Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
File: aRJCwzvC4unkWFCg_GSrLHUGpLg.cer (raw, json)
Hash identifier: WCrf7Y++cCLBTdpF5BpqKRixJ3A27svKBJ5BmxSW6Xs=
Subject key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DB463364E894E9846BCAC3A4FFAC6928C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 22 Apr 2026 08:51:34 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 59711
AS: 61046
AS: 201525
AS: 202015
IP: 5.149.248.0/21
IP: 77.83.196.0/22
IP: 79.141.160.0/20
IP: 80.75.215.0/24
IP: 85.158.108.0/22
IP: 89.44.80.0/24
IP: 89.46.38.0/24
IP: 89.150.40.0/24
IP: 89.150.45.0/24
IP: 89.150.48.0/24
IP: 89.150.57.0/24
IP: 91.193.16.0/22
IP: 91.220.8.0/24
IP: 94.126.224.0/22
IP: 95.128.196.0 -- 95.128.198.255
IP: 185.33.84.0/22
IP: 185.40.86.0/24
IP: 185.80.52.0/22
IP: 185.81.112.0/22
IP: 185.104.192.0/22
IP: 185.117.88.0/22
IP: 185.123.102.0/24
IP: 185.174.133.0/24
IP: 185.174.135.0/24
IP: 185.221.222.0/23
IP: 185.223.57.0/24
IP: 185.235.137.0 -- 185.235.138.255
IP: 185.253.116.0/22
IP: 188.119.148.0/23
IP: 193.42.36.0/22
IP: 193.111.208.0/24
IP: 194.33.28.0/24
IP: 194.124.229.0/24
IP: 195.95.155.0/24
IP: 212.2.32.0/21
IP: 2a01:8640::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:63:36:4e:89:4e:98:46:bc:ac:3a:4f:fa:c6:92:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 22 08:51:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d6:3d:d6:1e:d5:d9:c2:28:ec:a0:d9:eb:cf:
45:70:1c:60:86:15:74:a6:b1:f8:ea:06:c0:8b:c4:
e9:5d:bc:c5:62:e1:5d:b2:24:7d:0f:7a:81:29:06:
50:b8:db:df:e4:07:c1:28:97:8e:63:f6:7f:75:fa:
e0:36:de:e7:e1:55:c3:74:11:5c:3a:32:a3:26:71:
1b:02:cb:63:39:61:a7:d6:a0:64:9d:de:94:d2:82:
70:62:d6:c0:40:a9:44:db:d0:78:19:84:d8:39:cf:
d6:2f:6f:c0:8c:b8:13:91:8a:48:aa:49:98:99:6d:
80:d3:48:ba:fb:97:51:32:f5:29:8d:17:b3:7c:30:
f9:18:36:c5:43:36:dd:81:86:eb:4e:82:00:27:7c:
1d:47:16:e7:44:7b:15:47:c8:75:e6:7a:3d:ca:e2:
04:40:c2:da:2d:ec:7f:5a:3c:43:ff:57:e0:d8:50:
d8:2f:c7:ab:2c:da:eb:56:0b:0b:71:c2:17:f4:63:
30:57:7f:f9:aa:5a:a6:12:09:9d:54:1b:54:b6:60:
33:81:b1:37:bd:d7:f5:f1:87:3e:e6:56:69:18:78:
d2:45:6c:99:8c:48:28:bc:2b:21:b3:05:ea:2e:c1:
a2:6b:54:e4:55:e5:07:85:e3:02:23:4e:4d:07:a1:
a2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/21
77.83.196.0/22
79.141.160.0/20
80.75.215.0/24
85.158.108.0/22
89.44.80.0/24
89.46.38.0/24
89.150.40.0/24
89.150.45.0/24
89.150.48.0/24
89.150.57.0/24
91.193.16.0/22
91.220.8.0/24
94.126.224.0/22
95.128.196.0-95.128.198.255
185.33.84.0/22
185.40.86.0/24
185.80.52.0/22
185.81.112.0/22
185.104.192.0/22
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.221.222.0/23
185.223.57.0/24
185.235.137.0-185.235.138.255
185.253.116.0/22
188.119.148.0/23
193.42.36.0/22
193.111.208.0/24
194.33.28.0/24
194.124.229.0/24
195.95.155.0/24
212.2.32.0/21
IPv6:
