Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
File: YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer (raw, json)
Hash identifier: Q0NYRQBZWCME+ArdMcB64xO/xitOQNNplSe+7bRSFoI=
Subject key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E8DA373E5E9271724815729E07850D5B8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 03 Jun 2026 13:19:20 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 197706
IP: 31.171.152.0/22
IP: 45.66.252.0/22
IP: 45.74.144.0/21
IP: 45.142.24.0/22
IP: 62.101.160.0/21
IP: 82.198.32.0/22
IP: 91.217.6.0/23
IP: 103.69.32.0/22
IP: 103.93.40.0/22
IP: 103.111.0.0/22
IP: 103.124.164.0/22
IP: 103.204.120.0/22
IP: 103.254.240.0/22
IP: 109.74.28.0/22
IP: 109.104.132.0 -- 109.104.134.255
IP: 109.104.140.0/23
IP: 109.104.156.0/24
IP: 109.104.158.0/23
IP: 144.48.52.0/22
IP: 185.53.100.0/22
IP: 185.153.124.0/22
IP: 185.233.124.0/22
IP: 194.113.94.0/23
IP: 195.146.16.0/20
IP: 199.168.120.0/22
IP: 209.23.32.0/20
IP: 2a04:27c0::/29
IP: 2a09:6e40::/29
IP: 2a09:6ec0::/29
IP: 2a0d:27c0::/29
IP: 2a0d:42c0::/29
IP: 2a0d:4a40::/29
IP: 2a0e:3f00::/29
IP: 2a0e:4f00::/29
IP: 2a0e:d4c0::/29
IP: 2a0f:42c0::/29
IP: 2a0f:a880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:a3:73:e5:e9:27:17:24:81:57:29:e0:78:50:d5:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 3 13:19:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=624ad4535ac88dd534199f2a726095af71afe44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:c3:71:57:ab:c9:bc:32:ae:cc:0a:69:5c:
4c:52:80:78:9a:de:be:c1:58:19:f5:71:35:91:0d:
16:00:76:77:b0:b3:44:2d:30:9d:d5:a8:6a:6c:4f:
0e:99:2a:37:4b:bc:ac:91:15:8f:06:2d:e9:54:a0:
bd:c4:28:a9:26:3d:f4:8b:1e:1b:82:48:c0:32:4d:
a3:88:f3:b6:89:0e:f4:32:c4:83:67:fa:65:dc:e1:
24:be:6b:f5:c6:cc:a2:06:17:cc:9e:e3:ab:1b:0a:
94:58:c9:dc:99:99:51:0c:ec:2c:0e:83:f5:fe:93:
e0:f8:b8:53:b6:68:ed:f6:cb:52:b4:ae:44:3b:84:
d3:10:cd:47:0d:e2:e2:ec:cb:c8:4e:c8:3b:27:f2:
63:31:e0:7b:04:a7:c1:58:4d:30:d8:3e:4c:46:c7:
80:4f:63:93:ba:5a:98:6a:70:67:20:d2:ac:40:0b:
df:b1:11:29:3b:55:e4:32:88:98:1a:fe:b1:70:cd:
48:b1:44:1d:14:fa:28:ff:7c:91:33:c7:85:48:db:
64:a7:ca:b3:09:db:c4:5a:1c:f2:30:6e:3b:26:1d:
7f:6f:62:e9:aa:06:68:b4:15:9c:cc:2e:ff:a2:ae:
50:5d:89:54:09:4f:0d:ef:50:1d:4d:10:4d:89:a7:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/22
45.66.252.0/22
45.74.144.0/21
45.142.24.0/22
62.101.160.0/21
82.198.32.0/22
91.217.6.0/23
103.69.32.0/22
103.93.40.0/22
103.111.0.0/22
103.124.164.0/22
103.204.120.0/22
103.254.240.0/22
109.74.28.0/22
109.104.132.0-109.104.134.255
109.104.140.0/23
109.104.156.0/24
109.104.158.0/23
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.94.0/23
195.146.16.0/20
199.168.120.0/22
