Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
File: 0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer (raw, json)
Hash identifier: 756uMTRoahP/AoPyjGG0oMfqmdiBrwMYqe4sbIUMNq8=
Subject key identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CDC316238DFBBD333A859B9AE574DF817
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 11 Mar 2026 09:19:09 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 59862
IP: 80.173.224.0/22
IP: 84.247.36.0/22
IP: 85.8.172.0/22
IP: 85.204.172.0/22
IP: 93.119.20.0/22
IP: 153.92.176.0/22
IP: 156.67.20.0/22
IP: 157.97.160.0 -- 157.97.162.255
IP: 176.223.88.0/21
IP: 185.63.88.0/22
IP: 185.195.4.0/22
IP: 188.215.20.0/22
IP: 212.48.188.0/22
IP: 2a03:a60::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:31:62:38:df:bb:d3:33:a8:59:b9:ae:57:4d:f8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 11 09:19:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d031655023bd141731d56fb8453ff0514f728865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:54:48:23:55:fb:0c:5b:da:a9:57:01:d6:cd:
71:fe:77:2e:5f:b8:88:df:ea:11:df:dd:73:63:a3:
a4:f0:d3:fe:7a:47:32:94:49:77:5a:64:13:d2:02:
b7:bd:c1:c2:7c:e1:a4:49:64:01:5f:a6:8f:7d:f0:
4e:4a:ea:a7:94:4c:52:a9:35:11:b0:02:49:87:bd:
9f:09:d4:64:09:cf:2c:79:65:93:40:ee:d4:82:3c:
7c:29:1e:d0:2d:8b:0a:90:a8:48:28:a8:fc:51:21:
4a:c1:a1:cf:84:9a:71:3c:29:89:29:d1:dd:83:3c:
0d:84:0c:cc:bd:7b:a6:b7:cc:ca:48:37:42:93:65:
bc:a8:8a:bb:db:f5:fd:c0:92:13:3d:be:7b:5d:6c:
83:70:e2:06:70:b2:2c:48:dd:de:e9:ff:c8:2a:5e:
83:fc:82:72:34:9a:c3:58:b1:e5:76:0c:c4:a1:36:
c6:49:1f:de:db:35:3d:e6:0a:12:1a:72:5e:fb:e8:
c6:37:7e:c9:ff:2e:e1:5d:9a:36:c1:73:ea:8a:d6:
77:91:ed:a9:d8:c8:e5:37:06:77:f0:1e:25:2e:0b:
d8:6a:12:0f:ec:9a:51:f9:c0:99:30:6f:6c:3c:75:
bd:2d:c8:ac:82:58:5e:da:5a:c8:97:42:c6:b2:f1:
16:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.173.224.0/22
84.247.36.0/22
85.8.172.0/22
85.204.172.0/22
93.119.20.0/22
153.92.176.0/22
156.67.20.0/22
157.97.160.0-157.97.162.255
176.223.88.0/21
185.63.88.0/22
185.195.4.0/22
188.215.20.0/22
212.48.188.0/22
IPv6:
2a03:a60::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59862
Signature Algorithm: sha256WithRSAEncryption
14:bb:6c:b1:ee:9b:3e:22:b4:4d:0f:99:97:14:e2:87:dc:ea:
89:08:22:29:95:60:d0:3f:bc:4a:66:47:0d:c1:40:de:4f:d1:
16:04:3d:5e:bd:10:4f:7c:42:24:d6:ff:be:3e:f3:14:57:c9:
a9:69:ab:3f:61:53:a7:69:70:c8:8b:e7:36:2f:5b:06:40:ba:
08:10:98:76:cc:64:6f:9c:4d:cc:93:92:e6:37:e7:c0:d8:57:
5a:4e:6d:c7:15:17:29:88:2f:ee:78:8f:82:dd:6d:a7:47:01:
8b:de:e4:e7:bc:03:9a:ea:e4:71:55:9c:1c:a1:ab:30:08:d5:
6d:3d:31:42:76:2f:78:3d:5b:b6:6f:1c:ce:7a:ca:20:61:ae:
f4:bb:12:b7:2b:60:7a:fe:a7:91:ff:44:c2:fc:a1:ec:1b:2c:
ed:37:38:2b:c4:1f:3a:86:4e:49:2e:42:01:54:ca:4c:ef:a7:
81:04:ce:d7:f3:21:4f:3c:0b:ec:63:c8:08:91:3e:6e:5f:88:
1c:01:86:ff:ae:ff:46:20:03:bf:16:c5:70:f2:00:68:55:e9:
96:db:71:00:2f:20:2c:72:69:4b:12:0e:53:83:d2:4a:0e:21:
99:83:cd:ec:0f:74:2c:bf:9b:b8:e6:b4:91:44:0c:d5:23:e5:
39:b5:33:05
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZzcMWI437vTM6hZua5XTfgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzExMDkxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMxNjU1MDIzYmQxNDE3MzFkNTZmYjg0NTNmZjA1MTRmNzI4ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11RII1X7DFvaqVcB1s1x/ncuX7iI
3+oR391zY6Ok8NP+ekcylEl3WmQT0gK3vcHCfOGkSWQBX6aPffBOSuqnlExSqTUR
sAJJh72fCdRkCc8seWWTQO7Ugjx8KR7QLYsKkKhIKKj8USFKwaHPhJpxPCmJKdHd
gzwNhAzMvXumt8zKSDdCk2W8qIq72/X9wJITPb57XWyDcOIGcLIsSN3e6f/IKl6D
/IJyNJrDWLHldgzEoTbGSR/e2zU95goSGnJe++jGN37J/y7hXZo2wXPqitZ3ke2p
2MjlNwZ38B4lLgvYahIP7JpR+cCZMG9sPHW9Lcisglhe2lrIl0LGsvEWHwIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFNAxZVAjvRQXMdVvuEU/8FFPcohlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxLzljZjk1
Zi03M2QzLTRlNGYtYTk3OS1kOGJkMmY1NmJjOGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvOWNmOTVm
LTczZDMtNGU0Zi1hOTc5LWQ4YmQyZjU2YmM4Yy8xLzBERmxVQ085RkJjeDFXLTRS
VF93VVU5eWlHVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH4GCCsGAQUF
BwEHAQH/BG8wbTBcBAIAATBWAwQCUK3gAwQCVPckAwQCVQisAwQCVcysAwQCXXcU
AwQCmVywAwQCnEMUMAwDBAWdYaADBACdYaIDBAOw31gDBAK5P1gDBAK5wwQDBAK8
1xQDBALUMLwwDQQCAAIwBwMFACoDCmAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQID
AOnWMA0GCSqGSIb3DQEBCwUAA4IBAQAUu2yx7ps+IrRND5mXFOKH3OqJCCIplWDQ
P7xKZkcNwUDeT9EWBD1evRBPfEIk1v++PvMUV8mpaas/YVOnaXDIi+c2L1sGQLoI
EJh2zGRvnE3Mk5LmN+fA2FdaTm3HFRcpiC/ueI+C3W2nRwGL3uTnvAOa6uRxVZwc
oaswCNVtPTFCdi94PVu2bxzOesogYa70uxK3K2B6/qeR/0TC/KHsGyztNzgrxB86
hk5JLkIBVMpM76eBBM7X8yFPPAvsY8gIkT5uX4gcAYb/rv9GIAO/FsVw8gBoVemW
23EALyAscmlLEg5Tg9JKDiGZg83sD3Qsv5u45rSRRAzVI+U5tTMF
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:41:22 2026 by rpki-client