Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
File: b8zf_aakxIkUtejN59pdgguclxg.cer (raw, json)
Hash identifier: sp7JMd5MlSptnL8T4sdooALGuwPRgTDFNp/VaN8z0rU=
Subject key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A49BCA338869284A1A747DCF628EE510A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 03 Nov 2025 12:41:30 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 80.68.159.0/24
IP: 91.90.192.0/22
IP: 91.196.7.0/24
IP: 91.210.164.0/22
IP: 91.215.152.0/22
IP: 91.223.123.0/24
IP: 91.247.36.0/23
IP: 92.118.148.0/22
IP: 94.131.16.0/22
IP: 94.142.255.0/24
IP: 171.33.241.0/24
IP: 176.126.162.0/23
IP: 185.39.30.0/23
IP: 185.190.250.0/23
IP: 185.198.164.0/22
IP: 185.237.218.0/23
IP: 185.237.224.0/23
IP: 185.253.0.0/24
IP: 185.253.44.0/22
IP: 193.111.210.0/24
IP: 193.162.47.0/24
IP: 195.20.208.0/24
IP: 195.28.182.0/23
IP: 195.245.112.0/23
IP: 2001:67c:2f4c::/48
IP: 2001:67c:2f5c::/48
IP: 2001:67c:2f6c::/48
IP: 2a06:fcc0::/29
IP: 2a0a:8c40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Nov 2025 18:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:bc:a3:38:86:92:84:a1:a7:47:dc:f6:28:ee:51:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 3 12:41:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:3d:6e:6a:51:54:80:15:86:c4:09:f4:21:
dc:9f:10:92:6a:3f:4d:89:9b:8f:68:b4:00:b8:6f:
8b:d1:5c:95:a8:c5:ac:89:d7:5a:0f:ad:33:59:f7:
21:5f:a9:d6:fe:40:85:80:e2:1e:b1:58:9e:00:f7:
db:b0:13:1b:54:33:a3:70:25:35:28:1f:c1:da:9c:
6a:d7:fb:f7:73:65:3b:b2:51:10:b1:de:57:49:49:
1c:c4:65:bf:0c:f9:aa:e2:ef:a8:85:c0:f4:5e:5a:
dd:32:27:55:c5:f3:b4:1c:b6:2f:fa:1f:b2:03:1f:
a1:42:f1:f4:ef:31:e1:b9:9c:87:28:ce:bd:f2:ec:
57:93:10:f9:e1:41:7f:cc:2e:16:d5:09:b2:f5:33:
c4:e4:92:24:1e:a7:51:68:6a:0a:f9:a3:fa:4f:02:
55:54:85:1d:19:38:5d:de:97:b4:d0:45:c9:e3:28:
b3:3e:57:24:44:7a:fa:e8:e9:3d:96:f9:77:27:0c:
94:18:f7:4f:27:46:65:35:85:0d:c0:df:42:bd:81:
70:78:50:87:a4:88:38:48:d1:db:bd:1a:0f:7a:98:
65:be:ba:f5:f1:dd:16:f9:8e:be:4b:14:b8:0c:02:
be:7c:6e:8b:d6:cf:3c:78:cc:dd:20:ff:16:f3:de:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.159.0/24
91.90.192.0/22
91.196.7.0/24
91.210.164.0/22
91.215.152.0/22
91.223.123.0/24
91.247.36.0/23
92.118.148.0/22
94.131.16.0/22
94.142.255.0/24
171.33.241.0/24
176.126.162.0/23
185.39.30.0/23
185.190.250.0/23
185.198.164.0/22
185.237.218.0/23
185.237.224.0/23
185.253.0.0/24
185.253.44.0/22
193.111.210.0/24
193.162.47.0/24
195.20.208.0/24
195.28.182.0/23
195.245.112.0/23
IPv6:
2001:67c:2f4c::/48
2001:67c:2f5c::/48
2001:67c:2f6c::/48
2a06:fcc0::/29
2a0a:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
