Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
File: YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer (raw, json)
Hash identifier: igM70bRIBymcotCoMz8+D2bp35pLhWXWqaWQaG1OBU0=
Subject key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019711DD7275821C935B9660D30A145438FD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 27 May 2025 13:10:14 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197706
IP: 31.171.152.0/21
IP: 45.66.252.0/22
IP: 45.142.24.0/22
IP: 91.217.6.0/23
IP: 91.217.72.0/23
IP: 103.69.32.0/22
IP: 103.93.40.0/22
IP: 103.111.0.0/22
IP: 103.124.164.0/22
IP: 103.204.120.0/22
IP: 103.254.240.0/22
IP: 109.74.28.0/22
IP: 109.104.132.0 -- 109.104.143.255
IP: 109.104.156.0/22
IP: 144.48.52.0/22
IP: 185.53.100.0/22
IP: 185.153.124.0/22
IP: 185.233.124.0/22
IP: 194.113.80.0/23
IP: 194.113.94.0/23
IP: 199.168.120.0/22
IP: 2a04:27c0::/29
IP: 2a09:6e40::/29
IP: 2a09:6ec0::/29
IP: 2a0d:27c0::/29
IP: 2a0d:42c0::/29
IP: 2a0d:4a40::/29
IP: 2a0e:3f00::/29
IP: 2a0e:4f00::/29
IP: 2a0e:d4c0::/29
IP: 2a0f:42c0::/29
IP: 2a0f:a880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:dd:72:75:82:1c:93:5b:96:60:d3:0a:14:54:38:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 27 13:10:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=624ad4535ac88dd534199f2a726095af71afe44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:c3:71:57:ab:c9:bc:32:ae:cc:0a:69:5c:
4c:52:80:78:9a:de:be:c1:58:19:f5:71:35:91:0d:
16:00:76:77:b0:b3:44:2d:30:9d:d5:a8:6a:6c:4f:
0e:99:2a:37:4b:bc:ac:91:15:8f:06:2d:e9:54:a0:
bd:c4:28:a9:26:3d:f4:8b:1e:1b:82:48:c0:32:4d:
a3:88:f3:b6:89:0e:f4:32:c4:83:67:fa:65:dc:e1:
24:be:6b:f5:c6:cc:a2:06:17:cc:9e:e3:ab:1b:0a:
94:58:c9:dc:99:99:51:0c:ec:2c:0e:83:f5:fe:93:
e0:f8:b8:53:b6:68:ed:f6:cb:52:b4:ae:44:3b:84:
d3:10:cd:47:0d:e2:e2:ec:cb:c8:4e:c8:3b:27:f2:
63:31:e0:7b:04:a7:c1:58:4d:30:d8:3e:4c:46:c7:
80:4f:63:93:ba:5a:98:6a:70:67:20:d2:ac:40:0b:
df:b1:11:29:3b:55:e4:32:88:98:1a:fe:b1:70:cd:
48:b1:44:1d:14:fa:28:ff:7c:91:33:c7:85:48:db:
64:a7:ca:b3:09:db:c4:5a:1c:f2:30:6e:3b:26:1d:
7f:6f:62:e9:aa:06:68:b4:15:9c:cc:2e:ff:a2:ae:
50:5d:89:54:09:4f:0d:ef:50:1d:4d:10:4d:89:a7:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
91.217.6.0/23
91.217.72.0/23
103.69.32.0/22
103.93.40.0/22
103.111.0.0/22
103.124.164.0/22
103.204.120.0/22
103.254.240.0/22
109.74.28.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
199.168.120.0/22
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197706
Signature Algorithm: sha256WithRSAEncryption
