
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer
File: ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer (raw, json)
Hash identifier: QUzdjHGjY/3BzTqllLfd4roLNCBZ2VJ9NpgM8c+TJ1Q=
Subject key identifier: 64:C5:FD:1D:C0:C4:57:D9:EC:11:3D:23:BD:49:35:C7:23:E9:EC:F4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196F256546F71D57D9F1F03DA46808C51A1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 21 May 2025 10:14:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 211465
IP: 194.42.126.0/23
IP: 2001:678:1078::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 21:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:56:54:6f:71:d5:7d:9f:1f:03:da:46:80:8c:51:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 21 10:14:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64c5fd1dc0c457d9ec113d23bd4935c723e9ecf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cc:2b:79:4d:30:cf:d5:f8:2b:60:70:dc:a5:
54:ce:4e:d0:9a:73:70:76:ea:b9:d7:f2:34:60:21:
78:40:dd:d3:87:54:f8:de:e3:0c:18:78:c8:4a:82:
86:ff:7b:dd:b5:5c:b6:8a:76:69:56:7e:dc:08:dd:
0e:2a:0c:35:9f:a4:41:d9:a1:91:2e:07:24:1a:9f:
2f:3d:4a:a7:1c:16:6b:3f:e0:f6:b1:6f:ec:0c:ee:
6f:45:86:0e:d1:5c:0a:8e:70:7a:7f:1b:e3:9c:ca:
a3:51:a6:cf:0b:8a:28:69:9a:6e:f7:fe:d5:55:43:
38:e4:c3:62:b0:46:e7:04:65:f8:12:df:e6:50:55:
1b:12:09:69:af:71:ac:e4:91:72:1c:1c:b3:e8:a4:
df:c2:b7:82:0b:fd:ad:1e:d3:7d:6b:6c:00:e2:cb:
1e:b8:d0:57:31:76:4e:8a:1a:ac:ba:34:59:c9:f3:
50:40:04:c5:30:78:11:06:bf:17:77:f3:68:ab:20:
6e:0d:f5:49:4c:14:cd:ab:f2:83:07:ad:89:3b:53:
9a:3e:bd:c5:4d:a0:25:9a:4e:3f:c8:66:7f:26:4b:
05:78:87:4f:15:e1:c7:4a:69:0a:67:ec:db:5d:8a:
70:c3:7e:be:c4:b4:45:67:5c:e6:1c:30:ae:6d:de:
b0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C5:FD:1D:C0:C4:57:D9:EC:11:3D:23:BD:49:35:C7:23:E9:EC:F4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.126.0/23
IPv6:
2001:678:1078::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
211465
Signature Algorithm: sha256WithRSAEncryption
15:ff:86:d0:f7:87:fe:1c:2f:19:0b:cc:2b:83:fa:1f:b1:a4:
a5:5f:ca:89:4d:a7:74:85:9c:d3:3f:da:8f:70:34:30:b0:0f:
8a:db:c4:14:a6:0d:cc:50:d8:7d:bb:f2:53:8d:ee:34:fe:05:
4a:a6:80:06:12:ee:e4:8d:1c:2a:3f:8a:cf:ac:42:e1:02:58:
86:97:9d:20:93:77:5a:03:c5:12:74:a4:21:42:7e:dd:91:5e:
95:0c:97:2e:d3:d3:e4:a8:2d:f8:97:fa:1d:c5:c2:70:8c:3e:
4a:91:aa:1b:30:88:b5:45:c8:cf:08:af:79:5c:60:45:bb:3c:
c3:89:ca:ac:26:d2:be:76:db:f5:22:83:33:11:62:15:15:b5:
8f:d6:c9:b7:9a:bf:e1:1c:69:7d:b0:01:0e:b6:fb:35:29:d4:
40:38:16:70:c0:33:6d:d3:71:f4:9b:86:24:7b:09:7d:36:2f:
74:a4:3d:e1:af:2c:cb:c5:81:53:44:fa:58:b9:63:73:09:d7:
37:37:32:06:cc:22:94:1d:70:73:f7:dd:68:84:3b:c8:41:db:
38:70:17:90:06:f7:af:c9:fb:23:d9:d7:06:83:36:6d:68:6d:
94:cc:c9:6d:ab:73:6e:63:df:09:02:cd:7d:d6:c0:7c:43:20:
14:00:92:26
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZbyVlRvcdV9nx8D2kaAjFGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTIxMTAxNDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM1ZmQxZGMwYzQ1N2Q5ZWMxMTNkMjNiZDQ5MzVjNzIzZTllY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8wreU0wz9X4K2Bw3KVUzk7QmnNw
duq51/I0YCF4QN3Th1T43uMMGHjISoKG/3vdtVy2inZpVn7cCN0OKgw1n6RB2aGR
LgckGp8vPUqnHBZrP+D2sW/sDO5vRYYO0VwKjnB6fxvjnMqjUabPC4ooaZpu9/7V
VUM45MNisEbnBGX4Et/mUFUbEglpr3Gs5JFyHByz6KTfwreCC/2tHtN9a2wA4sse
uNBXMXZOihqsujRZyfNQQATFMHgRBr8Xd/NoqyBuDfVJTBTNq/KDB62JO1OaPr3F
TaAlmk4/yGZ/JksFeIdPFeHHSmkKZ+zbXYpww36+xLRFZ1zmHDCubd6w6QIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFGTF/R3AxFfZ7BE9I71JNccj6ez0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNiL2E0NjQw
Yy1lNjlhLTQzMzctYjFhYS00Y2IwNjc5YWNlN2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvYTQ2NDBj
LWU2OWEtNDMzNy1iMWFhLTRjYjA2NzlhY2U3Zi8xL1pNWDlIY0RFVjluc0VUMGp2
VWsxeHlQcDdQUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQBwip+MA8EAgACMAkDBwAgAQZ4EHgwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAzoJMA0GCSqGSIb3DQEBCwUAA4IBAQAV/4bQ94f+
HC8ZC8wrg/ofsaSlX8qJTad0hZzTP9qPcDQwsA+K28QUpg3MUNh9u/JTje40/gVK
poAGEu7kjRwqP4rPrELhAliGl50gk3daA8USdKQhQn7dkV6VDJcu09PkqC34l/od
xcJwjD5KkaobMIi1RcjPCK95XGBFuzzDicqsJtK+dtv1IoMzEWIVFbWP1sm3mr/h
HGl9sAEOtvs1KdRAOBZwwDNt03H0m4Ykewl9Ni90pD3hryzLxYFTRPpYuWNzCdc3
NzIGzCKUHXBz991ohDvIQds4cBeQBvevyfsj2dcGgzZtaG2UzMltq3NuY98JAs19
1sB8QyAUAJIm
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:10:20 2025 by rpki-client