Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
File: bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer (raw, json)
Hash identifier: 2nGukTGz9WIB9nrxC90urIuI2vFi0rWGESPjFNOoKqw=
Subject key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0197F3EAA6FF5BE855D52232F1F596F656FF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 10 Jul 2025 10:38:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 60817
IP: 62.205.128.0/19
IP: 94.131.0.0/23
IP: 94.131.4.0/22
IP: 94.131.21.0 -- 94.131.22.255
IP: 94.131.24.0 -- 94.131.79.255
IP: 94.131.124.0 -- 94.131.175.255
IP: 94.131.224.0/20
IP: 185.39.28.0/23
IP: 193.33.64.0/23
IP: 195.214.212.0/22
IP: 212.86.97.0/24
IP: 212.86.103.0/24
IP: 212.86.107.0/24
IP: 212.86.112.0/24
IP: 212.86.116.0 -- 212.86.127.255
IP: 2001:67c:1728::/48
IP: 2a01:d0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:ea:a6:ff:5b:e8:55:d5:22:32:f1:f5:96:f6:56:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 10 10:38:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:21:28:7e:c4:13:37:24:91:d8:56:57:96:17:
10:5f:e2:2a:f7:c8:a9:27:69:75:1f:6c:62:26:9a:
6b:46:88:1c:56:09:9f:d2:3a:1a:1f:84:87:ba:e2:
e2:9c:94:99:1d:af:82:33:71:7a:79:44:f2:31:0c:
32:01:47:ee:9b:62:05:8f:ca:32:7c:b4:a0:75:71:
e4:0f:a6:50:2a:95:40:fb:a8:0e:56:88:a9:0e:d8:
93:9d:37:56:11:d8:88:4c:fe:22:27:7e:35:08:01:
54:d4:b7:93:46:b0:e9:4e:31:48:6b:10:1e:36:c4:
97:2e:9a:73:b4:95:c9:db:42:66:c0:11:7b:4c:6e:
e3:f9:cb:10:de:ea:ba:5e:08:a3:2c:b9:c3:c0:f8:
27:ab:92:a8:df:fd:b2:29:92:4c:c4:b0:61:0b:5b:
cb:e1:d3:83:e1:21:cc:35:35:2d:16:20:f3:05:95:
7a:5e:2b:ec:e9:0f:0b:bf:a8:e3:ba:e7:9c:e5:62:
9f:e9:6d:c1:73:d8:58:64:2b:7f:b4:6d:49:18:07:
3e:ed:58:93:3a:43:70:a6:fb:fc:ce:9a:a9:8f:e0:
b2:4a:6a:9d:ca:f1:26:22:7c:fb:c3:25:e7:9f:c6:
50:67:db:df:6a:63:bd:76:2d:8b:f3:1b:1d:b8:15:
71:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/22
94.131.21.0-94.131.22.255
94.131.24.0-94.131.79.255
94.131.124.0-94.131.175.255
94.131.224.0/20
185.39.28.0/23
193.33.64.0/23
195.214.212.0/22
212.86.97.0/24
212.86.103.0/24
212.86.107.0/24
212.86.112.0/24
212.86.116.0-212.86.127.255
IPv6:
2001:67c:1728::/48
2a01:d0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60817
Signature Algorithm: sha256WithRSAEncryption
34:5f:b5:22:2c:55:09:5f:03:f5:cb:b9:b1:85:40:c9:f2:35:
a7:16:31:d5:53:6d:46:d7:79:9c:4d:37:49:23:65:9b:42:d0:
04:d1:2f:9a:03:8e:27:0e:58:0a:53:51:cb:21:08:5a:67:33:
