lC9PFGr/WY7hLjIEK8OEoOfxpR1SacLqXpIB4uRPkmL7
QHO5IEK8AjDwH/1nro+W+f3z2J8tP0M+IGs+oEpiXaa+oorLjdxZwZtIW3Gk9PyJ
6pp6IkxvC5/Zc8TkruwWhP2bus7hst9h/RZ57aJI0ovukuY+0ap9RlgHAwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFcwWVLlWVzpfkM1Sy793HsHO9nJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I0L2I5NDVj
MC00ZTI5LTRhMTUtYmRmNi0yZjNiZTA2Mjg1OGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQvYjk0NWMw
LTRlMjktNGExNS1iZGY2LTJmM2JlMDYyODU4ZC8xL1Z6QlpVdVZaWE9sLVF6VkxM
djNjZXdjNzJjay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDvEHgMA0EAgACMAcDBQAqABhIMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDctDANBgkqhkiG9w0BAQsFAAOCAQEAFeY01YBGas3Y
8W390NrRdDzcLkbRa76iRHC91oL8x+nMhxjOpNYs6AAw85Lpka/BAv2r3c4bXBmp
UcN1LfSNdCCwGw53kpWC7BHW4XBv5IZAdjbypj+/HxeM9rWwcQsVQzYsw/VXvW3l
j12AdKXouNCoH9loFaRDv7e6toY9S9O83b+GwmYi9kKHjq4cDcInEWG558r0grie
8CIScR2qF1C48O+9MKIqbMXEZB/yLncQYAocCWXETioIdDd2zz5htXwBJ1M3szu/
59FeQMNY6iQwZf422kC8LcY4JN9AhypHkP8HhF7lFaKvcbT5+VFUeeO2N9hOYqcN
jDlyY9C0Sg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:19:51 2025 by rpki-client