Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
File: YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer (raw, json)
Hash identifier: zihngAaFGbn1u6axCKq+yjU/Mt/v6Vtc/WStyZT0uIE=
Subject key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0198EB7505F163CB25349FF35F73719DFE98
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 27 Aug 2025 12:16:11 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197706
IP: 31.171.152.0/21
IP: 45.66.252.0/22
IP: 45.142.24.0/22
IP: 62.101.160.0/21
IP: 82.198.32.0/22
IP: 91.217.6.0/23
IP: 91.217.72.0/23
IP: 103.69.32.0/22
IP: 103.93.40.0/22
IP: 103.111.0.0/22
IP: 103.124.164.0/22
IP: 103.204.120.0/22
IP: 103.254.240.0/22
IP: 109.74.28.0/22
IP: 109.104.132.0 -- 109.104.143.255
IP: 109.104.156.0/22
IP: 144.48.52.0/22
IP: 185.53.100.0/22
IP: 185.153.124.0/22
IP: 185.233.124.0/22
IP: 194.113.80.0/23
IP: 194.113.94.0/23
IP: 199.168.120.0/22
IP: 2a04:27c0::/29
IP: 2a09:6e40::/29
IP: 2a09:6ec0::/29
IP: 2a0d:27c0::/29
IP: 2a0d:42c0::/29
IP: 2a0d:4a40::/29
IP: 2a0e:3f00::/29
IP: 2a0e:4f00::/29
IP: 2a0e:d4c0::/29
IP: 2a0f:42c0::/29
IP: 2a0f:a880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:75:05:f1:63:cb:25:34:9f:f3:5f:73:71:9d:fe:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 27 12:16:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=624ad4535ac88dd534199f2a726095af71afe44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:c3:71:57:ab:c9:bc:32:ae:cc:0a:69:5c:
4c:52:80:78:9a:de:be:c1:58:19:f5:71:35:91:0d:
16:00:76:77:b0:b3:44:2d:30:9d:d5:a8:6a:6c:4f:
0e:99:2a:37:4b:bc:ac:91:15:8f:06:2d:e9:54:a0:
bd:c4:28:a9:26:3d:f4:8b:1e:1b:82:48:c0:32:4d:
a3:88:f3:b6:89:0e:f4:32:c4:83:67:fa:65:dc:e1:
24:be:6b:f5:c6:cc:a2:06:17:cc:9e:e3:ab:1b:0a:
94:58:c9:dc:99:99:51:0c:ec:2c:0e:83:f5:fe:93:
e0:f8:b8:53:b6:68:ed:f6:cb:52:b4:ae:44:3b:84:
d3:10:cd:47:0d:e2:e2:ec:cb:c8:4e:c8:3b:27:f2:
63:31:e0:7b:04:a7:c1:58:4d:30:d8:3e:4c:46:c7:
80:4f:63:93:ba:5a:98:6a:70:67:20:d2:ac:40:0b:
df:b1:11:29:3b:55:e4:32:88:98:1a:fe:b1:70:cd:
48:b1:44:1d:14:fa:28:ff:7c:91:33:c7:85:48:db:
64:a7:ca:b3:09:db:c4:5a:1c:f2:30:6e:3b:26:1d:
7f:6f:62:e9:aa:06:68:b4:15:9c:cc:2e:ff:a2:ae:
50:5d:89:54:09:4f:0d:ef:50:1d:4d:10:4d:89:a7:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
62.101.160.0/21
82.198.32.0/22
91.217.6.0/23
91.217.72.0/23
103.69.32.0/22
103.93.40.0/22
103.111.0.0/22
103.124.164.0/22
103.204.120.0/22
103.254.240.0/22
109.74.28.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
199.168.120.0/22
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197706
Signature Algorithm: sha256WithRSAEncryption