15:92:ce:3b:83:e1:62:6c:81:61:d3:bb:14:fd:5e:83:ac:50:
c7:d9:2b:67:a1:71:79:0f:c5:28:8a:da:12:90:37:7f:e3:05:
e0:c9:2e:38:25:ca:7a:a5:45:5c:59:84:d1:ef:df:19:11:cb:
57:5c:07:c0:7a:36:13:89:fc:66:25:f4:d7:96:d8:5d:1e:60:
13:b4:25:81:3f:cc:02:e3:1e:29:48:60:ec:15:78:a5:6e:bb:
1e:8b:66:62:c0:f4:86:d7:da:d4:01:95:e2:36:dc:51:0e:5d:
63:fc:af:63:4a:1a:77:4f:c8:af:5f:c4:88:9f:ae:5a:72:02:
e9:b0:bf:e7:0e:0e:35:24:e0:76:07:c3:51:8d:3b:50:a9:06:
28:8d:75:cd:22:bc:db:55:45:4b:96:5c:e0:6d:b2:1b:b2:b4:
fd:96:4b:52:27:9c:f2:b7:bb:7f:b6:a0:34:14:97:22:c8:c8:
b8:c5:ed:7f:4c:3b:d3:e7:20:e0:6c:ad:9a:55:b8:8e:6f:51:
54:ca:3b:90
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAZfz6qb/W+hV1SIy8fWW9lb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzEwMTAzODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc0M2VkNjNlODY4ZWY1MGY2ZDg0YzAwMDNhODM0ODNmYzYyYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyEofsQTNySR2FZXlhcQX+Iq98ip
J2l1H2xiJpprRogcVgmf0joaH4SHuuLinJSZHa+CM3F6eUTyMQwyAUfum2IFj8oy
fLSgdXHkD6ZQKpVA+6gOVoipDtiTnTdWEdiITP4iJ341CAFU1LeTRrDpTjFIaxAe
NsSXLppztJXJ20JmwBF7TG7j+csQ3uq6XgijLLnDwPgnq5Ko3/2yKZJMxLBhC1vL
4dOD4SHMNTUtFiDzBZV6Xivs6Q8Lv6jjuuec5WKf6W3Bc9hYZCt/tG1JGAc+7ViT
OkNwpvv8zpqpj+CySmqdyvEmInz7wyXnn8ZQZ9vfamO9di2L8xsduBVxJQIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFG10PtY+ho71D22EwAA6g0g/xioDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkL2UwNTM1
Mi1mMTQ4LTQwYTAtODdhNC1lOTcyNGE3YTZiYzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvZTA1MzUy
LWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8xL2JYUS0xajZHanZVUGJZVEFB
RHFEU0RfR0tnTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGuBggrBgEF
BQcBBwEB/wSBnjCBmzCBgAQCAAEwegMEBT7NgAMEAV6DAAMEAl6DBDAMAwQAXoMV
AwQAXoMWMAwDBANegxgDBAReg0AwDAMEAl6DfAMEBF6DoAMEBF6D4AMEAbknHAME
AcEhQAMEAsPW1AMEANRWYQMEANRWZwMEANRWawMEANRWcDAMAwQC1FZ0AwQH1FYA
MBYEAgACMBADBwAgAQZ8FygDBQMqAQDQMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDtkTANBgkqhkiG9w0BAQsFAAOCAQEANF+1IixVCV8D9cu5sYVAyfI1pxYx1VNt
Rtd5nE03SSNlm0LQBNEvmgOOJw5YClNRyyEIWmczFZLOO4PhYmyBYdO7FP1eg6xQ
x9krZ6FxeQ/FKIraEpA3f+MF4MkuOCXKeqVFXFmE0e/fGRHLV1wHwHo2E4n8ZiX0
15bYXR5gE7QlgT/MAuMeKUhg7BV4pW67HotmYsD0htfa1AGV4jbcUQ5dY/yvY0oa
d0/Ir1/EiJ+uWnIC6bC/5w4ONSTgdgfDUY07UKkGKI11zSK821VFS5Zc4G2yG7K0
/ZZLUiec8re7f7agNBSXIsjIuMXtf0w70+cg4GytmlW4jm9RVMo7kA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:40:15 2025 by rpki-client