Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
File: W1JjSi6wP4VlteM9wrn0kEH3z7A.cer (raw, json)
Hash identifier: dBiOsoo1Z404RtKRrq9YUEUyo0jZl4cgVXC5ql1PFzQ=
Subject key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D85E8FC348D071CA7A59F53EE5D5E5854
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 13 Apr 2026 08:15:31 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 34636
AS: 41689
AS: 43754
AS: 51433
AS: 57391
AS: 203000
AS: 211421
IP: 5.134.192.0/21
IP: 31.7.64.0/20
IP: 31.25.128.0/21
IP: 37.156.8.0/21
IP: 37.156.144.0/22
IP: 46.143.0.0/17
IP: 46.245.64.0/18
IP: 77.238.104.0/21
IP: 77.238.120.0/22
IP: 78.110.112.0/21
IP: 78.110.124.0/22
IP: 79.127.0.0/17
IP: 85.198.8.0 -- 85.198.23.255
IP: 85.198.28.0/22
IP: 86.57.0.0/17
IP: 88.135.40.0/21
IP: 89.41.40.0/22
IP: 89.235.96.0/22
IP: 93.115.144.0/21
IP: 93.118.180.0/22
IP: 109.122.224.0/20
IP: 128.65.176.0/20
IP: 176.65.240.0/22
IP: 176.65.252.0/22
IP: 178.22.120.0/21
IP: 178.216.248.0/22
IP: 185.49.84.0/22
IP: 185.67.100.0/22
IP: 185.79.96.0/22
IP: 185.98.112.0/22
IP: 185.99.212.0/22
IP: 185.109.244.0 -- 185.109.251.255
IP: 185.112.32.0/21
IP: 185.120.220.0/22
IP: 185.120.248.0/22
IP: 185.129.116.0/22
IP: 185.132.80.0/22
IP: 185.141.168.0/22
IP: 185.141.212.0/22
IP: 185.147.160.0/22
IP: 185.189.120.0/22
IP: 185.233.12.0/22
IP: 185.237.8.0/22
IP: 188.0.240.0/23
IP: 193.151.128.0/19
IP: 212.33.192.0/20
IP: 2a04:f080::/29
IP: 2a05:1a00::/26
IP: 2a05:4c80::/29
IP: 2a06:5480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:85:e8:fc:34:8d:07:1c:a7:a5:9f:53:ee:5d:5e:58:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 13 08:15:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:20:85:7c:47:b0:ba:5c:de:5d:05:8a:c5:0a:
ca:6f:f3:85:d2:da:b9:d1:31:d4:e3:44:64:e7:2d:
77:17:61:c1:59:49:72:2e:16:79:89:58:8f:9e:73:
13:49:b0:34:53:0c:f4:bc:52:fd:f1:6b:3b:99:f2:
b2:1e:87:95:38:5a:ab:06:8f:a7:37:36:07:d9:2f:
50:3b:e7:a8:4c:7c:ab:26:30:fe:be:98:60:a8:9b:
b2:39:ad:2a:b2:ad:f8:b4:5e:1e:4a:8f:b6:e0:a1:
ea:19:a7:7a:8f:81:66:63:63:29:8a:79:a1:45:e5:
51:e5:a2:50:e0:a9:06:91:b3:a7:c7:9e:98:e8:e7:
da:5b:6f:e4:3f:9f:8f:ab:d2:4a:b1:ba:8b:1c:6c:
61:f4:d9:72:e3:bd:a1:63:07:32:90:08:dd:fc:dd:
27:98:b1:48:1a:ab:8f:79:e1:48:12:e0:69:71:f2:
7a:e1:ab:b0:f9:1f:99:df:5e:19:6c:1f:29:58:e0:
e2:77:60:2e:39:fa:2a:c8:e0:ec:89:80:1b:51:5e:
01:28:7c:4f:6c:b4:c1:79:30:44:0d:c3:6b:79:3c:
be:47:f6:f7:7e:a4:24:69:d8:9e:f5:ea:d4:05:3c:
3c:3d:32:43:27:50:93:52:72:16:57:f0:19:53:c1:
1d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.192.0/21
31.7.64.0/20
31.25.128.0/21
37.156.8.0/21
37.156.144.0/22
46.143.0.0/17
46.245.64.0/18
77.238.104.0/21
77.238.120.0/22
78.110.112.0/21
78.110.124.0/22
79.127.0.0/17
85.198.8.0-85.198.23.255
85.198.28.0/22
86.57.0.0/17
88.135.40.0/21
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
109.122.224.0/20
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
178.216.248.0/22
185.49.84.0/22
185.67.100.0/22
185.79.96.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.129.116.0/22
185.132.80.0/22
