Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
File: pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer (raw, json)
Hash identifier: PCiRIFTM0H5thvAHjiRGTHAe0fQf8Ic9IDmJE6oWEIw=
Subject key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E8272F69D07CFB1E17C4A8955EF36C311
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jun 2026 09:10:32 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 680
IP: 141.9.0.0/16
IP: 141.39.0.0/16
IP: 188.1.0.0/16
IP: 192.76.176.0/24
IP: 192.108.66.0/23
IP: 192.108.69.0 -- 192.108.72.255
IP: 192.129.26.0 -- 192.129.31.255
IP: 193.174.0.0/15
IP: 194.94.0.0/15
IP: 195.37.0.0/16
IP: 212.201.0.0/16
IP: 2001:638::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:72:f6:9d:07:cf:b1:e1:7c:4a:89:55:ef:36:c3:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 1 09:10:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:48:e8:27:b1:05:10:83:30:d4:c7:35:25:
47:9a:5a:f9:fa:06:dd:e6:a1:05:27:e7:01:ba:9b:
bd:80:9d:ed:c2:1e:bd:f7:bc:e4:6c:33:fb:90:97:
0d:db:0f:a3:03:57:af:a4:31:1e:ea:64:cb:15:35:
9a:2d:7a:8e:73:f3:c9:ed:0e:0b:71:95:e7:a1:41:
a3:be:67:0a:de:df:1b:2a:7c:1e:4c:8a:83:4e:91:
3b:48:bd:95:66:69:ad:7d:a3:bc:ac:fa:ff:79:f7:
9d:8b:f0:3b:e4:aa:7b:3d:ed:4a:e5:4f:84:0e:e2:
b6:91:43:23:fc:9f:cc:91:2f:14:2a:5b:3a:40:f3:
87:32:03:50:70:f9:9d:b2:de:d3:58:c2:4a:f2:6e:
4d:df:4f:9d:a1:58:21:d1:dd:75:92:58:b7:d2:ea:
29:28:24:5b:8f:17:a6:de:0b:58:2e:f8:cc:ba:f7:
4b:85:eb:d7:fc:5b:76:44:c2:dc:55:0c:04:51:7e:
45:5d:76:c0:7b:12:4f:91:49:d6:02:79:a4:45:bf:
3e:33:13:1b:31:82:d0:32:e6:cb:77:f6:85:27:e5:
d0:47:c6:eb:54:5e:9a:f5:5c:2c:0f:b5:c4:df:e7:
ed:36:6f:de:c1:9e:42:65:2d:e1:f8:58:f2:36:13:
4e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.9.0.0/16
141.39.0.0/16
188.1.0.0/16
192.76.176.0/24
192.108.66.0/23
192.108.69.0-192.108.72.255
192.129.26.0-192.129.31.255
193.174.0.0/15
194.94.0.0/15
195.37.0.0/16
212.201.0.0/16
IPv6:
2001:638::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
680
Signature Algorithm: sha256WithRSAEncryption
01:c9:cd:45:0d:cd:2c:03:4f:6d:70:8a:e2:dc:e3:42:f8:b0:
06:b2:99:ab:e2:24:f1:34:93:05:95:f4:0d:c7:cf:0b:bb:d0:
ac:86:b2:a9:86:50:52:0c:af:af:fe:21:dd:01:7d:d3:fc:ed:
ba:98:aa:4a:d7:8d:96:41:37:cd:8f:c5:a5:0e:5b:0a:78:33:
bf:be:34:20:63:79:34:47:3c:27:f6:3f:20:aa:92:2f:8f:87:
7e:55:c1:76:af:c5:e6:45:1d:4d:e5:89:5c:1e:ca:69:ef:64:
ee:6e:20:e9:d4:29:69:92:0f:1d:df:37:73:0c:03:99:ec:d8:
97:95:58:26:06:8f:ad:c3:35:62:38:bc:82:23:c5:03:88:19:
bf:ea:ac:a6:65:59:ac:7c:4c:7d:e0:e7:f6:86:c1:fe:11:02:
63:7c:fc:c3:9e:a8:af:30:61:b8:b9:bb:d4:e7:0d:92:0f:db:
92:65:dd:42:e5:2e:3f:a4:9e:7a:01:59:38:7c:04:2f:28:71:
eb:91:5d:be:fb:0f:b8:44:95:23:44:b4:5a:15:b3:07:dc:92:
b2:a7:fc:c3:e5:2d:8b:85:7f:25:ea:fc:86:19:3b:54:e4:bf:
bf:8b:5e:f0:b6:d1:53:3d:a1:39:47:28:b7:16:52:7f:6a:93:
90:33:4b:46
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZ6CcvadB8+x4XxKiVXvNsMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNjAxMDkxMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk5OTAzZGFiODVmNmE1OTc3MmIzZWRmZDRiZjBlNDkxYWY1N2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPtI6CexBRCDMNTHNSVHmlr5+gbd
5qEFJ+cBupu9gJ3twh6997zkbDP7kJcN2w+jA1evpDEe6mTLFTWaLXqOc/PJ7Q4L
cZXnoUGjvmcK3t8bKnweTIqDTpE7SL2VZmmtfaO8rPr/efedi/A75Kp7Pe1K5U+E
DuK2kUMj/J/MkS8UKls6QPOHMgNQcPmdst7TWMJK8m5N30+doVgh0d11kli30uop
KCRbjxem3gtYLvjMuvdLhevX/Ft2RMLcVQwEUX5FXXbAexJPkUnWAnmkRb8+MxMb
MYLQMubLd/aFJ+XQR8brVF6a9VwsD7XE3+ftNm/ewZ5CZS3h+FjyNhNOHQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFKSZkD2rhfall3Kz7f1L8OSRr1fEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkLzhlZGE5
YS1kMTNjLTQ0MzAtOGNmNC01N2VjMTJlODY0MWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvOGVkYTlh
LWQxM2MtNDQzMC04Y2Y0LTU3ZWMxMmU4NjQxZS8xL3BKbVFQYXVGOXFXWGNyUHRf
VXZ3NUpHdlY4US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHMGCCsGAQUF
BwEHAQH/BGQwYjBRBAIAATBLAwMAjQkDAwCNJwMDALwBAwQAwEywAwQBwGxCMAwD
BADAbEUDBADAbEgwDAMEAcCBGgMEBcCBAAMDAcGuAwMBwl4DAwDDJQMDANTJMA0E
AgACMAcDBQMgAQY4MBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAgKoMA0GCSqGSIb3
DQEBCwUAA4IBAQAByc1FDc0sA09tcIri3ONC+LAGspmr4iTxNJMFlfQNx88Lu9Cs
hrKphlBSDK+v/iHdAX3T/O26mKpK142WQTfNj8WlDlsKeDO/vjQgY3k0Rzwn9j8g
qpIvj4d+VcF2r8XmRR1N5YlcHspp72TubiDp1Clpkg8d3zdzDAOZ7NiXlVgmBo+t
wzViOLyCI8UDiBm/6qymZVmsfEx94Of2hsH+EQJjfPzDnqivMGG4ubvU5w2SD9uS
Zd1C5S4/pJ56AVk4fAQvKHHrkV2++w+4RJUjRLRaFbMH3JKyp/zD5S2LhX8l6vyG
GTtU5L+/i17wttFTPaE5Ryi3FlJ/apOQM0tG
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:40:04 2026 by rpki-client