27:bf:2a:56:6b:9d:d7:f7:ab:5e:52:d1:90:81:66:da:7d:89:
74:4e:92:08:da:63:60:d2:77:14:06:85:c1:16:4f:31:c9:6b:
11:f2:b4:68:8d:eb:2f:fc:91:b5:6e:85:17:d6:d4:34:8e:b6:
61:0e:f4:95:8b:24:a5:65:ef:a7:a0:f2:07:d4:cb:45:fd:f4:
31:f7:4f:42:66:a9:8f:6a:05:c6:53:22:90:f3:c4:1d:eb:a0:
40:9d:3b:56:a3:f3:90:9f:87:bf:b5:f4:8a:f2:6d:5a:84:12:
76:97:06:4e:8c:dd:7a:fc:cb:9f:01:4e:b4:ce:c3:61:e7:81:
be:ed:55:ed:ee:dd:03:66:44:1e:c7:40:6b:70:58:d1:a3:f8:
ea:ad:81:5a:92:ff:e1:07:7e:d3:fa:03:7c:0e:61:79:22:7c:
2b:9d:75:e1:a0:a1:09:aa:0e:29:fa:49:bc:6a:01:04:50:88:
cb:23:84:19:eb:02:48:38:ac:3c:40:11:3b:fb:11:9c:1e:30:
8d:cf:3d:50:e9:97:d5:5d:7d:09:4d:6f:3e:f1:df:f8:a8:c8:
d8:85:5a:00:96:22:0e:ae:4c:88:89:65:ed:2f:51:8c:4d:1d:
bb:7a:9e:8a:ab:ec:f7:a9:11:a2:b4:4c:59:20:82:8d:10:ac:
fd:66:04:67
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAZjrdQXxY8slNJ/zX3Nxnf6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODI3MTIxNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojfDcVerybwyrswKaVxMUoB4mt6+
wVgZ9XE1kQ0WAHZ3sLNELTCd1ahqbE8OmSo3S7yskRWPBi3pVKC9xCipJj30ix4b
gkjAMk2jiPO2iQ70MsSDZ/pl3OEkvmv1xsyiBhfMnuOrGwqUWMncmZlRDOwsDoP1
/pPg+LhTtmjt9stStK5EO4TTEM1HDeLi7MvITsg7J/JjMeB7BKfBWE0w2D5MRseA
T2OTulqYanBnINKsQAvfsREpO1XkMoiYGv6xcM1IsUQdFPoo/3yRM8eFSNtkp8qz
CdvEWhzyMG47Jh1/b2LpqgZotBWczC7/oq5QXYlUCU8N71AdTRBNiacNzwIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFGJK1FNayI3VNBmfKnJgla9xr+ROMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2FhMTAx
OS01NjRmLTRjNDYtYTIxNy1mYjU5NDk4MDhkZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYWExMDE5
LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRVMEdaOHFj
bUNWcjNHdjVFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBAYIKwYB
BQUHAQcBAf8EgfQwgfEwgZkEAgABMIGSAwQDH6uYAwQCLUL8AwQCLY4YAwQDPmWg
AwQCUsYgAwQBW9kGAwQBW9lIAwQCZ0UgAwQCZ10oAwQCZ28AAwQCZ3ykAwQCZ8x4
AwQCZ/7wAwQCbUocMAwDBAJtaIQDBARtaIADBAJtaJwDBAKQMDQDBAK5NWQDBAK5
mXwDBAK56XwDBAHCcVADBAHCcV4DBALHqHgwUwQCAAIwTQMFAyoEJ8ADBQMqCW5A
AwUDKgluwAMFAyoNJ8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7U
wAMFAyoPQsADBQMqD6iAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMESjANBgkq
hkiG9w0BAQsFAAOCAQEAJ78qVmud1/erXlLRkIFm2n2JdE6SCNpjYNJ3FAaFwRZP
MclrEfK0aI3rL/yRtW6FF9bUNI62YQ70lYskpWXvp6DyB9TLRf30MfdPQmapj2oF
xlMikPPEHeugQJ07VqPzkJ+Hv7X0ivJtWoQSdpcGTozdevzLnwFOtM7DYeeBvu1V
7e7dA2ZEHsdAa3BY0aP46q2BWpL/4Qd+0/oDfA5heSJ8K5114aChCaoOKfpJvGoB
BFCIyyOEGesCSDisPEARO/sRnB4wjc89UOmX1V19CU1vPvHf+KjI2IVaAJYiDq5M
iIll7S9RjE0du3qeiqvs96kRorRMWSCCjRCs/WYEZw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:18:36 2025 by rpki-client