Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
File: b8zf_aakxIkUtejN59pdgguclxg.cer (raw, json)
Hash identifier: VoIOh/l3p2rUY3afOUfPagmkSD0MQ+aQRUIkvuZGNZ8=
Subject key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E1C8DE12BE04FAE9528C40AC2A6719887
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 12 May 2026 14:18:40 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 80.68.159.0/24
IP: 91.90.192.0/22
IP: 91.196.7.0/24
IP: 91.210.164.0/22
IP: 91.215.152.0/22
IP: 91.223.123.0/24
IP: 91.247.36.0/23
IP: 92.118.148.0/22
IP: 94.131.16.0/22
IP: 94.131.48.0/22
IP: 94.142.255.0/24
IP: 171.33.241.0/24
IP: 176.126.162.0/23
IP: 185.39.30.0/23
IP: 185.190.250.0/23
IP: 185.198.164.0/22
IP: 185.230.44.0/22
IP: 185.237.218.0/23
IP: 185.237.224.0/23
IP: 185.253.0.0/24
IP: 185.253.44.0/22
IP: 193.111.210.0/24
IP: 193.162.47.0/24
IP: 195.20.208.0/24
IP: 195.28.182.0/23
IP: 195.245.112.0/23
IP: 2001:67c:2f4c::/48
IP: 2001:67c:2f5c::/48
IP: 2001:67c:2f6c::/48
IP: 2a06:fcc0::/29
IP: 2a0a:8c40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:8d:e1:2b:e0:4f:ae:95:28:c4:0a:c2:a6:71:98:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 12 14:18:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:3d:6e:6a:51:54:80:15:86:c4:09:f4:21:
dc:9f:10:92:6a:3f:4d:89:9b:8f:68:b4:00:b8:6f:
8b:d1:5c:95:a8:c5:ac:89:d7:5a:0f:ad:33:59:f7:
21:5f:a9:d6:fe:40:85:80:e2:1e:b1:58:9e:00:f7:
db:b0:13:1b:54:33:a3:70:25:35:28:1f:c1:da:9c:
6a:d7:fb:f7:73:65:3b:b2:51:10:b1:de:57:49:49:
1c:c4:65:bf:0c:f9:aa:e2:ef:a8:85:c0:f4:5e:5a:
dd:32:27:55:c5:f3:b4:1c:b6:2f:fa:1f:b2:03:1f:
a1:42:f1:f4:ef:31:e1:b9:9c:87:28:ce:bd:f2:ec:
57:93:10:f9:e1:41:7f:cc:2e:16:d5:09:b2:f5:33:
c4:e4:92:24:1e:a7:51:68:6a:0a:f9:a3:fa:4f:02:
55:54:85:1d:19:38:5d:de:97:b4:d0:45:c9:e3:28:
b3:3e:57:24:44:7a:fa:e8:e9:3d:96:f9:77:27:0c:
94:18:f7:4f:27:46:65:35:85:0d:c0:df:42:bd:81:
70:78:50:87:a4:88:38:48:d1:db:bd:1a:0f:7a:98:
65:be:ba:f5:f1:dd:16:f9:8e:be:4b:14:b8:0c:02:
be:7c:6e:8b:d6:cf:3c:78:cc:dd:20:ff:16:f3:de:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.159.0/24
91.90.192.0/22
91.196.7.0/24
91.210.164.0/22
91.215.152.0/22
91.223.123.0/24
91.247.36.0/23
92.118.148.0/22
94.131.16.0/22
94.131.48.0/22
94.142.255.0/24
171.33.241.0/24
176.126.162.0/23
185.39.30.0/23
185.190.250.0/23
185.198.164.0/22
185.230.44.0/22
185.237.218.0/23
185.237.224.0/23
185.253.0.0/24
185.253.44.0/22
193.111.210.0/24
193.162.47.0/24
195.20.208.0/24
195.28.182.0/23
195.245.112.0/23
IPv6:
2001:67c:2f4c::/48
2001:67c:2f5c::/48
2001:67c:2f6c::/48
2a06:fcc0::/29
2a0a:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
