Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fJkBavdIpI_OhPY_XjqJMxQn3Yw.cer
File: fJkBavdIpI_OhPY_XjqJMxQn3Yw.cer (raw, json)
Hash identifier: R3KSBpfets/FT/gNE4YfZxRd+EJfJmHKCzE96kx/5eY=
Subject key identifier: 7C:99:01:6A:F7:48:A4:8F:CE:84:F6:3F:5E:3A:89:33:14:27:DD:8C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019A6AD3807F465C4A23BB991DD652054CCC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/3f72d7-b5b5-4dc2-9f02-1554f1d3b9b6/1/fJkBavdIpI_OhPY_XjqJMxQn3Yw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/3f72d7-b5b5-4dc2-9f02-1554f1d3b9b6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 09 Nov 2025 22:53:57 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 209894
IP: 217.70.1.0/24
IP: 2a14:440::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:6a:d3:80:7f:46:5c:4a:23:bb:99:1d:d6:52:05:4c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 9 22:53:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c99016af748a48fce84f63f5e3a89331427dd8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d2:0a:5f:92:28:ce:1e:f0:dc:ff:68:bb:38:
8c:d3:88:e6:c7:e1:2c:0a:06:2f:2d:6e:55:ab:15:
8c:8c:1d:2f:bf:2e:96:de:7e:e3:ea:63:23:da:47:
9b:d1:b1:8f:47:8a:24:77:98:69:7f:b3:7d:46:a9:
07:68:8b:a8:05:e3:8c:3e:f7:e1:5e:59:1d:4a:bf:
94:f7:4c:2f:fe:3a:55:4b:cb:d1:2d:f6:a6:6f:54:
77:b1:7a:0d:b5:78:4d:04:b2:e6:4e:bc:26:84:7b:
15:8c:ef:d9:4f:26:e7:a1:fb:83:3f:51:6b:e2:9b:
1f:48:72:f8:29:ce:fb:32:76:ae:6a:16:2b:87:4e:
d4:8d:f6:a1:26:f6:31:38:06:b7:08:bb:c9:f4:61:
03:6a:f3:99:34:bc:1c:e6:7a:4a:b3:23:ef:a5:4e:
2e:9a:d4:f8:cd:0f:27:8d:9a:fa:00:eb:0b:63:14:
91:e7:00:5d:1f:dc:ac:25:68:45:6c:15:52:e6:0b:
46:f3:8c:63:c0:9e:ec:f7:63:5b:a8:5f:56:e0:df:
1a:87:56:9b:8b:cc:07:3a:19:01:39:08:0b:4e:48:
45:a6:4f:23:fa:82:88:8f:88:67:08:a5:21:2b:af:
ac:0e:fe:87:dc:08:aa:97:a6:d0:c2:79:63:b7:3a:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:99:01:6A:F7:48:A4:8F:CE:84:F6:3F:5E:3A:89:33:14:27:DD:8C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3f72d7-b5b5-4dc2-9f02-1554f1d3b9b6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3f72d7-b5b5-4dc2-9f02-1554f1d3b9b6/1/fJkBavdIpI_OhPY_XjqJMxQn3Yw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.70.1.0/24
IPv6:
2a14:440::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209894
Signature Algorithm: sha256WithRSAEncryption
02:35:49:cb:37:9b:00:4a:2d:1e:e5:59:ad:c5:13:31:a5:d4:
1b:ac:df:7b:62:0e:ae:53:e4:c3:b2:ec:19:30:d7:0d:4b:14:
64:91:9e:9e:95:6d:74:8b:66:bb:32:be:35:fd:c2:43:10:e3:
c1:8d:f3:6f:3c:fb:9f:0c:05:cf:16:7a:ee:50:59:73:55:09:
c1:19:b4:57:9e:34:ad:83:e4:d3:c5:87:1c:1e:f9:4f:9f:aa:
17:1c:80:cd:06:44:bd:9c:da:93:bb:f8:fd:63:56:74:67:54:
83:dd:d6:a5:5b:30:cb:d5:e7:d7:a8:69:1d:83:7f:29:e9:e7:
c1:43:c6:25:0b:85:a1:9f:d2:18:60:28:e7:f5:99:93:aa:cc:
33:e0:fc:07:fd:3c:d5:45:e5:13:d8:63:82:e9:5c:45:ec:c5:
73:d7:16:a5:08:2e:f3:c5:88:4b:06:62:77:d5:19:18:4b:53:
9e:9a:80:0d:c9:9a:da:17:62:e6:6d:5f:1d:55:b1:ca:1f:c4:
7a:f9:b6:80:23:c4:cd:4b:0b:64:e2:79:bc:d0:51:73:7b:57:
59:82:6d:c1:95:81:44:12:ba:4d:13:34:45:f2:09:53:6a:8f:
a9:fb:d0:df:da:11:69:a1:91:bd:c2:d6:08:f4:b9:6b:bc:51:
fc:a6:c3:66
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZpq04B/RlxKI7uZHdZSBUzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMTA5MjI1MzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzk5MDE2YWY3NDhhNDhmY2U4NGY2M2Y1ZTNhODkzMzE0MjdkZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NIKX5Iozh7w3P9ouziM04jmx+Es
CgYvLW5VqxWMjB0vvy6W3n7j6mMj2keb0bGPR4okd5hpf7N9RqkHaIuoBeOMPvfh
XlkdSr+U90wv/jpVS8vRLfamb1R3sXoNtXhNBLLmTrwmhHsVjO/ZTybnofuDP1Fr
4psfSHL4Kc77MnauahYrh07UjfahJvYxOAa3CLvJ9GEDavOZNLwc5npKsyPvpU4u
mtT4zQ8njZr6AOsLYxSR5wBdH9ysJWhFbBVS5gtG84xjwJ7s92NbqF9W4N8ah1ab
i8wHOhkBOQgLTkhFpk8j+oKIj4hnCKUhK6+sDv6H3Aiql6bQwnljtzpyfwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHyZAWr3SKSPzoT2P146iTMUJ92MMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1LzNmNzJk
Ny1iNWI1LTRkYzItOWYwMi0xNTU0ZjFkM2I5YjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvM2Y3MmQ3
LWI1YjUtNGRjMi05ZjAyLTE1NTRmMWQzYjliNi8xL2ZKa0JhdmRJcElfT2hQWV9Y
anFKTXhRbjNZdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA2UYBMA0EAgACMAcDBQMqFARAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMz5jANBgkqhkiG9w0BAQsFAAOCAQEAAjVJyzebAEot
HuVZrcUTMaXUG6zfe2IOrlPkw7LsGTDXDUsUZJGenpVtdItmuzK+Nf3CQxDjwY3z
bzz7nwwFzxZ67lBZc1UJwRm0V540rYPk08WHHB75T5+qFxyAzQZEvZzak7v4/WNW
dGdUg93WpVswy9Xn16hpHYN/KennwUPGJQuFoZ/SGGAo5/WZk6rMM+D8B/081UXl
E9hjgulcRezFc9cWpQgu88WISwZid9UZGEtTnpqADcma2hdi5m1fHVWxyh/Eevm2
gCPEzUsLZOJ5vNBRc3tXWYJtwZWBRBK6TRM0RfIJU2qPqfvQ39oRaaGRvcLWCPS5
a7xR/KbDZg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 10:03:47 2025 by rpki-client