Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZqL-k07R3vdfBjaufPAZjIHTSLQ.cer
File: ZqL-k07R3vdfBjaufPAZjIHTSLQ.cer (raw, json)
Hash identifier: A7l/wsjuYgPCsdmSJU+jvEPsL5OkY8+Eh5RvySUctyA=
Subject key identifier: 66:A2:FE:93:4E:D1:DE:F7:5F:06:36:AE:7C:F0:19:8C:81:D3:48:B4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A53812260A021EA319F6E4BE3E1644D93
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/71/ce8e59-e062-421a-9f46-4edf19b35eca/1/ZqL-k07R3vdfBjaufPAZjIHTSLQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/71/ce8e59-e062-421a-9f46-4edf19b35eca/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 05 Nov 2025 10:12:43 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204897
IP: 217.26.218.0/24
IP: 2a13:4cc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:81:22:60:a0:21:ea:31:9f:6e:4b:e3:e1:64:4d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 5 10:12:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66a2fe934ed1def75f0636ae7cf0198c81d348b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:68:8f:1b:a9:b4:ca:b4:d5:ae:25:d2:0d:
1e:a3:46:19:ce:3a:f9:7e:81:b1:c3:b4:5f:6e:1e:
ba:86:70:b8:5b:91:ba:2e:d5:7e:a3:e1:ec:83:70:
13:2e:4f:32:38:f1:2d:df:53:ec:18:2a:63:d4:42:
06:4c:ef:09:da:61:ef:a5:e3:b7:21:81:7b:ea:43:
8d:70:bd:02:e0:76:19:ce:cc:46:a7:f8:e6:19:ef:
5f:e6:cc:b4:e6:ad:50:28:a5:a6:e9:6a:a7:42:0e:
87:a6:d2:5e:31:14:1f:10:63:e5:8d:a1:13:c0:a4:
74:76:32:ad:89:15:db:db:b4:76:bc:b9:60:00:dd:
34:28:83:01:54:09:11:d4:8c:82:09:70:55:c3:ab:
57:31:8d:b9:ec:44:a2:62:21:43:2e:e4:73:a7:8a:
e6:36:35:3f:31:b1:64:02:b7:f7:b0:f4:5b:c1:c3:
80:77:b2:5e:14:7b:ea:0e:44:98:44:b4:c1:c5:ef:
f1:bf:53:18:30:76:c0:cb:69:f8:ef:10:bc:6b:3c:
09:26:c2:94:71:2d:4f:4c:0f:b6:06:24:3d:47:7e:
ec:8d:29:3e:ec:2a:a5:aa:e4:b6:a2:6d:c6:77:1c:
c0:5e:d2:ed:99:84:07:62:1f:04:ac:cf:a6:8a:7b:
b9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A2:FE:93:4E:D1:DE:F7:5F:06:36:AE:7C:F0:19:8C:81:D3:48:B4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ce8e59-e062-421a-9f46-4edf19b35eca/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ce8e59-e062-421a-9f46-4edf19b35eca/1/ZqL-k07R3vdfBjaufPAZjIHTSLQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.218.0/24
IPv6:
2a13:4cc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204897
Signature Algorithm: sha256WithRSAEncryption
83:27:81:4c:f0:fa:af:c2:8d:7e:71:bf:93:6d:aa:f9:44:1c:
f2:c1:2e:e9:46:c6:e4:24:93:31:40:c6:d8:ac:36:4a:8d:9f:
eb:5e:3f:80:81:e1:f1:f8:ce:b8:05:bf:04:e1:58:cf:4b:16:
4f:bb:1c:8b:86:13:41:6c:fb:3d:4c:1a:7b:b7:53:d5:9b:09:
6a:8d:3c:aa:ca:d7:95:2d:11:5a:1c:16:67:f3:e6:58:6e:a3:
7a:91:e2:13:c8:ca:46:cf:32:f7:c6:49:90:c0:15:06:13:c2:
f8:78:2d:5f:08:2d:f2:3c:c8:64:26:f7:6a:d3:8e:26:42:e7:
1b:e4:57:fe:77:bf:84:1e:c0:df:14:6c:4c:a6:94:dc:87:fc:
43:ad:77:6f:71:31:1f:1c:ed:da:e8:8f:1b:95:01:4a:d2:16:
2f:78:4e:97:44:e3:d1:ac:b4:87:ea:45:13:a8:6e:92:e3:99:
66:fd:13:f0:45:e2:32:f6:9e:1d:b2:c5:bf:aa:67:01:fd:47:
5a:83:81:39:38:3a:31:4d:0a:5b:ed:20:ca:b6:e5:ed:ed:7c:
e7:aa:cb:a4:f0:fb:f9:1f:96:b3:8f:36:78:2a:49:c7:d3:a1:
b4:42:96:f4:da:ca:dc:d3:7f:5f:00:26:e5:f9:43:07:30:90:
a3:2a:20:3c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZpTgSJgoCHqMZ9uS+PhZE2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMTA1MTAxMjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmEyZmU5MzRlZDFkZWY3NWYwNjM2YWU3Y2YwMTk4YzgxZDM0OGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAhojxuptMq01a4l0g0eo0YZzjr5
foGxw7Rfbh66hnC4W5G6LtV+o+Hsg3ATLk8yOPEt31PsGCpj1EIGTO8J2mHvpeO3
IYF76kONcL0C4HYZzsxGp/jmGe9f5sy05q1QKKWm6WqnQg6HptJeMRQfEGPljaET
wKR0djKtiRXb27R2vLlgAN00KIMBVAkR1IyCCXBVw6tXMY257ESiYiFDLuRzp4rm
NjU/MbFkArf3sPRbwcOAd7JeFHvqDkSYRLTBxe/xv1MYMHbAy2n47xC8azwJJsKU
cS1PTA+2BiQ9R37sjSk+7CqlquS2om3GdxzAXtLtmYQHYh8ErM+minu5/wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGai/pNO0d73XwY2rnzwGYyB00i0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcxL2NlOGU1
OS1lMDYyLTQyMWEtOWY0Ni00ZWRmMTliMzVlY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEvY2U4ZTU5
LWUwNjItNDIxYS05ZjQ2LTRlZGYxOWIzNWVjYS8xL1pxTC1rMDdSM3ZkZkJqYXVm
UEFaaklIVFNMUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA2RraMA0EAgACMAcDBQMqE0zAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMgYTANBgkqhkiG9w0BAQsFAAOCAQEAgyeBTPD6r8KN
fnG/k22q+UQc8sEu6UbG5CSTMUDG2Kw2So2f614/gIHh8fjOuAW/BOFYz0sWT7sc
i4YTQWz7PUwae7dT1ZsJao08qsrXlS0RWhwWZ/PmWG6jepHiE8jKRs8y98ZJkMAV
BhPC+HgtXwgt8jzIZCb3atOOJkLnG+RX/ne/hB7A3xRsTKaU3If8Q613b3ExHxzt
2uiPG5UBStIWL3hOl0Tj0ay0h+pFE6hukuOZZv0T8EXiMvaeHbLFv6pnAf1HWoOB
OTg6MU0KW+0gyrbl7e1856rLpPD7+R+Ws482eCpJx9OhtEKW9NrK3NN/XwAm5flD
BzCQoyogPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 10:03:44 2025 by rpki-client