Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
File: fiCwNOLEl7GIRIje8QaXJwR2UCk.cer (raw, json)
Hash identifier: SZtv20aJZSN+CbFQrZ5BW/VBiHYuBtqtzI4ApIaM+/A=
Subject key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CAF1535032A6D6C97AFDD50641A79E1FA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Mar 2026 15:05:28 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 5571
AS: 6727
AS: 8844
AS: 12554
AS: 12606
AS: 12852
AS: 15482
AS: 15565
AS: 20500
AS: 35694
AS: 50173
IP: 5.83.96.0/21
IP: 37.1.152.0/21
IP: 46.34.0.0/19
IP: 78.154.96.0/19
IP: 79.121.128.0/17
IP: 80.68.208.0/20
IP: 80.82.128.0/20
IP: 82.108.0.0/14
IP: 82.138.192.0/18
IP: 82.151.224.0/19
IP: 83.148.128.0/18
IP: 85.189.0.0/16
IP: 86.53.0.0/16
IP: 87.82.0.0 -- 87.86.255.255
IP: 91.143.176.0/20
IP: 91.195.166.0/23
IP: 92.54.128.0/18
IP: 92.244.160.0/19
IP: 93.152.0.0/17
IP: 93.157.216.0/21
IP: 94.185.128.0/17
IP: 95.152.192.0/18
IP: 95.177.0.0/17
IP: 109.71.168.0/21
IP: 109.174.128.0/17
IP: 109.204.0.0/17
IP: 141.0.32.0/19
IP: 149.126.104.0/21
IP: 185.3.72.0/22
IP: 185.4.164.0/22
IP: 185.25.220.0/22
IP: 193.33.72.0/23
IP: 193.238.164.0/22
IP: 194.6.96.0/19
IP: 194.42.224.0/19
IP: 194.145.222.0/23
IP: 194.154.96.0/19
IP: 194.242.128.0/19
IP: 195.40.0.0/16
IP: 195.72.160.0/19
IP: 195.128.190.0/23
IP: 195.172.0.0/16
IP: 212.2.0.0/19
IP: 212.74.0.0/19
IP: 212.134.0.0/15
IP: 212.212.0.0/16
IP: 213.160.96.0/19
IP: 213.177.224.0/19
IP: 213.235.0.0/18
IP: 217.79.96.0/19
IP: 217.145.112.0/20
IP: 217.204.0.0/14
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:15:35:03:2a:6d:6c:97:af:dd:50:64:1a:79:e1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 2 15:05:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e20b034e2c497b1884488def106972704765029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:50:69:17:16:fb:76:20:ec:e3:59:bb:ea:2c:
1f:fa:b2:83:3c:d3:1a:af:4f:41:59:41:b4:b7:a9:
dd:c7:d3:68:79:d0:43:5c:b5:14:97:e8:ba:00:7e:
05:96:6e:eb:ab:30:98:3d:18:6e:55:0c:8f:98:a5:
5f:a8:19:2f:4b:18:cf:89:71:04:b5:92:54:60:9a:
ed:88:59:c7:b8:8f:20:18:b0:d8:28:8e:2f:21:a6:
2a:03:14:6f:b3:c0:eb:0b:55:4f:ae:8d:77:bc:9c:
f9:73:fb:a0:dd:3b:78:ce:bc:b1:59:dc:28:43:1a:
3b:e5:b9:31:a7:bb:9b:a0:fa:89:87:92:c3:a4:a2:
d2:64:26:1c:0a:a3:3e:85:68:d9:c0:29:e9:c4:30:
76:56:3c:23:e3:37:16:46:4e:50:ca:ab:fc:a5:49:
34:87:22:31:cc:89:83:1c:d6:f9:fb:94:b7:05:ca:
15:39:01:74:e7:40:b1:89:57:f8:fe:d9:27:f5:bd:
1c:dc:cf:61:90:5d:c0:8d:b2:c4:96:b8:dc:98:18:
44:85:b4:5a:c3:ce:a0:c7:74:60:02:f2:7b:9f:34:
e5:99:88:34:75:6e:9b:ef:c0:23:29:7b:99:1c:90:
e9:2d:4c:ec:e6:c8:e9:66:45:e1:09:53:7b:38:35:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.96.0/21
37.1.152.0/21
46.34.0.0/19
78.154.96.0/19
79.121.128.0/17
80.68.208.0/20
80.82.128.0/20
82.108.0.0/14
82.138.192.0/18
82.151.224.0/19
83.148.128.0/18
85.189.0.0/16
86.53.0.0/16
87.82.0.0-87.86.255.255
91.143.176.0/20
91.195.166.0/23
92.54.128.0/18
92.244.160.0/19
93.152.0.0/17
93.157.216.0/21
94.185.128.0/17
95.152.192.0/18
95.177.0.0/17
109.71.168.0/21
109.174.128.0/17
109.204.0.0/17
141.0.32.0/19
149.126.104.0/21
185.3.72.0/22
185.4.164.0/22
185.25.220.0/22
193.33.72.0/23
193.238.164.0/22
194.6.96.0/19
194.42.224.0/19
194.145.222.0/23
194.154.96.0/19
