Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tFDTEy3hvC3SZdbhr8b7FrbsGwg.cer
File: tFDTEy3hvC3SZdbhr8b7FrbsGwg.cer (raw, json)
Hash identifier: KeOm45mAwuVDlWms53yEoULxARbhP+O76drPsgtpTr0=
Subject key identifier: B4:50:D3:13:2D:E1:BC:2D:D2:65:D6:E1:AF:C6:FB:16:B6:EC:1B:08
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CE1E3124D4BC01651B9E109ACA63EF6BE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/91/cfef67-efdf-49ba-b96b-65fc33de4f39/1/tFDTEy3hvC3SZdbhr8b7FrbsGwg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/91/cfef67-efdf-49ba-b96b-65fc33de4f39/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 12 Mar 2026 11:51:20 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 185.37.216.0/22
IP: 185.55.83.0/24
IP: 2a04:7340::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Mar 2026 14:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:e3:12:4d:4b:c0:16:51:b9:e1:09:ac:a6:3e:f6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 12 11:51:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b450d3132de1bc2dd265d6e1afc6fb16b6ec1b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:be:dc:d7:94:98:0c:92:eb:a9:34:4c:f7:42:
b8:ac:e3:9c:2f:05:79:7c:a2:71:86:40:fb:f3:77:
f8:86:3c:c6:24:19:17:7e:0b:e7:24:8c:52:00:ba:
03:b8:6b:fa:d5:b7:c9:82:2f:a8:f2:95:d9:ef:2d:
c7:6e:6c:86:5c:b5:be:5c:80:dd:00:e1:64:61:8f:
ca:df:69:b5:65:0a:cc:17:88:49:4c:84:f4:62:c4:
a3:c2:2d:b6:d6:c9:31:fd:de:69:93:52:60:fb:d7:
53:24:df:ef:e8:2a:ca:5f:37:e7:34:c4:cc:d0:56:
a4:69:c9:ae:66:2a:6c:5c:bd:29:c2:fa:96:70:32:
9d:28:78:3b:16:d2:9a:e8:37:6f:1e:d3:b9:ec:f1:
e5:98:b3:d3:2b:88:e7:0c:da:33:11:93:ea:cb:00:
68:63:c5:98:6a:4f:26:59:a6:41:cd:a6:9d:39:68:
b8:b9:0c:9c:42:02:58:ac:80:23:f8:6b:3c:96:8e:
42:7b:48:ec:7d:20:7c:f6:88:9d:b0:f1:f8:ac:c5:
97:82:54:53:81:f2:a2:72:44:4f:b8:cb:34:86:25:
33:b9:22:ef:30:44:06:97:31:62:cd:75:5b:6e:0f:
1e:96:2a:98:dd:fd:2d:f4:5b:0b:97:ea:86:48:79:
a9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:50:D3:13:2D:E1:BC:2D:D2:65:D6:E1:AF:C6:FB:16:B6:EC:1B:08
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/cfef67-efdf-49ba-b96b-65fc33de4f39/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/cfef67-efdf-49ba-b96b-65fc33de4f39/1/tFDTEy3hvC3SZdbhr8b7FrbsGwg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.216.0/22
185.55.83.0/24
IPv6:
2a04:7340::/29
Signature Algorithm: sha256WithRSAEncryption
56:84:da:e4:6e:0b:ab:d1:11:24:7e:78:c0:85:de:8d:b0:0b:
ec:1b:60:a8:6f:0d:7f:d1:ed:65:2b:d7:27:61:4a:5c:91:70:
a9:b7:f0:1c:b0:ea:36:39:6f:78:81:31:53:e4:58:47:aa:1b:
78:64:39:e1:5b:bc:2b:13:22:6c:e6:98:02:72:ac:e2:68:81:
e6:a5:ed:75:55:04:d4:05:0c:17:ef:17:94:47:ca:be:38:42:
b2:89:21:9f:81:65:4d:3b:52:71:11:00:fa:c5:a1:3f:fe:c0:
eb:68:b5:d1:d9:02:27:c0:04:29:61:fc:ee:04:48:50:c1:2f:
96:32:6f:7f:f8:08:95:92:3a:98:57:c1:af:b6:f4:f5:d5:90:
ba:d6:95:29:6e:90:d5:04:6c:d5:10:e3:81:91:ec:81:43:ad:
be:ac:75:2e:04:2b:cb:8f:de:ba:4b:5b:82:c6:16:c9:09:42:
d7:3e:5d:48:45:7d:fa:91:8c:6a:77:2e:08:ca:0c:12:93:26:
88:2c:a3:8d:ba:be:3c:d0:e7:ab:6a:3d:a2:f4:1b:e2:48:f2:
53:14:f5:1d:89:04:96:d0:67:01:0a:ae:b3:0b:51:3d:4e:4b:
f9:c7:51:d8:d1:f5:2c:63:49:e7:39:43:ee:19:09:74:67:45:
e6:7d:21:2c
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZzh4xJNS8AWUbnhCaymPva+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzEyMTE1MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDUwZDMxMzJkZTFiYzJkZDI2NWQ2ZTFhZmM2ZmIxNmI2ZWMxYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7L7c15SYDJLrqTRM90K4rOOcLwV5
fKJxhkD783f4hjzGJBkXfgvnJIxSALoDuGv61bfJgi+o8pXZ7y3HbmyGXLW+XIDd
AOFkYY/K32m1ZQrMF4hJTIT0YsSjwi221skx/d5pk1Jg+9dTJN/v6CrKXzfnNMTM
0FakacmuZipsXL0pwvqWcDKdKHg7FtKa6DdvHtO57PHlmLPTK4jnDNozEZPqywBo
Y8WYak8mWaZBzaadOWi4uQycQgJYrIAj+Gs8lo5Ce0jsfSB89oidsPH4rMWXglRT
gfKickRPuMs0hiUzuSLvMEQGlzFizXVbbg8eliqY3f0t9FsLl+qGSHmpBwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFLRQ0xMt4bwt0mXW4a/G+xa27BsIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxL2NmZWY2
Ny1lZmRmLTQ5YmEtYjk2Yi02NWZjMzNkZTRmMzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEvY2ZlZjY3
LWVmZGYtNDliYS1iOTZiLTY1ZmMzM2RlNGYzOS8xL3RGRFRFeTNodkMzU1pkYmhy
OGI3RnJic0d3Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuSXYAwQAuTdTMA0EAgACMAcDBQMqBHNAMA0G
CSqGSIb3DQEBCwUAA4IBAQBWhNrkbgur0REkfnjAhd6NsAvsG2Cobw1/0e1lK9cn
YUpckXCpt/AcsOo2OW94gTFT5FhHqht4ZDnhW7wrEyJs5pgCcqziaIHmpe11VQTU
BQwX7xeUR8q+OEKyiSGfgWVNO1JxEQD6xaE//sDraLXR2QInwAQpYfzuBEhQwS+W
Mm9/+AiVkjqYV8GvtvT11ZC61pUpbpDVBGzVEOOBkeyBQ62+rHUuBCvLj966S1uC
xhbJCULXPl1IRX36kYxqdy4IygwSkyaILKONur480Oeraj2i9BviSPJTFPUdiQSW
0GcBCq6zC1E9Tkv5x1HY0fUsY0nnOUPuGQl0Z0XmfSEs
-----END CERTIFICATE-----
Generated at Wed Mar 18 23:38:14 2026 by rpki-client