185.141.168.0/22
185.141.212.0/22
185.147.160.0/22
185.189.120.0/22
185.233.12.0/22
185.237.8.0/22
188.0.240.0/23
193.151.128.0/19
212.33.192.0/20
IPv6:
2a04:f080::/29
2a05:1a00::/26
2a05:4c80::/29
2a06:5480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34636
41689
43754
51433
57391
203000
211421
Signature Algorithm: sha256WithRSAEncryption
82:70:6f:ed:4e:06:eb:67:bd:31:7e:19:3f:5a:e4:2b:9b:23:
af:1e:01:96:4f:e9:70:89:42:18:dd:61:d3:aa:d7:d4:70:f1:
07:54:5b:a3:16:cb:39:ac:b7:96:3d:bb:bc:c5:a5:57:11:d5:
63:2b:28:63:8d:71:6a:d4:e5:33:7e:b8:53:01:86:a8:55:78:
ff:7c:ab:2f:50:f0:4e:4c:32:f5:63:69:8a:88:d5:98:2b:42:
6a:49:f2:1d:3d:0b:a2:d8:dc:09:ae:03:0f:25:27:f3:d6:e8:
ed:28:ac:a7:87:ea:8e:0c:50:6b:c1:6d:64:b6:74:ab:42:48:
4a:fc:cd:8a:ed:b2:b7:9d:33:80:b8:17:50:27:84:b8:6f:fc:
ea:f7:b7:8f:fa:87:f7:95:d6:cf:0d:3f:69:a7:3f:85:a1:e6:
a4:cc:54:b8:37:c2:40:e8:96:50:cd:90:03:3f:7b:4f:62:1e:
4b:e1:91:bf:53:d5:07:f7:ce:05:35:77:95:0b:cb:0d:f5:47:
b3:ac:28:76:bb:03:1f:ae:04:e9:25:51:96:bd:b1:95:14:d9:
21:ad:55:ae:34:c6:47:a6:f9:1e:4f:e4:2a:64:21:e9:00:72:
2f:84:da:04:f6:13:63:6b:53:29:e3:cd:b4:8c:68:c6:f1:18:
bf:f3:e5:c9
-----BEGIN CERTIFICATE-----
MIIG/jCCBeagAwIBAgISAZ2F6Pw0jQccp6WfU+5dXlhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDEzMDgxNTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iCFfEewulzeXQWKxQrKb/OF0tq5
0THU40Rk5y13F2HBWUlyLhZ5iViPnnMTSbA0Uwz0vFL98Ws7mfKyHoeVOFqrBo+n
NzYH2S9QO+eoTHyrJjD+vphgqJuyOa0qsq34tF4eSo+24KHqGad6j4FmY2Mpinmh
ReVR5aJQ4KkGkbOnx56Y6OfaW2/kP5+Pq9JKsbqLHGxh9Nly472hYwcykAjd/N0n
mLFIGquPeeFIEuBpcfJ64auw+R+Z314ZbB8pWODid2AuOfoqyODsiYAbUV4BKHxP
bLTBeTBEDcNreTy+R/b3fqQkadie9erUBTw8PTJDJ1CTUnIWV/AZU8EdQQIDAQAB
o4IECjCCBAYwHQYDVR0OBBYEFFtSY0ousD+FZbXjPcK59JBB98+wMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzdhNWI0
NC02YjE4LTQyZDMtYThkNS1kYzY1NTRmZDEyMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvN2E1YjQ0
LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRWbHRlTTl3
cm4wa0VIM3o3QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBaQYIKwYB
BQUHAQcBAf8EggFYMIIBVDCCASwEAgABMIIBJAMEAwWGwAMEBB8HQAMEAx8ZgAME
AyWcCAMEAiWckAMEBy6PAAMEBi71QAMEA03uaAMEAk3ueAMEA05ucAMEAk5ufAME
B09/ADAMAwQDVcYIAwQDVcYQAwQCVcYcAwQHVjkAAwQDWIcoAwQCWSkoAwQCWetg
AwQDXXOQAwQCXXa0AwQEbXrgAwQEgEGwAwQCsEHwAwQCsEH8AwQDshZ4AwQCstj4
AwQCuTFUAwQCuUNkAwQCuU9gAwQCuWJwAwQCuWPUMAwDBAK5bfQDBAK5bfgDBAO5
cCADBAK5eNwDBAK5ePgDBAK5gXQDBAK5hFADBAK5jagDBAK5jdQDBAK5k6ADBAK5
vXgDBAK56QwDBAK57QgDBAG8APADBAXBl4ADBATUIcAwIgQCAAIwHAMFAyoE8IAD
BQYqBRoAAwUDKgVMgAMFAyoGVIAwOAYIKwYBBQUHAQgBAf8EKTAnoCUwIwIDAIdM
AgMAotkCAwCq6gIDAMjpAgMA4C8CAwMY+AIDAzndMA0GCSqGSIb3DQEBCwUAA4IB
AQCCcG/tTgbrZ70xfhk/WuQrmyOvHgGWT+lwiUIY3WHTqtfUcPEHVFujFss5rLeW
Pbu8xaVXEdVjKyhjjXFq1OUzfrhTAYaoVXj/fKsvUPBOTDL1Y2mKiNWYK0JqSfId
PQui2NwJrgMPJSfz1ujtKKynh+qODFBrwW1ktnSrQkhK/M2K7bK3nTOAuBdQJ4S4
b/zq97eP+of3ldbPDT9ppz+FoeakzFS4N8JA6JZQzZADP3tPYh5L4ZG/U9UH984F
NXeVC8sN9UezrCh2uwMfrgTpJVGWvbGVFNkhrVWuNMZHpvkeT+QqZCHpAHIvhNoE
9hNja1Mp4820jGjG8Ri/8+XJ
-----END CERTIFICATE-----
Generated at Mon Apr 27 22:20:18 2026 by rpki-client