Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i9S8vzXbf-LvZjUipaOjl5pPH_g.cer
File: i9S8vzXbf-LvZjUipaOjl5pPH_g.cer (raw, json)
Hash identifier: dE/rRa53CBJg76aTSomfKajtf68x1qv/cE1gULOkCQM=
Subject key identifier: 8B:D4:BC:BF:35:DB:7F:E2:EF:66:35:22:A5:A3:A3:97:9A:4F:1F:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DAAD6CDAD2B7F0AA78D98DF286D7325DD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/i9S8vzXbf-LvZjUipaOjl5pPH_g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 20 Apr 2026 12:21:37 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 208591
IP: 45.84.208.0/22
IP: 185.216.58.0/23
IP: 2a0e:a180::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:d6:cd:ad:2b:7f:0a:a7:8d:98:df:28:6d:73:25:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 20 12:21:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8bd4bcbf35db7fe2ef663522a5a3a3979a4f1ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fd:fd:ff:b5:80:45:6d:5f:e4:ef:11:20:08:
d5:fe:26:bc:3b:40:23:2a:2f:96:ca:01:5b:17:c6:
16:35:cf:24:fc:07:2e:bd:82:a0:3e:d0:2b:00:69:
aa:70:95:54:bd:4c:7f:d3:2f:64:b3:9f:a7:06:67:
9b:4c:0d:be:67:08:b4:bd:6f:cb:6f:75:96:11:d8:
cf:8f:36:24:e8:3d:f7:5f:8d:50:9d:98:1a:ef:84:
aa:25:29:76:6b:95:1d:b1:f3:2f:e7:e8:b1:5e:36:
2b:eb:2b:64:dd:c8:31:f5:1f:ef:4d:f3:e2:28:f3:
52:59:ba:55:a8:14:30:eb:1e:90:05:0e:08:18:d6:
24:8c:ae:05:6d:ed:5d:1d:58:9d:03:42:33:20:71:
62:cc:57:23:1e:f0:b2:cb:db:97:a7:66:7b:a1:ec:
d5:3a:42:b8:29:62:2d:d6:da:ed:83:60:6b:02:19:
e4:48:dd:c7:e1:35:c0:ee:f2:60:75:55:2a:69:84:
20:5d:8e:fb:4a:4a:6b:6f:dd:01:bf:c6:84:fc:c7:
fe:8d:48:98:6d:4d:8c:72:9a:8f:bc:d2:cb:49:16:
c5:b7:0c:bf:2c:84:1f:16:1d:40:79:2b:92:f8:be:
06:f7:46:ab:62:b5:79:d1:70:0d:69:dc:b1:94:ff:
aa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D4:BC:BF:35:DB:7F:E2:EF:66:35:22:A5:A3:A3:97:9A:4F:1F:F8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/i9S8vzXbf-LvZjUipaOjl5pPH_g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.208.0/22
185.216.58.0/23
IPv6:
2a0e:a180::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208591
Signature Algorithm: sha256WithRSAEncryption
48:d8:f7:d2:92:65:79:a0:af:28:8b:75:47:52:d8:05:9c:f4:
01:47:94:49:b4:cc:b3:13:21:97:e1:13:ea:87:b7:5f:a9:a3:
59:04:b6:44:e8:37:52:5c:bb:d1:31:4f:0b:87:f3:ce:3b:8b:
38:d0:c7:5d:ae:b8:c7:3d:ac:03:e2:4b:3e:75:ac:f9:d3:dc:
6f:6e:d6:a5:06:05:a5:14:02:32:54:ca:b8:b8:67:45:42:fb:
40:18:54:3f:55:09:be:5f:d6:e6:d8:2f:dd:4a:12:ae:39:62:
e4:3d:9f:3b:21:3b:8e:72:0a:71:22:05:97:3a:19:ed:c5:fa:
96:ed:b1:5a:e6:cf:d7:b0:ad:6e:8b:64:0d:80:6f:3e:43:aa:
2c:30:99:8b:59:75:74:9e:a9:3c:f4:84:42:02:08:73:e4:c6:
74:c6:ae:e4:b4:f2:a8:51:f6:a2:37:c8:45:63:c2:ad:ad:15:
ea:fb:b5:8e:04:ed:c1:dc:45:20:8d:98:8d:d2:07:e7:4b:67:
c3:15:f8:b9:86:4a:e6:9c:c8:ed:d4:26:02:7e:06:30:41:67:
27:70:c3:bc:69:fb:a4:d9:72:fe:cf:4d:c5:84:2b:0a:ab:99:
6d:e0:d9:4a:6b:f7:9a:46:9e:67:c5:31:27:3b:36:fb:dd:dc:
de:1c:e1:9f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZ2q1s2tK38Kp42Y3yhtcyXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDIwMTIyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmQ0YmNiZjM1ZGI3ZmUyZWY2NjM1MjJhNWEzYTM5NzlhNGYxZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv39/7WARW1f5O8RIAjV/ia8O0Aj
Ki+WygFbF8YWNc8k/AcuvYKgPtArAGmqcJVUvUx/0y9ks5+nBmebTA2+Zwi0vW/L
b3WWEdjPjzYk6D33X41QnZga74SqJSl2a5UdsfMv5+ixXjYr6ytk3cgx9R/vTfPi
KPNSWbpVqBQw6x6QBQ4IGNYkjK4Fbe1dHVidA0IzIHFizFcjHvCyy9uXp2Z7oezV
OkK4KWIt1trtg2BrAhnkSN3H4TXA7vJgdVUqaYQgXY77Skprb90Bv8aE/Mf+jUiY
bU2McpqPvNLLSRbFtwy/LIQfFh1AeSuS+L4G90arYrV50XANadyxlP+q4QIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFIvUvL8123/i72Y1IqWjo5eaTx/4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkL2ExNDI3
Mi0yNzk0LTRmMzgtOTY0MC00NzhlZDdmOGQwNWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvYTE0Mjcy
LTI3OTQtNGYzOC05NjQwLTQ3OGVkN2Y4ZDA1ZS8xL2k5Uzh2elhiZi1MdlpqVWlw
YU9qbDVwUEhfZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCLVTQAwQBudg6MA0EAgACMAcDBQMqDqGAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMuzzANBgkqhkiG9w0BAQsFAAOCAQEASNj3
0pJleaCvKIt1R1LYBZz0AUeUSbTMsxMhl+ET6oe3X6mjWQS2ROg3Uly70TFPC4fz
zjuLONDHXa64xz2sA+JLPnWs+dPcb27WpQYFpRQCMlTKuLhnRUL7QBhUP1UJvl/W
5tgv3UoSrjli5D2fOyE7jnIKcSIFlzoZ7cX6lu2xWubP17CtbotkDYBvPkOqLDCZ
i1l1dJ6pPPSEQgIIc+TGdMau5LTyqFH2ojfIRWPCra0V6vu1jgTtwdxFII2YjdIH
50tnwxX4uYZK5pzI7dQmAn4GMEFnJ3DDvGn7pNly/s9NxYQrCquZbeDZSmv3mkae
Z8UxJzs2+93c3hzhnw==
-----END CERTIFICATE-----
Generated at Sat May 16 19:29:08 2026 by rpki-client