194.242.128.0/19
195.40.0.0/16
195.72.160.0/19
195.128.190.0/23
195.172.0.0/16
212.2.0.0/19
212.74.0.0/19
212.134.0.0/15
212.212.0.0/16
213.160.96.0/19
213.177.224.0/19
213.235.0.0/18
217.79.96.0/19
217.145.112.0/20
217.204.0.0/14
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5571
6727
8844
12554
12606
12852
15482
15565
20500
35694
50173
Signature Algorithm: sha256WithRSAEncryption
8a:e2:6d:f1:a4:53:c9:40:ea:f1:15:8e:1e:1e:86:51:ae:17:
60:a7:7a:3b:40:3e:87:87:ff:e1:f5:7a:b9:05:6f:3e:67:89:
70:a8:5e:f9:4f:c7:33:5f:26:2f:93:34:3b:72:b1:6d:d9:27:
cd:43:73:59:91:d5:b5:9e:2b:e0:6c:7b:bc:86:9c:51:a5:b6:
90:5f:4e:5d:cc:12:54:15:c8:c5:1d:30:dc:d2:6a:10:52:ac:
51:5b:33:57:a6:fa:52:2a:60:15:80:18:6e:cd:6e:ab:f5:94:
89:dd:58:2a:f2:b2:87:1d:85:01:7a:54:a9:e0:02:97:fa:bb:
21:3d:aa:ca:db:1f:36:fe:42:31:df:bf:e6:c5:6d:9b:14:03:
d6:18:80:1b:c1:67:f5:f0:3a:db:33:78:93:c5:52:4c:6c:8f:
2e:b9:27:b6:c9:2a:bd:eb:92:8d:9c:b2:26:37:2b:00:4f:d8:
8a:34:4b:1e:a0:80:1e:83:82:bb:62:86:12:fd:01:65:65:4a:
44:c2:15:cd:b5:3b:7a:ad:f1:ee:eb:61:92:54:8e:2a:d9:14:
c0:2d:c3:a4:6b:96:41:15:70:eb:51:f6:27:a1:81:45:50:27:
b0:ac:54:8b:6a:02:92:6e:8e:53:5d:cf:fb:06:45:4d:76:f5:
1f:5b:54:ca
-----BEGIN CERTIFICATE-----
MIIG9zCCBd+gAwIBAgISAZyvFTUDKm1sl6/dUGQaeeH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzAyMTUwNTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIwYjAzNGUyYzQ5N2IxODg0NDg4ZGVmMTA2OTcyNzA0NzY1MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VBpFxb7diDs41m76iwf+rKDPNMa
r09BWUG0t6ndx9NoedBDXLUUl+i6AH4Flm7rqzCYPRhuVQyPmKVfqBkvSxjPiXEE
tZJUYJrtiFnHuI8gGLDYKI4vIaYqAxRvs8DrC1VPro13vJz5c/ug3Tt4zryxWdwo
Qxo75bkxp7uboPqJh5LDpKLSZCYcCqM+hWjZwCnpxDB2Vjwj4zcWRk5Qyqv8pUk0
hyIxzImDHNb5+5S3BcoVOQF050CxiVf4/tkn9b0c3M9hkF3AjbLElrjcmBhEhbRa
w86gx3RgAvJ7nzTlmYg0dW6b78AjKXuZHJDpLUzs5sjpZkXhCVN7ODV4UQIDAQAB
o4IEAzCCA/8wHQYDVR0OBBYEFH4gsDTixJexiESI3vEGlycEdlApMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwLzZiNjYy
ZC0wMmExLTQ2ZTctYjljZC0wMzVkOTc3ZjQyMTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvNmI2NjJk
LTAyYTEtNDZlNy1iOWNkLTAzNWQ5NzdmNDIxNi8xL2ZpQ3dOT0xFbDdHSVJJamU4
UWFYSndSMlVDay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBVwYIKwYB
BQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIBNgMEAwVTYAMEAyUBmAMEBS4iAAME
BU6aYAMEB095gAMEBFBE0AMEBFBSgAMDAlJsAwQGUorAAwQFUpfgAwQGU5SAAwMA
Vb0DAwBWNTAKAwMBV1IDAwBXVgMEBFuPsAMEAVvDpgMEBlw2gAMEBVz0oAMEB12Y
AAMEA12d2AMEB165gAMEBl+YwAMEB1+xAAMEA21HqAMEB22ugAMEB23MAAMEBY0A
IAMEA5V+aAMEArkDSAMEArkEpAMEArkZ3AMEAcEhSAMEAsHupAMEBcIGYAMEBcIq
4AMEAcKR3gMEBcKaYAMEBcLygAMDAMMoAwQFw0igAwQBw4C+AwMAw6wDBAXUAgAD
BAXUSgADAwHUhgMDANTUAwQF1aBgAwQF1bHgAwQG1esAAwQF2U9gAwQE2ZFwAwMC
2cwwQwYIKwYBBQUHAQgBAf8ENDAyoDAwLgICFcMCAhpHAgIijAICMQoCAjE+AgIy
NAICPHoCAjzNAgJQFAIDAItuAgMAw/0wDQYJKoZIhvcNAQELBQADggEBAIribfGk
U8lA6vEVjh4ehlGuF2CnejtAPoeH/+H1erkFbz5niXCoXvlPxzNfJi+TNDtysW3Z
J81Dc1mR1bWeK+Bse7yGnFGltpBfTl3MElQVyMUdMNzSahBSrFFbM1em+lIqYBWA
GG7Nbqv1lIndWCrysocdhQF6VKngApf6uyE9qsrbHzb+QjHfv+bFbZsUA9YYgBvB
Z/XwOtszeJPFUkxsjy65J7bJKr3rko2csiY3KwBP2Io0Sx6ggB6DgrtihhL9AWVl
SkTCFc21O3qt8e7rYZJUjirZFMAtw6RrlkEVcOtR9iehgUVQJ7CsVItqApJujlNd
z/sGRU129R9bVMo=
-----END CERTIFICATE-----
Generated at Thu Mar 5 15:51:18 2026 by rpki-client