8f:7f:41:91:ef:cd:00:d4:1f:0d:0f:8b:a6:3f:a4:bc:94:a2:
87:27:ac:bc:07:88:36:0f:b8:0e:17:e6:10:0f:ac:14:ca:e6:
61:9d:8a:a7:a8:1e:10:bc:f9:c7:f0:4e:fa:16:00:56:1c:51:
46:74:65:88:eb:1e:23:a7:17:be:cb:92:c3:58:c9:a8:f9:52:
7a:aa:bb:6f:59:c4:65:ec:fe:56:9e:51:02:fa:ca:f9:e4:ab:
95:d6:2f:5b:e9:e7:84:72:12:cd:ce:2f:0d:7d:a2:fa:10:20:
01:c2:cc:5d:06:5f:bd:0b:83:df:e5:4c:ba:e3:7d:7e:d4:af:
df:2f:78:58:a9:c3:b0:f8:ef:2c:1c:6d:da:63:33:98:23:e2:
11:36:59:af:7e:e4:b7:5b:35:7f:8e:f5:76:38:4c:16:61:45:
1e:64:e7:b0:a7:72:ee:78:84:93:17:30:e0:d8:44:68:ab:6f:
39:e8:ae:37:bf:96:ff:72:18:6d:18:1d:1d:48:d7:dd:8a:d9:
13:8c:26:f3:f8:0b:ee:6d:58:ae:be:2f:44:a6:fe:b2:ca:09:
48:13:80:fb:f9:08:e6:33:b6:5c:ba:71:0f:b5:73:38:76:f1:
32:6a:fe:6c:03:21:87:5c:77:6b:55:ab:eb:1e:68:1a:4e:2b:
5a:74:9d:d0
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgISAZ4cjeEr4E+ulSjECsKmcZiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTEyMTQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNjZGZmZGE2YTRjNDg5MTRiNWU4Y2RlN2RhNWQ4MjBiOWM5NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug89bmpRVIAVhsQJ9CHcnxCSaj9N
iZuPaLQAuG+L0VyVqMWsiddaD60zWfchX6nW/kCFgOIesVieAPfbsBMbVDOjcCU1
KB/B2pxq1/v3c2U7slEQsd5XSUkcxGW/DPmq4u+ohcD0XlrdMidVxfO0HLYv+h+y
Ax+hQvH07zHhuZyHKM698uxXkxD54UF/zC4W1Qmy9TPE5JIkHqdRaGoK+aP6TwJV
VIUdGThd3pe00EXJ4yizPlckRHr66Ok9lvl3JwyUGPdPJ0ZlNYUNwN9CvYFweFCH
pIg4SNHbvRoPephlvrr18d0W+Y6+SxS4DAK+fG6L1s88eMzdIP8W8953jwIDAQAB
o4IDUDCCA0wwHQYDVR0OBBYEFG/M3/2mpMSJFLXozefaXYILnJcYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyL2NiMDE1
My04MDNhLTRiYjYtYjE5ZC1hNzc0ZTQxZDI2NGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvY2IwMTUz
LTgwM2EtNGJiNi1iMTlkLWE3NzRlNDFkMjY0Yy8xL2I4emZfYWFreElrVXRlak41
OXBkZ2d1Y2x4Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHqBggrBgEF
BQcBBwEB/wSB2jCB1zCBowQCAAEwgZwDBABQRJ8DBAJbWsADBABbxAcDBAJb0qQD
BAJb15gDBABb33sDBAFb9yQDBAJcdpQDBAJegxADBAJegzADBABejv8DBACrIfED
BAGwfqIDBAG5Jx4DBAG5vvoDBAK5xqQDBAK55iwDBAG57doDBAG57eADBAC5/QAD
BAK5/SwDBADBb9IDBADBoi8DBADDFNADBAHDHLYDBAHD9XAwLwQCAAIwKQMHACAB
BnwvTAMHACABBnwvXAMHACABBnwvbAMFAyoG/MADBQMqCoxAMA0GCSqGSIb3DQEB
CwUAA4IBAQCPf0GR780A1B8ND4umP6S8lKKHJ6y8B4g2D7gOF+YQD6wUyuZhnYqn
qB4QvPnH8E76FgBWHFFGdGWI6x4jpxe+y5LDWMmo+VJ6qrtvWcRl7P5WnlEC+sr5
5KuV1i9b6eeEchLNzi8NfaL6ECABwsxdBl+9C4Pf5Uy6431+1K/fL3hYqcOw+O8s
HG3aYzOYI+IRNlmvfuS3WzV/jvV2OEwWYUUeZOewp3LueISTFzDg2ERoq2856K43
v5b/chhtGB0dSNfditkTjCbz+AvubViuvi9Epv6yyglIE4D7+QjmM7ZcunEPtXM4
dvEyav5sAyGHXHdrVavrHmgaTitadJ3Q
-----END CERTIFICATE-----
Generated at Wed May 13 09:41:03 2026 by rpki-client