Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vRmfNsOyy9HCCs0Mv5BTwATlUFI.cer
File:                     vRmfNsOyy9HCCs0Mv5BTwATlUFI.cer (raw, json)
Hash identifier:          d5GOVxkbYz+29QcBANFvkAXBMzRepEWk496Q8z6c/rE=
Subject key identifier:   BD:19:9F:36:C3:B2:CB:D1:C2:0A:CD:0C:BF:90:53:C0:04:E5:50:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019D4E85A9061FC135303EA71041CED14AE7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d2/6fe893-e597-4ad8-81c2-4ce945c7f725/1/vRmfNsOyy9HCCs0Mv5BTwATlUFI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d2/6fe893-e597-4ad8-81c2-4ce945c7f725/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Apr 2026 14:07:55 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 206625
                          AS: 206646
                          IP: 77.111.192.0/20
                          IP: 185.171.56.0/22
                          IP: 2a0a:d900::/32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 Jul 2026 15:46:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:4e:85:a9:06:1f:c1:35:30:3e:a7:10:41:ce:d1:4a:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Apr  2 14:07:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bd199f36c3b2cbd1c20acd0cbf9053c004e55052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:da:4a:82:d7:e7:2b:d5:6d:4d:29:07:d1:66:
                    29:77:18:d8:e8:01:ea:26:c8:06:6f:6a:29:96:dd:
                    10:6c:e4:38:8b:26:5c:0c:33:36:82:25:c9:0c:bc:
                    13:a2:35:8c:c9:c7:3d:9d:3e:ca:10:20:70:15:40:
                    64:c8:0e:39:7b:34:35:d5:8c:03:04:38:ce:67:3f:
                    25:36:dc:e7:b4:32:35:cc:84:4f:8e:ed:41:66:b2:
                    de:b8:c2:25:0c:6b:f9:9e:e6:89:b0:37:64:cd:b4:
                    33:8f:65:c8:7d:25:d4:fb:f7:8f:7c:56:5c:66:03:
                    25:e7:c3:61:67:7c:0c:e5:43:a0:e2:01:25:b8:d7:
                    8e:28:90:e5:14:c0:c5:9a:eb:75:ed:da:c8:22:a7:
                    6b:d7:46:a1:a9:60:5b:17:48:9c:37:3c:f7:69:c8:
                    b2:7a:dc:de:6f:3f:cf:68:3c:3a:7b:66:08:21:5d:
                    c1:82:14:ac:ab:48:73:5a:c2:d7:44:25:27:4d:da:
                    97:66:c1:7b:1b:7a:dd:db:0a:fd:70:45:58:31:a8:
                    ea:96:ae:06:73:0f:47:83:fe:43:d4:e5:22:7f:4a:
                    f3:95:a7:4e:f4:b0:ce:bb:9d:63:4a:82:91:24:91:
                    88:97:2c:3f:b2:0e:68:79:50:e9:d6:8b:5f:e7:21:
                    82:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:19:9F:36:C3:B2:CB:D1:C2:0A:CD:0C:BF:90:53:C0:04:E5:50:52
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/6fe893-e597-4ad8-81c2-4ce945c7f725/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/6fe893-e597-4ad8-81c2-4ce945c7f725/1/vRmfNsOyy9HCCs0Mv5BTwATlUFI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.111.192.0/20