2a01:8640::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59711
61046
201525
202015
Signature Algorithm: sha256WithRSAEncryption
13:e8:b4:ca:f2:47:58:d3:30:2c:45:4f:32:5b:e7:5d:12:0d:
7f:93:c7:74:b7:ec:e0:8f:68:88:ee:62:d0:54:af:0b:b0:a3:
63:6f:23:8e:18:02:38:c2:3b:49:c9:dd:83:46:4c:36:4f:4d:
83:4f:99:81:bd:a5:6e:09:5f:fc:09:42:3f:6f:4e:1c:37:ca:
68:42:ec:e8:11:30:a9:54:40:e2:03:ca:23:b0:8d:ce:9d:4c:
e9:2b:ca:e8:ab:97:68:85:8a:7a:96:35:1e:49:e8:f5:d9:13:
fa:8c:79:9b:22:2f:a6:55:24:5d:80:34:b3:2d:0a:44:e2:8b:
22:92:ce:4e:9b:35:c5:76:8e:63:03:86:7c:a1:a2:e2:3f:e4:
2a:fa:8f:22:82:73:f0:d1:93:bb:d2:25:55:7a:d9:67:1b:f8:
5b:60:0a:0a:74:08:97:3d:c9:71:bd:2b:43:47:1c:72:13:c6:
a0:0b:51:34:33:be:fe:4f:bf:c3:de:b8:13:e9:60:75:30:88:
15:14:b1:57:b3:6c:94:07:3b:fe:89:74:b5:6c:ed:ab:dc:91:
70:17:0a:e9:3b:db:97:26:50:e2:2f:28:ff:f8:a4:f3:44:21:
98:78:b1:77:5d:4b:d0:be:f6:f0:22:66:40:63:67:bc:c5:6a:
69:5e:db:0e
-----BEGIN CERTIFICATE-----
MIIGlDCCBXygAwIBAgISAZ20YzZOiU6YRrysOk/6xpKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDIyMDg1MTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTEyNDJjMzNiYzJlMmU5ZTQ1ODUwYTBmYzY0YWIyYzc1MDZhNGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNY91h7V2cIo7KDZ689FcBxghhV0
prH46gbAi8TpXbzFYuFdsiR9D3qBKQZQuNvf5AfBKJeOY/Z/dfrgNt7n4VXDdBFc
OjKjJnEbAstjOWGn1qBknd6U0oJwYtbAQKlE29B4GYTYOc/WL2/AjLgTkYpIqkmY
mW2A00i6+5dRMvUpjRezfDD5GDbFQzbdgYbrToIAJ3wdRxbnRHsVR8h15no9yuIE
QMLaLex/WjxD/1fg2FDYL8erLNrrVgsLccIX9GMwV3/5qlqmEgmdVBtUtmAzgbE3
vdf18Yc+5lZpGHjSRWyZjEgovCshswXqLsGia1TkVeUHheMCI05NB6GitwIDAQAB
o4IDoDCCA5wwHQYDVR0OBBYEFGkSQsM7wuLp5FhQoPxkqyx1BqS4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M3LzYzNTZi
OS1jNDlmLTRiNGQtOGUyOS0zNjJmZmU4ZWUyNzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcvNjM1NmI5
LWM0OWYtNGI0ZC04ZTI5LTM2MmZmZThlZTI3MC8xL2FSSkN3enZDNHVua1dGQ2df
R1NyTEhVR3BMZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBDgYIKwYB
BQUHAQcBAf8Egf4wgfswgekEAgABMIHiAwQDBZX4AwQCTVPEAwQET42gAwQAUEvX
AwQCVZ5sAwQAWSxQAwQAWS4mAwQAWZYoAwQAWZYtAwQAWZYwAwQAWZY5AwQCW8EQ
AwQAW9wIAwQCXn7gMAwDBAJfgMQDBABfgMYDBAK5IVQDBAC5KFYDBAK5UDQDBAK5
UXADBAK5aMADBAK5dVgDBAC5e2YDBAC5roUDBAC5rocDBAG53d4DBAC53zkwDAME
ALnriQMEALnrigMEArn9dAMEAbx3lAMEAsEqJAMEAMFv0AMEAMIhHAMEAMJ85QME
AMNfmwMEA9QCIDANBAIAAjAHAwUAKgGGQDApBggrBgEFBQcBCAEB/wQaMBigFjAU
AgMA6T8CAwDudgIDAxM1AgMDFR8wDQYJKoZIhvcNAQELBQADggEBABPotMryR1jT
MCxFTzJb510SDX+Tx3S37OCPaIjuYtBUrwuwo2NvI44YAjjCO0nJ3YNGTDZPTYNP
mYG9pW4JX/wJQj9vThw3ymhC7OgRMKlUQOIDyiOwjc6dTOkryuirl2iFinqWNR5J
6PXZE/qMeZsiL6ZVJF2ANLMtCkTiiyKSzk6bNcV2jmMDhnyhouI/5Cr6jyKCc/DR
k7vSJVV62Wcb+FtgCgp0CJc9yXG9K0NHHHITxqALUTQzvv5Pv8PeuBPpYHUwiBUU
sVezbJQHO/6JdLVs7avckXAXCuk725cmUOIvKP/4pPNEIZh4sXddS9C+9vAiZkBj
Z7zFamle2w4=
-----END CERTIFICATE-----
Generated at Mon Apr 27 04:41:04 2026 by rpki-client