32:1c:fb:14:e3:3d:f9:1a:29:e4:3a:b3:41:ac:61:89:9a:78:
e9:9e:08:25:f6:4f:ed:46:42:f2:a3:08:a0:dd:81:c8:bc:11:
0b:85:98:15:ab:a0:8a:43:9d:6a:49:40:18:02:5c:a1:0c:05:
33:30:7d:16:28:67:5a:2c:b9:59:f2:26:d5:17:92:2d:30:20:
b2:b3:20:08:c7:1e:6b:a0:6e:73:cb:6b:cf:4f:3d:53:86:50:
1d:97:4d:fe:c5:05:f0:0a:5f:09:3c:ad:f5:3e:cd:8e:ba:f8:
90:66:a6:f7:f5:75:87:92:be:e8:0a:d0:96:60:b6:21:d3:21:
d1:fa:eb:0b:34:86:4a:bf:86:8e:c9:d1:8c:a2:16:2b:e2:7d:
47:87:b2:e5:c5:02:3c:8f:aa:d5:e2:0e:be:3c:b8:9e:34:d1:
4f:01:e7:43:a1:e8:bb:71:e1:5e:fc:e4:b2:76:00:7e:65:5b:
09:ab:25:7f:d3:4a:b4:ec:ba:4f:a1:e3:1d:5c:a2:83:e5:8f:
d9:25:39:9a:5a:b8:b3:07:c3:56:45:db:5e:f7:83:80:5a:fc:
80:fa:cd:85:84:fb:1d:e3:13:66:73:5c:71:73:13:9e:06:2e:
17:17:1e:ac:5b:0f:c0:78:c3:c4:d9:53:a5:b2:8c:fd:9d:67:
31:64:a0:f4
-----BEGIN CERTIFICATE-----
MIIGbjCCBVagAwIBAgISAZcR3XJ1ghyTW5Zg0woUVDj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTI3MTMxMDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojfDcVerybwyrswKaVxMUoB4mt6+
wVgZ9XE1kQ0WAHZ3sLNELTCd1ahqbE8OmSo3S7yskRWPBi3pVKC9xCipJj30ix4b
gkjAMk2jiPO2iQ70MsSDZ/pl3OEkvmv1xsyiBhfMnuOrGwqUWMncmZlRDOwsDoP1
/pPg+LhTtmjt9stStK5EO4TTEM1HDeLi7MvITsg7J/JjMeB7BKfBWE0w2D5MRseA
T2OTulqYanBnINKsQAvfsREpO1XkMoiYGv6xcM1IsUQdFPoo/3yRM8eFSNtkp8qz
CdvEWhzyMG47Jh1/b2LpqgZotBWczC7/oq5QXYlUCU8N71AdTRBNiacNzwIDAQAB
o4IDejCCA3YwHQYDVR0OBBYEFGJK1FNayI3VNBmfKnJgla9xr+ROMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2FhMTAx
OS01NjRmLTRjNDYtYTIxNy1mYjU5NDk4MDhkZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYWExMDE5
LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRVMEdaOHFj
bUNWcjNHdjVFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH4BggrBgEF
BQcBBwEB/wSB6DCB5TCBjQQCAAEwgYYDBAMfq5gDBAItQvwDBAItjhgDBAFb2QYD
BAFb2UgDBAJnRSADBAJnXSgDBAJnbwADBAJnfKQDBAJnzHgDBAJn/vADBAJtShww
DAMEAm1ohAMEBG1ogAMEAm1onAMEApAwNAMEArk1ZAMEArmZfAMEArnpfAMEAcJx
UAMEAcJxXgMEAseoeDBTBAIAAjBNAwUDKgQnwAMFAyoJbkADBQMqCW7AAwUDKg0n
wAMFAyoNQsADBQMqDUpAAwUDKg4/AAMFAyoOTwADBQMqDtTAAwUDKg9CwAMFAyoP
qIAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAwRKMA0GCSqGSIb3DQEBCwUAA4IB
AQAyHPsU4z35GinkOrNBrGGJmnjpnggl9k/tRkLyowig3YHIvBELhZgVq6CKQ51q
SUAYAlyhDAUzMH0WKGdaLLlZ8ibVF5ItMCCysyAIxx5roG5zy2vPTz1ThlAdl03+
xQXwCl8JPK31Ps2OuviQZqb39XWHkr7oCtCWYLYh0yHR+usLNIZKv4aOydGMohYr
4n1Hh7LlxQI8j6rV4g6+PLieNNFPAedDoei7ceFe/OSydgB+ZVsJqyV/00q07LpP
oeMdXKKD5Y/ZJTmaWrizB8NWRdte94OAWvyA+s2FhPsd4xNmc1xxcxOeBi4XFx6s
Ww/AeMPE2VOlsoz9nWcxZKD0
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:55:36 2025 by rpki-client