209.23.32.0/20
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197706
Signature Algorithm: sha256WithRSAEncryption
a0:db:9c:cc:d8:7b:e3:9b:17:21:15:db:fd:7d:ea:9c:a0:51:
76:32:6a:1b:b9:b8:d5:97:38:53:29:b7:1e:95:50:da:f7:25:
f3:74:07:1c:a5:26:91:ed:11:43:11:1a:6d:7f:fc:e2:16:41:
7c:23:6f:8a:6b:3f:ae:dd:84:27:2f:a7:dd:7c:d4:27:6f:cb:
cf:cd:4d:88:7e:15:74:71:14:e1:d1:e6:9c:bd:48:f9:0f:09:
80:26:06:bd:71:ec:6c:b3:c1:2b:2f:cc:52:48:08:c6:83:25:
f2:62:04:18:52:bb:2f:78:5f:a2:99:b5:ac:83:ae:cd:16:71:
83:5f:a7:7d:bf:31:30:18:1a:de:0a:fd:8d:c1:33:88:5b:66:
8e:f9:12:68:0b:01:a4:0d:71:0f:41:03:ea:93:15:e0:70:76:
37:6f:63:86:20:6b:7d:fe:93:cc:f9:f8:e0:7e:66:89:0d:36:
eb:0c:b9:53:3b:a9:3b:94:b1:68:a6:b4:79:9c:df:c3:35:ab:
01:98:08:3a:0c:c3:77:4c:d3:47:4f:81:e3:b5:19:bc:1b:55:
1a:e3:fc:80:52:51:e2:b4:b2:08:49:d7:e7:3a:c1:92:1e:46:
5c:9d:45:fc:52:58:5a:7a:e8:73:d1:3a:97:00:a2:55:ef:dd:
1e:96:42:67
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgISAZ6No3Pl6ScXJIFXKeB4UNW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNjAzMTMxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojfDcVerybwyrswKaVxMUoB4mt6+
wVgZ9XE1kQ0WAHZ3sLNELTCd1ahqbE8OmSo3S7yskRWPBi3pVKC9xCipJj30ix4b
gkjAMk2jiPO2iQ70MsSDZ/pl3OEkvmv1xsyiBhfMnuOrGwqUWMncmZlRDOwsDoP1
/pPg+LhTtmjt9stStK5EO4TTEM1HDeLi7MvITsg7J/JjMeB7BKfBWE0w2D5MRseA
T2OTulqYanBnINKsQAvfsREpO1XkMoiYGv6xcM1IsUQdFPoo/3yRM8eFSNtkp8qz
CdvEWhzyMG47Jh1/b2LpqgZotBWczC7/oq5QXYlUCU8N71AdTRBNiacNzwIDAQAB
o4IDmzCCA5cwHQYDVR0OBBYEFGJK1FNayI3VNBmfKnJgla9xr+ROMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2FhMTAx
OS01NjRmLTRjNDYtYTIxNy1mYjU5NDk4MDhkZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYWExMDE5
LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRVMEdaOHFj
bUNWcjNHdjVFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBGAYIKwYB
BQUHAQcBAf8EggEHMIIBAzCBqwQCAAEwgaQDBAIfq5gDBAItQvwDBAMtSpADBAIt
jhgDBAM+ZaADBAJSxiADBAFb2QYDBAJnRSADBAJnXSgDBAJnbwADBAJnfKQDBAJn
zHgDBAJn/vADBAJtShwwDAMEAm1ohAMEAG1ohgMEAW1ojAMEAG1onAMEAW1ongME
ApAwNAMEArk1ZAMEArmZfAMEArnpfAMEAcJxXgMEBMOSEAMEAseoeAMEBNEXIDBT
BAIAAjBNAwUDKgQnwAMFAyoJbkADBQMqCW7AAwUDKg0nwAMFAyoNQsADBQMqDUpA
AwUDKg4/AAMFAyoOTwADBQMqDtTAAwUDKg9CwAMFAyoPqIAwGgYIKwYBBQUHAQgB
Af8ECzAJoAcwBQIDAwRKMA0GCSqGSIb3DQEBCwUAA4IBAQCg25zM2HvjmxchFdv9
feqcoFF2MmobubjVlzhTKbcelVDa9yXzdAccpSaR7RFDERptf/ziFkF8I2+Kaz+u
3YQnL6fdfNQnb8vPzU2IfhV0cRTh0eacvUj5DwmAJga9cexss8ErL8xSSAjGgyXy
YgQYUrsveF+imbWsg67NFnGDX6d9vzEwGBreCv2NwTOIW2aO+RJoCwGkDXEPQQPq
kxXgcHY3b2OGIGt9/pPM+fjgfmaJDTbrDLlTO6k7lLFoprR5nN/DNasBmAg6DMN3
TNNHT4HjtRm8G1Ua4/yAUlHitLIISdfnOsGSHkZcnUX8Ulhaeuhz0TqXAKJV790e
lkJn
-----END CERTIFICATE-----
Generated at Fri Jun 12 01:31:33 2026 by rpki-client