                  185.171.56.0/22
                IPv6:
                  2a0a:d900::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206625
                  206646

    Signature Algorithm: sha256WithRSAEncryption
         57:1c:12:87:3f:b6:8b:84:cb:a9:25:67:59:5f:8d:ab:3f:e6:
         81:92:13:7b:f9:bf:e2:63:3f:4f:d3:04:da:76:35:2f:24:cd:
         ca:a8:0b:71:75:ff:2b:32:22:07:1d:9e:bd:23:83:6a:6f:79:
         0a:a7:da:a9:4e:cd:9e:82:e9:ab:3b:2d:3e:57:0c:4e:3e:aa:
         ca:b1:b2:e2:f4:1e:d1:f5:d0:e3:e3:72:41:01:6a:18:45:f6:
         bc:4f:a4:2d:c8:54:83:11:4a:4f:b1:db:6e:5c:cb:90:88:1d:
         a7:c9:f8:f5:8e:7e:6a:59:b8:ef:8d:41:d8:4a:5a:ae:bd:07:
         ce:08:79:ab:2e:e7:72:27:c0:24:03:a9:d3:bb:b5:e5:44:0f:
         80:ce:96:4e:3b:40:07:b2:c0:0e:27:1d:d8:72:a0:8e:10:ea:
         65:1c:ec:a8:ff:e8:b4:87:59:b8:11:3a:cb:f3:9c:0a:24:a9:
         45:b2:ad:c4:68:24:d1:85:15:c6:82:b6:f7:94:6c:17:3f:11:
         21:c9:69:64:6d:b1:99:70:da:4a:09:f0:c7:74:99:71:f6:de:
         f6:1b:45:c5:50:76:70:ef:e7:ca:ae:04:80:70:5a:c0:7d:f6:
         9d:a2:52:08:1b:48:b1:14:95:b7:3c:7e:a4:d2:f8:1f:c3:23:
         8c:36:44:9c
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZ1OhakGH8E1MD6nEEHO0UrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDAyMTQwNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDE5OWYzNmMzYjJjYmQxYzIwYWNkMGNiZjkwNTNjMDA0ZTU1MDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutpKgtfnK9VtTSkH0WYpdxjY6AHq
JsgGb2oplt0QbOQ4iyZcDDM2giXJDLwTojWMycc9nT7KECBwFUBkyA45ezQ11YwD
BDjOZz8lNtzntDI1zIRPju1BZrLeuMIlDGv5nuaJsDdkzbQzj2XIfSXU+/ePfFZc
ZgMl58NhZ3wM5UOg4gEluNeOKJDlFMDFmut17drIIqdr10ahqWBbF0icNzz3aciy
etzebz/PaDw6e2YIIV3BghSsq0hzWsLXRCUnTdqXZsF7G3rd2wr9cEVYMajqlq4G
cw9Hg/5D1OUif0rzladO9LDOu51jSoKRJJGIlyw/sg5oeVDp1otf5yGC/QIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFL0ZnzbDssvRwgrNDL+QU8AE5VBSMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QyLzZmZTg5
My1lNTk3LTRhZDgtODFjMi00Y2U5NDVjN2Y3MjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIvNmZlODkz
LWU1OTctNGFkOC04MWMyLTRjZTk0NWM3ZjcyNS8xL3ZSbWZOc095eTlIQ0NzME12
NUJUd0FUbFVGSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQETW/AAwQCuas4MA0EAgACMAcDBQAqCtkAMB8G
CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwMnIQIDAyc2MA0GCSqGSIb3DQEBCwUAA4IB
AQBXHBKHP7aLhMupJWdZX42rP+aBkhN7+b/iYz9P0wTadjUvJM3KqAtxdf8rMiIH
HZ69I4Nqb3kKp9qpTs2egumrOy0+VwxOPqrKsbLi9B7R9dDj43JBAWoYRfa8T6Qt
yFSDEUpPsdtuXMuQiB2nyfj1jn5qWbjvjUHYSlquvQfOCHmrLudyJ8AkA6nTu7Xl
RA+AzpZOO0AHssAOJx3YcqCOEOplHOyo/+i0h1m4ETrL85wKJKlFsq3EaCTRhRXG
grb3lGwXPxEhyWlkbbGZcNpKCfDHdJlx9t72G0XFUHZw7+fKrgSAcFrAffadolII
G0ixFJW3PH6k0vgfwyOMNkSc
-----END CERTIFICATE-----
Generated at Sun Jul 5 19:55:25 2026 by rpki-client