Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer
File: qQYfL0mm16-epna60D3xzi9QJg0.cer (raw, json)
Hash identifier: vdhQaOz8F650rovBL2YwNT4CEmflaf5gnnh59dFl8fg=
Subject key identifier: A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196C9F346D1AD5F05BE17CD73B812DF1ED7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 13 May 2025 14:01:25 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29056
IP: 37.143.176.0/20
IP: 85.237.0.0/19
IP: 91.143.96.0/20
IP: 109.73.144.0/20
IP: 185.15.236.0/22
IP: 185.220.252.0/22
IP: 185.222.128.0/22
IP: 185.225.144.0/22
IP: 185.228.128.0/22
IP: 185.233.144.0/22
IP: 185.236.72.0/22
IP: 193.46.248.0/24
IP: 217.29.144.0/20
IP: 2a02:758::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:f3:46:d1:ad:5f:05:be:17:cd:73:b8:12:df:1e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 13 14:01:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9061f2f49a6d7af9ea676bad03df1ce2f50260d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:63:d9:22:cb:d5:c7:69:99:ac:77:22:c5:74:
89:f5:97:10:8c:f7:28:27:b9:86:ce:f4:eb:44:05:
22:b8:e1:de:94:8c:11:8c:6b:52:56:06:d6:1d:18:
32:79:96:2b:e6:b0:69:37:f8:bf:f4:e8:ec:10:3c:
2a:4a:91:c9:42:67:20:10:2e:29:bc:54:b0:c8:b4:
03:41:7c:88:3a:17:6a:90:22:72:87:60:9b:02:00:
f7:31:ba:f8:79:cc:50:a3:17:ca:60:ad:79:ca:a0:
e4:4d:46:77:b4:17:10:9a:04:bf:23:50:d0:5c:67:
d8:e4:18:14:b9:08:38:5f:42:fc:dc:a8:8b:12:f2:
41:e9:18:b9:48:d1:90:97:5f:25:f4:46:16:58:67:
d2:4e:85:50:1d:1c:8a:76:3b:1d:31:e9:9a:24:f3:
b3:51:25:12:39:6b:f0:e5:b8:e8:a5:27:65:b8:10:
b6:1c:ef:b5:43:8d:d8:85:cf:2b:67:ae:3c:28:70:
cd:5d:9f:d5:ab:fa:03:19:4d:cf:5d:62:0e:12:08:
4d:6c:c5:5c:f4:f9:d0:cb:67:dd:ce:f2:4f:c6:43:
2b:6e:f5:3b:3d:5e:88:89:68:22:6a:f4:22:0b:b3:
7a:f7:a8:89:07:57:07:7e:e4:46:19:0b:19:38:67:
75:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.176.0/20
85.237.0.0/19
91.143.96.0/20
109.73.144.0/20
185.15.236.0/22
185.220.252.0/22
185.222.128.0/22
185.225.144.0/22
185.228.128.0/22
185.233.144.0/22
185.236.72.0/22
193.46.248.0/24
217.29.144.0/20
IPv6:
2a02:758::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29056
Signature Algorithm: sha256WithRSAEncryption
14:d5:ae:ba:0f:ab:24:b3:7d:0c:2b:21:b7:3c:e3:2d:d2:32:
e0:b6:78:63:29:b0:80:71:bc:ec:a2:44:70:d3:a0:ef:0b:fe:
3d:f4:96:d1:b3:fa:c8:6e:52:b3:35:97:c1:67:ac:b1:07:c9:
ad:fb:60:55:f9:0b:4c:82:28:d5:79:e6:6f:59:b1:4d:d1:4a:
77:9e:2e:cb:a8:ac:e6:1b:46:4b:43:27:f5:2d:9f:9f:2d:49:
7a:f3:65:da:c7:5a:0c:8c:14:e1:d1:69:e8:6c:ac:d3:ba:57:
8a:9c:91:2e:8a:92:6b:3a:13:fb:02:7f:33:57:4a:ab:c8:37:
48:52:f9:f7:4e:a3:47:b4:7f:b4:fd:52:1e:89:d5:bd:77:e8:
f8:9a:d9:67:0e:ee:ab:e6:3a:e5:b3:12:d0:ab:ed:0a:0a:1f:
5e:81:b3:b2:b3:cf:5f:49:e9:5e:32:5d:67:d4:9f:bb:d4:ab:
6f:01:c7:92:ad:e6:82:82:4f:6b:ff:7a:97:e2:6d:ee:ef:a5:
fe:a1:0c:a5:09:2a:bd:53:39:11:33:2b:9a:ad:83:5c:6a:cb:
4c:e2:5b:92:ca:77:24:c9:07:64:6a:08:0c:d5:99:ed:55:e4:
a0:f8:ce:d8:cc:63:ee:26:3b:91:12:3f:fb:48:cf:35:10:c3:
e8:9e:c4:cb
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZbJ80bRrV8FvhfNc7gS3x7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTEzMTQwMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA2MWYyZjQ5YTZkN2FmOWVhNjc2YmFkMDNkZjFjZTJmNTAyNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWPZIsvVx2mZrHcixXSJ9ZcQjPco
J7mGzvTrRAUiuOHelIwRjGtSVgbWHRgyeZYr5rBpN/i/9OjsEDwqSpHJQmcgEC4p
vFSwyLQDQXyIOhdqkCJyh2CbAgD3Mbr4ecxQoxfKYK15yqDkTUZ3tBcQmgS/I1DQ
XGfY5BgUuQg4X0L83KiLEvJB6Ri5SNGQl18l9EYWWGfSToVQHRyKdjsdMemaJPOz
USUSOWvw5bjopSdluBC2HO+1Q43Yhc8rZ648KHDNXZ/Vq/oDGU3PXWIOEghNbMVc
9PnQy2fdzvJPxkMrbvU7PV6IiWgiavQiC7N696iJB1cHfuRGGQsZOGd1TQIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFKkGHy9JptevnqZ2utA98c4vUCYNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4L2JhOWJl
MS0xZmEyLTQyNTMtYmYwMS1mNmMyNjg2MTJmYzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvYmE5YmUx
LTFmYTItNDI1My1iZjAxLWY2YzI2ODYxMmZjNy8xL3FRWWZMMG1tMTYtZXBuYTYw
RDN4emk5UUpnMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHYGCCsGAQUF
BwEHAQH/BGcwZTBUBAIAATBOAwQEJY+wAwQFVe0AAwQEW49gAwQEbUmQAwQCuQ/s
AwQCudz8AwQCud6AAwQCueGQAwQCueSAAwQCuemQAwQCuexIAwQAwS74AwQE2R2Q
MA0EAgACMAcDBQMqAgdYMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnGAMA0GCSqG
SIb3DQEBCwUAA4IBAQAU1a66D6sks30MKyG3POMt0jLgtnhjKbCAcbzsokRw06Dv
C/499JbRs/rIblKzNZfBZ6yxB8mt+2BV+QtMgijVeeZvWbFN0Up3ni7LqKzmG0ZL
Qyf1LZ+fLUl682Xax1oMjBTh0WnobKzTuleKnJEuipJrOhP7An8zV0qryDdIUvn3
TqNHtH+0/VIeidW9d+j4mtlnDu6r5jrlsxLQq+0KCh9egbOys89fSeleMl1n1J+7
1KtvAceSreaCgk9r/3qX4m3u76X+oQylCSq9UzkRMyuarYNcastM4luSynckyQdk
aggM1ZntVeSg+M7YzGPuJjuREj/7SM81EMPonsTL
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:38:00 2025 by rpki-client