79:a5:da:d2:b6:77:40:03:01:84:63:d0:de:84:75:35:e1:cd:
d6:c7:ab:d1:32:db:11:b6:07:76:42:a4:c6:7d:0c:a8:b6:2e:
2a:ca:47:37:12:9c:7f:12:41:18:87:a9:75:09:3b:46:f2:28:
52:d5:d9:42:39:ce:ca:63:34:34:28:62:9c:4d:22:d0:c2:84:
3d:61:68:c0:19:e4:9b:91:23:76:84:e5:0d:0a:d9:ff:d5:6c:
5e:2b:5f:84:61:04:10:49:45:c8:75:92:f1:0a:01:7f:63:84:
79:27:65:87:47:3f:80:bf:12:c9:44:ad:89:39:0d:63:03:d9:
73:ab:d4:56:d3:b1:e6:c2:fe:70:f2:47:7f:f9:4e:a9:17:db:
9f:97:56:34:7b:37:14:36:60:b8:0d:19:60:da:93:7f:99:04:
05:37:aa:94:7e:16:10:23:f4:7b:63:01:a7:ba:a5:b7:c7:ba:
b6:5f:8d:16:d4:cb:66:7d:11:16:59:22:49:27:be:3d:b4:f6:
c0:23:ff:ee:4c:37:ff:e6:5c:c8:08:f4:ed:41:99:5f:67:22:
55:f5:95:4f:7d:e0:c5:f3:43:d7:89:8c:f3:be:16:b7:2e:75:
1f:7d:0d:13:96:37:98:2d:63:8f:a2:b6:4f:31:7f:14:5a:87:
54:55:3d:c4
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISAZpJvKM4hpKEoadH3PYo7lEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMTAzMTI0MTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNjZGZmZGE2YTRjNDg5MTRiNWU4Y2RlN2RhNWQ4MjBiOWM5NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug89bmpRVIAVhsQJ9CHcnxCSaj9N
iZuPaLQAuG+L0VyVqMWsiddaD60zWfchX6nW/kCFgOIesVieAPfbsBMbVDOjcCU1
KB/B2pxq1/v3c2U7slEQsd5XSUkcxGW/DPmq4u+ohcD0XlrdMidVxfO0HLYv+h+y
Ax+hQvH07zHhuZyHKM698uxXkxD54UF/zC4W1Qmy9TPE5JIkHqdRaGoK+aP6TwJV
VIUdGThd3pe00EXJ4yizPlckRHr66Ok9lvl3JwyUGPdPJ0ZlNYUNwN9CvYFweFCH
pIg4SNHbvRoPephlvrr18d0W+Y6+SxS4DAK+fG6L1s88eMzdIP8W8953jwIDAQAB
o4IDRDCCA0AwHQYDVR0OBBYEFG/M3/2mpMSJFLXozefaXYILnJcYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyL2NiMDE1
My04MDNhLTRiYjYtYjE5ZC1hNzc0ZTQxZDI2NGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvY2IwMTUz
LTgwM2EtNGJiNi1iMTlkLWE3NzRlNDFkMjY0Yy8xL2I4emZfYWFreElrVXRlak41
OXBkZ2d1Y2x4Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHeBggrBgEF
BQcBBwEB/wSBzjCByzCBlwQCAAEwgZADBABQRJ8DBAJbWsADBABbxAcDBAJb0qQD
BAJb15gDBABb33sDBAFb9yQDBAJcdpQDBAJegxADBABejv8DBACrIfEDBAGwfqID
BAG5Jx4DBAG5vvoDBAK5xqQDBAG57doDBAG57eADBAC5/QADBAK5/SwDBADBb9ID
BADBoi8DBADDFNADBAHDHLYDBAHD9XAwLwQCAAIwKQMHACABBnwvTAMHACABBnwv
XAMHACABBnwvbAMFAyoG/MADBQMqCoxAMA0GCSqGSIb3DQEBCwUAA4IBAQB5pdrS
tndAAwGEY9DehHU14c3Wx6vRMtsRtgd2QqTGfQyoti4qykc3Epx/EkEYh6l1CTtG
8ihS1dlCOc7KYzQ0KGKcTSLQwoQ9YWjAGeSbkSN2hOUNCtn/1WxeK1+EYQQQSUXI
dZLxCgF/Y4R5J2WHRz+AvxLJRK2JOQ1jA9lzq9RW07Hmwv5w8kd/+U6pF9ufl1Y0
ezcUNmC4DRlg2pN/mQQFN6qUfhYQI/R7YwGnuqW3x7q2X40W1MtmfREWWSJJJ749
tPbAI//uTDf/5lzICPTtQZlfZyJV9ZVPfeDF80PXiYzzvha3LnUffQ0TljeYLWOP
orZPMX8UWodUVT3E
-----END CERTIFICATE-----
Generated at Sun Nov 9 03:56:38 2025 by rpki-client