Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZwzXsrz7N0o5gMzg0ICSI4dU6gk.cer
File: ZwzXsrz7N0o5gMzg0ICSI4dU6gk.cer (raw, json)
Hash identifier: /0m3zsC9C0gPzB5UmNDIOynhSBzYnB49hJX5SlkHz8U=
Subject key identifier: 67:0C:D7:B2:BC:FB:37:4A:39:80:CC:E0:D0:80:92:23:87:54:EA:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D2F8CAABF26052DE8684C648FB2F2F3B6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ce/872097-b0a6-4d08-a6ff-1e88bb278f7b/1/ZwzXsrz7N0o5gMzg0ICSI4dU6gk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ce/872097-b0a6-4d08-a6ff-1e88bb278f7b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 27 Mar 2026 13:47:21 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 201993
IP: 91.241.76.0/24
IP: 213.130.74.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:8c:aa:bf:26:05:2d:e8:68:4c:64:8f:b2:f2:f3:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 27 13:47:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=670cd7b2bcfb374a3980cce0d08092238754ea09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:dc:a9:62:5d:20:30:02:fb:75:aa:a6:c5:70:
d0:e3:fe:be:3a:88:fb:e0:9b:4d:2f:fe:e9:7b:af:
96:ab:db:d9:c2:b6:83:af:34:55:e3:14:c3:20:2b:
3c:f0:37:e0:e7:54:12:77:6d:52:b4:af:0a:81:7c:
bd:4d:e2:d8:1a:14:ab:27:d7:97:87:7e:9e:ad:cf:
1c:1c:7c:95:c5:72:09:a8:b0:1d:93:59:a0:df:5e:
5b:a1:26:63:11:23:2c:b9:0f:84:e7:3b:3f:ad:71:
7a:e1:c2:26:2a:ae:00:b5:8b:40:fc:89:15:9b:6d:
24:03:aa:68:81:3c:29:30:79:be:b3:a2:f8:a8:e0:
84:21:25:de:33:ec:07:c8:e6:5a:3e:b3:15:88:03:
f6:36:0d:00:87:b0:7e:60:ed:3c:a3:96:5b:cd:6f:
89:e4:5b:a5:e4:1b:2c:20:58:3e:0b:8c:75:76:25:
7f:10:22:93:11:67:2f:cd:99:02:a0:51:63:9e:f4:
5f:5e:34:f0:c0:5e:1f:18:22:d4:cd:96:eb:91:95:
c9:05:84:1e:17:03:0b:56:b3:13:15:c7:50:7a:50:
37:84:ac:f4:a8:e4:1c:24:88:75:73:84:bf:e7:08:
e3:3c:32:fc:0d:8e:c8:50:e5:3e:44:d2:b7:a0:4f:
8c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0C:D7:B2:BC:FB:37:4A:39:80:CC:E0:D0:80:92:23:87:54:EA:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/872097-b0a6-4d08-a6ff-1e88bb278f7b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/872097-b0a6-4d08-a6ff-1e88bb278f7b/1/ZwzXsrz7N0o5gMzg0ICSI4dU6gk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.76.0/24
213.130.74.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201993
Signature Algorithm: sha256WithRSAEncryption
49:d3:9b:88:61:9f:82:69:1a:74:8b:a7:21:61:0b:06:f7:75:
6c:ba:5f:65:24:34:6a:c7:83:dd:df:23:93:ef:b5:e7:4d:b0:
a8:2f:16:a3:25:5c:af:a7:a9:5e:7c:ca:ae:f5:75:b1:91:f8:
4b:73:cc:49:bb:5d:25:fd:41:d6:f3:5b:a4:ce:4e:a3:d5:36:
e0:98:7d:a0:09:1c:5e:99:72:ae:41:86:0b:6d:d1:c5:10:fe:
8a:e1:0e:c2:c7:08:b3:71:18:f9:46:31:1e:e9:f8:09:3e:7b:
64:c1:12:69:aa:91:ef:04:e4:58:be:7a:40:17:d5:b8:dc:4f:
d2:4b:0a:42:e3:05:0a:72:6c:38:c7:06:24:48:21:09:c8:a9:
a3:73:44:d0:32:3f:8e:6a:d9:55:06:1f:23:35:62:a6:c1:78:
65:29:97:61:89:99:52:a4:7e:e1:d3:c5:ad:eb:7f:dc:59:c3:
3e:96:af:44:69:5d:21:bb:fc:45:5d:59:5f:5c:da:1f:1d:e5:
b4:78:c1:45:c8:47:b6:bb:00:18:f5:9a:00:c6:85:e1:42:b9:
8b:42:77:1f:41:1c:2c:39:0b:c1:8d:6d:bf:29:ea:38:9e:b0:
47:81:75:90:cf:26:35:2f:70:69:7b:a3:b7:0a:6c:0d:24:ab:
da:f0:c8:3e
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZ0vjKq/JgUt6GhMZI+y8vO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzI3MTM0NzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzBjZDdiMmJjZmIzNzRhMzk4MGNjZTBkMDgwOTIyMzg3NTRlYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0typYl0gMAL7daqmxXDQ4/6+Ooj7
4JtNL/7pe6+Wq9vZwraDrzRV4xTDICs88Dfg51QSd21StK8KgXy9TeLYGhSrJ9eX
h36erc8cHHyVxXIJqLAdk1mg315boSZjESMsuQ+E5zs/rXF64cImKq4AtYtA/IkV
m20kA6pogTwpMHm+s6L4qOCEISXeM+wHyOZaPrMViAP2Ng0Ah7B+YO08o5ZbzW+J
5Ful5BssIFg+C4x1diV/ECKTEWcvzZkCoFFjnvRfXjTwwF4fGCLUzZbrkZXJBYQe
FwMLVrMTFcdQelA3hKz0qOQcJIh1c4S/5wjjPDL8DY7IUOU+RNK3oE+MCQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFGcM17K8+zdKOYDM4NCAkiOHVOoJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NlLzg3MjA5
Ny1iMGE2LTRkMDgtYTZmZi0xZTg4YmIyNzhmN2IvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2UvODcyMDk3
LWIwYTYtNGQwOC1hNmZmLTFlODhiYjI3OGY3Yi8xL1p3elhzcno3TjBvNWdNemcw
SUNTSTRkVTZnay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW/FMAwQA1YJKMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwMVCTANBgkqhkiG9w0BAQsFAAOCAQEASdObiGGfgmkadIunIWELBvd1
bLpfZSQ0aseD3d8jk++1502wqC8WoyVcr6epXnzKrvV1sZH4S3PMSbtdJf1B1vNb
pM5Oo9U24Jh9oAkcXplyrkGGC23RxRD+iuEOwscIs3EY+UYxHun4CT57ZMESaaqR
7wTkWL56QBfVuNxP0ksKQuMFCnJsOMcGJEghCcipo3NE0DI/jmrZVQYfIzVipsF4
ZSmXYYmZUqR+4dPFret/3FnDPpavRGldIbv8RV1ZX1zaHx3ltHjBRchHtrsAGPWa
AMaF4UK5i0J3H0EcLDkLwY1tvynqOJ6wR4F1kM8mNS9waXujtwpsDSSr2vDIPg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 09:56:52 2026 by rpki-client