Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
File: v4QRNUXZAAdg9mBipCIZM6LpWdg.cer (raw, json)
Hash identifier: 3UhmW+sSzhebPuht8477EZ+GeKBuQPIMMb6Qct5RECQ=
Subject key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0195232C7A8819E8D5390B7D23D04D013930
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 20 Feb 2025 11:44:32 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 61087
IP: 5.181.20.0/22
IP: 45.14.244.0/22
IP: 45.89.60.0/22
IP: 45.91.52.0/22
IP: 45.130.68.0/22
IP: 45.140.144.0/22
IP: 45.140.164.0/22
IP: 45.144.28.0/22
IP: 45.144.232.0/22
IP: 45.150.64.0/22
IP: 45.155.52.0/22
IP: 62.3.13.0/24
IP: 79.143.19.0/24
IP: 83.97.78.0/24
IP: 91.194.10.0/23
IP: 91.211.114.0/24
IP: 109.107.155.0/24
IP: 138.124.180.0 -- 138.124.187.255
IP: 146.19.106.0/24
IP: 146.19.230.0/24
IP: 185.33.24.0/24
IP: 185.74.222.0/24
IP: 185.234.247.0/24
IP: 185.248.33.0/24
IP: 185.255.30.0/24
IP: 193.3.177.0/24
IP: 194.39.110.0/24
IP: 194.48.93.0/24
IP: 195.16.74.0/24
IP: 212.18.104.0/24
IP: 2a0c:ab00::/29
IP: 2a0e:4000::/29
IP: 2a10:2ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:2c:7a:88:19:e8:d5:39:0b:7d:23:d0:4d:01:39:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 20 11:44:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf84113545d9000760f66062a4221933a2e959d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cc:67:75:e0:e1:53:07:55:3b:83:ed:98:e5:
34:3a:71:57:be:af:0b:f0:ef:a4:9f:33:fd:75:64:
f9:a5:93:3c:7f:3c:4b:fc:b8:75:64:8f:a3:3c:13:
37:fa:c1:a9:3e:f4:f4:16:78:aa:b2:d6:58:1d:33:
ee:65:10:96:1f:6e:5b:7f:f9:5f:d7:80:84:1b:13:
21:73:e6:49:b2:13:7d:d9:c9:da:b2:34:1b:d3:37:
0a:b5:39:7c:6f:4c:60:19:ff:bf:8a:5e:ff:16:9d:
4f:f9:0a:42:b5:c5:bc:4d:be:9d:a8:fe:78:66:40:
15:de:46:9b:a3:50:cd:64:5c:c5:82:c4:0b:77:c8:
6c:fa:f1:68:7c:e0:3f:86:97:de:e4:18:94:b6:b2:
6c:ce:a5:af:ba:de:eb:b3:84:8d:25:fc:1d:a3:de:
8d:2f:00:f6:43:28:c6:89:52:c2:12:33:d5:0e:36:
7f:aa:2e:ea:b2:bc:06:96:bd:82:22:a1:91:c9:02:
30:cc:b8:c4:27:51:98:bc:b3:0e:cf:47:23:bc:b9:
3d:88:d7:79:ac:46:04:c7:17:8a:7f:bf:b5:aa:9c:
75:0a:b0:6d:0d:29:6e:a5:05:ef:9f:8f:e3:c3:c0:
c0:81:30:98:c4:85:5b:9d:64:62:ee:3f:e8:5b:6b:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.89.60.0/22
45.91.52.0/22
45.130.68.0/22
45.140.144.0/22
45.140.164.0/22
45.144.28.0/22
45.144.232.0/22
45.150.64.0/22
45.155.52.0/22
62.3.13.0/24
79.143.19.0/24
83.97.78.0/24
91.194.10.0/23
91.211.114.0/24
109.107.155.0/24
138.124.180.0-138.124.187.255
146.19.106.0/24
146.19.230.0/24
185.33.24.0/24
185.74.222.0/24
185.234.247.0/24
185.248.33.0/24
185.255.30.0/24
193.3.177.0/24
194.39.110.0/24
194.48.93.0/24
195.16.74.0/24
212.18.104.0/24
IPv6:
2a0c:ab00::/29
