Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qCRriLgptKOq3CgNoUW2PpnpKg4.cer
File: qCRriLgptKOq3CgNoUW2PpnpKg4.cer (raw, json)
Hash identifier: jSJ/McesVJgdYNvNDuF7tSUXlepi57a+RFiObTZG4+I=
Subject key identifier: A8:24:6B:88:B8:29:B4:A3:AA:DC:28:0D:A1:45:B6:3E:99:E9:2A:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0198AE381B3C665880B7BEB22F93E69F7D47
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 15 Aug 2025 14:52:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2.57.52.0/22
IP: 91.236.104.0/24
IP: 91.236.115.0/24
IP: 91.236.213.0/24
IP: 91.237.53.0/24
IP: 2a09:d140::/29
IP: 2a0f:68c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ae:38:1b:3c:66:58:80:b7:be:b2:2f:93:e6:9f:7d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 15 14:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8246b88b829b4a3aadc280da145b63e99e92a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:40:3d:07:55:cc:12:69:75:2a:d2:23:46:2e:
1c:d3:d2:75:0f:89:61:ca:37:c7:06:74:82:29:e8:
81:dd:a0:3b:78:88:d7:84:29:78:5b:72:a3:0c:ae:
7e:a9:e2:10:1c:f6:18:c4:2c:ee:26:5f:f3:c4:1c:
58:eb:01:36:70:0e:17:4f:d2:7a:3c:c6:4b:bc:9f:
78:23:ec:f4:c6:ac:77:30:41:70:5a:57:06:b0:5b:
ac:d9:ad:85:46:ed:f1:9c:e4:d7:c5:92:7e:e5:a0:
dc:58:0c:0c:a9:e2:c5:a0:09:56:6f:ea:af:1d:20:
9b:40:98:1b:21:4c:3f:cd:8b:50:38:79:2b:e0:27:
54:51:4c:97:48:cc:a8:3b:58:c1:2f:cb:0e:54:1d:
8a:e1:37:11:fd:ea:5f:4e:b4:de:51:f8:99:87:72:
c9:72:5a:13:fd:d7:5e:e1:28:58:39:ff:e4:86:69:
32:ad:a2:7e:05:d5:22:f3:40:4b:d1:2e:e2:20:60:
29:2e:67:26:8e:ad:8c:cb:95:bf:e3:99:15:30:3e:
fd:16:1d:ea:d5:b6:b5:72:07:55:67:b2:7c:95:26:
19:0f:e5:17:4e:49:85:a9:46:3a:cf:f7:13:e2:06:
3d:87:20:d2:bb:34:3a:c1:a8:40:85:ac:10:a5:5f:
8e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:24:6B:88:B8:29:B4:A3:AA:DC:28:0D:A1:45:B6:3E:99:E9:2A:0E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.52.0/22
91.236.104.0/24
91.236.115.0/24
91.236.213.0/24
91.237.53.0/24
IPv6:
2a09:d140::/29
2a0f:68c0::/29
Signature Algorithm: sha256WithRSAEncryption
37:35:30:b8:f1:68:6b:c1:00:f6:5f:92:75:62:dd:83:23:60:
73:a3:4a:2a:cf:b4:5b:5f:88:7a:87:d0:d9:25:0e:56:8e:bd:
7b:75:62:60:bc:ac:c3:6a:11:6b:86:f6:0e:5c:23:0f:f5:6f:
c2:a1:89:4f:62:32:24:1e:19:28:8f:19:e2:a2:56:c9:26:03:
9f:39:63:93:5c:38:0f:83:5c:3a:40:3d:a6:91:03:a5:16:b2:
cc:b9:70:cf:62:8a:48:0f:50:d3:d9:b2:95:29:49:47:f8:ea:
88:e3:8c:ca:12:cc:ad:a2:a0:c5:e0:78:0b:7d:28:39:91:72:
f0:24:55:1a:94:41:b6:e9:f0:cb:2f:b7:b4:35:b2:41:b0:67:
92:e9:3e:31:2b:59:f5:b1:32:bc:ab:2f:2d:77:77:6c:ed:19:
23:75:86:3b:a4:86:bf:d9:0e:f5:cf:39:7c:43:7e:93:f0:36:
bb:e5:4a:c2:0c:be:d0:8e:93:ef:41:bb:b4:26:5d:ae:df:73:
82:87:5d:f7:f9:9f:02:11:a5:bb:72:df:e4:03:ab:5d:d9:73:
07:23:44:e4:1b:52:0e:6d:23:78:0b:b3:e3:91:76:e4:94:0e:
1b:59:87:0f:29:8a:6b:c6:8a:f5:cc:ad:18:67:55:4f:81:9b:
ba:ae:e7:cb
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZiuOBs8ZliAt76yL5Pmn31HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODE1MTQ1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI0NmI4OGI4MjliNGEzYWFkYzI4MGRhMTQ1YjYzZTk5ZTkyYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kA9B1XMEml1KtIjRi4c09J1D4lh
yjfHBnSCKeiB3aA7eIjXhCl4W3KjDK5+qeIQHPYYxCzuJl/zxBxY6wE2cA4XT9J6
PMZLvJ94I+z0xqx3MEFwWlcGsFus2a2FRu3xnOTXxZJ+5aDcWAwMqeLFoAlWb+qv
HSCbQJgbIUw/zYtQOHkr4CdUUUyXSMyoO1jBL8sOVB2K4TcR/epfTrTeUfiZh3LJ
cloT/dde4ShYOf/khmkyraJ+BdUi80BL0S7iIGApLmcmjq2My5W/45kVMD79Fh3q
1ba1cgdVZ7J8lSYZD+UXTkmFqUY6z/cT4gY9hyDSuzQ6wahAhawQpV+OZQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFKgka4i4KbSjqtwoDaFFtj6Z6SoOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4L2EzNmZi
Mi1lNjBkLTRmOGItOWM4YS00OTBjODgzMDFmY2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvYTM2ZmIy
LWU2MGQtNGY4Yi05YzhhLTQ5MGM4ODMwMWZjZS8xL3FDUnJpTGdwdEtPcTNDZ05v
VVcyUHBucEtnNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUF
BwEHAQH/BD4wPDAkBAIAATAeAwQCAjk0AwQAW+xoAwQAW+xzAwQAW+zVAwQAW+01
MBQEAgACMA4DBQMqCdFAAwUDKg9owDANBgkqhkiG9w0BAQsFAAOCAQEANzUwuPFo
a8EA9l+SdWLdgyNgc6NKKs+0W1+IeofQ2SUOVo69e3ViYLysw2oRa4b2DlwjD/Vv
wqGJT2IyJB4ZKI8Z4qJWySYDnzljk1w4D4NcOkA9ppEDpRayzLlwz2KKSA9Q09my
lSlJR/jqiOOMyhLMraKgxeB4C30oOZFy8CRVGpRBtunwyy+3tDWyQbBnkuk+MStZ
9bEyvKsvLXd3bO0ZI3WGO6SGv9kO9c85fEN+k/A2u+VKwgy+0I6T70G7tCZdrt9z
godd9/mfAhGlu3Lf5AOrXdlzByNE5BtSDm0jeAuz45F25JQOG1mHDymKa8aK9cyt
GGdVT4Gbuq7nyw==
-----END CERTIFICATE-----
Generated at Thu Aug 21 14:51:17 2025 by rpki-client