2a0e:4000::/29
2a10:2ec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61087
Signature Algorithm: sha256WithRSAEncryption
25:c7:89:f1:10:28:9d:4c:63:36:c5:e4:75:7b:9e:a9:6c:1a:
e8:e8:5f:3c:95:86:21:b0:bf:66:3f:83:78:eb:cb:a1:85:4d:
29:dc:c0:e2:ec:ab:be:c0:09:8a:09:7f:f6:60:a1:2a:8b:fb:
66:48:8e:01:21:c3:02:06:8f:40:03:e6:b7:a6:eb:d9:7c:24:
17:59:21:c4:72:ba:2b:0f:3b:a6:d5:76:ff:43:dd:32:95:8e:
03:d8:63:83:2f:12:26:db:a7:79:29:72:af:38:4a:e3:8c:d4:
68:58:2b:98:e5:73:ba:02:7c:29:66:8e:83:d7:1a:ec:09:07:
9a:4c:d5:b6:57:fd:b4:06:7c:c2:08:77:59:c1:69:23:1d:6d:
43:b9:92:db:9e:ff:d7:11:b1:8f:a3:96:2d:ba:05:dc:4b:d5:
52:b6:e1:7e:ab:32:05:5e:cf:0b:24:94:f9:c7:c4:d7:fd:a8:
ff:54:c2:5a:18:3d:29:62:0e:4f:95:5a:b6:c4:13:d0:7c:af:
6c:8f:96:d1:ba:80:97:8b:af:04:07:a1:42:23:70:89:28:cd:
c9:15:08:45:51:77:8b:1a:4c:cc:13:39:36:12:a1:76:97:6d:
87:28:4b:e5:c1:0a:14:f2:e4:e9:9a:8a:8c:0c:c0:21:f9:de:
ca:88:94:a0
-----BEGIN CERTIFICATE-----
MIIGbDCCBVSgAwIBAgISAZUjLHqIGejVOQt9I9BNATkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMjIwMTE0NDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sxndeDhUwdVO4PtmOU0OnFXvq8L
8O+knzP9dWT5pZM8fzxL/Lh1ZI+jPBM3+sGpPvT0FniqstZYHTPuZRCWH25bf/lf
14CEGxMhc+ZJshN92cnasjQb0zcKtTl8b0xgGf+/il7/Fp1P+QpCtcW8Tb6dqP54
ZkAV3kabo1DNZFzFgsQLd8hs+vFofOA/hpfe5BiUtrJszqWvut7rs4SNJfwdo96N
LwD2QyjGiVLCEjPVDjZ/qi7qsrwGlr2CIqGRyQIwzLjEJ1GYvLMOz0cjvLk9iNd5
rEYExxeKf7+1qpx1CrBtDSlupQXvn4/jw8DAgTCYxIVbnWRi7j/oW2uT7QIDAQAB
o4IDeDCCA3QwHQYDVR0OBBYEFL+EETVF2QAHYPZgYqQiGTOi6VnYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzMwZGM4
NS0yZGQ4LTRiMWMtYjE1MS00YmQ2M2FkYzczNTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvMzBkYzg1
LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFkZzltQmlw
Q0laTTZMcFdkZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH2BggrBgEF
BQcBBwEB/wSB5jCB4zCBwwQCAAEwgbwDBAIFtRQDBAItDvQDBAItWTwDBAItWzQD
BAItgkQDBAItjJADBAItjKQDBAItkBwDBAItkOgDBAItlkADBAItmzQDBAA+Aw0D
BABPjxMDBABTYU4DBAFbwgoDBABb03IDBABta5swDAMEAop8tAMEAop8uAMEAJIT
agMEAJIT5gMEALkhGAMEALlK3gMEALnq9wMEALn4IQMEALn/HgMEAMEDsQMEAMIn
bgMEAMIwXQMEAMMQSgMEANQSaDAbBAIAAjAVAwUDKgyrAAMFAyoOQAADBQMqEC7A
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDunzANBgkqhkiG9w0BAQsFAAOCAQEA
JceJ8RAonUxjNsXkdXueqWwa6OhfPJWGIbC/Zj+DeOvLoYVNKdzA4uyrvsAJigl/
9mChKov7ZkiOASHDAgaPQAPmt6br2XwkF1khxHK6Kw87ptV2/0PdMpWOA9hjgy8S
JtuneSlyrzhK44zUaFgrmOVzugJ8KWaOg9ca7AkHmkzVtlf9tAZ8wgh3WcFpIx1t
Q7mS257/1xGxj6OWLboF3EvVUrbhfqsyBV7PCySU+cfE1/2o/1TCWhg9KWIOT5Va
tsQT0HyvbI+W0bqAl4uvBAehQiNwiSjNyRUIRVF3ixpMzBM5NhKhdpdthyhL5cEK
FPLk6ZqKjAzAIfneyoiUoA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 18:06:23 2025 by rpki-client