Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0HNWUFJtK79SUNl5fknbHZ8cwn8.cer
File: 0HNWUFJtK79SUNl5fknbHZ8cwn8.cer (raw, json)
Hash identifier: ufrL3oVNPTLjUS6wyEGQfrzTLt5S1+KvNWD4aco+Qew=
Subject key identifier: D0:73:56:50:52:6D:2B:BF:52:50:D9:79:7E:49:DB:1D:9F:1C:C2:7F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7CED83766CB06DB7A0C6DEAB70F12293
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 04:18:19 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 203014
IP: 62.220.108.0/24
IP: 2a14:da00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ed:83:76:6c:b0:6d:b7:a0:c6:de:ab:70:f1:22:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:18:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0735650526d2bbf5250d9797e49db1d9f1cc27f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fe:79:3e:86:a0:fd:07:37:d5:fb:8b:14:03:
58:9c:58:17:b8:a8:ab:14:d6:f3:1d:2a:96:7a:7d:
e3:71:00:61:46:6e:02:e8:2a:87:91:f1:18:2f:ff:
90:17:27:7e:d7:2b:ac:1f:19:bf:11:59:d0:cf:b5:
a6:5d:15:20:46:9d:02:97:a7:ca:b8:d1:33:af:e4:
c7:4e:2b:d2:f3:c5:1f:3d:49:45:85:96:53:87:17:
fb:72:87:6b:b4:ad:1a:9e:f5:ab:de:73:28:95:a4:
1c:77:1e:32:d3:5a:24:04:29:bf:5d:d2:5a:1a:59:
cc:86:95:1e:79:64:72:f1:f7:e9:9f:9e:2b:fe:e1:
a3:f2:73:0c:b7:3b:55:0e:99:99:33:0c:92:a5:83:
e8:19:51:aa:70:10:df:20:b1:63:0d:e1:15:d9:43:
4a:5b:fd:01:99:c8:8a:6b:ff:47:b3:11:f3:5c:0c:
45:a7:39:79:6c:fb:de:4c:78:d1:15:fd:63:6e:76:
f0:f4:47:b1:b8:d5:45:3e:ce:1c:d9:fb:b7:3e:a9:
aa:27:a3:7f:91:76:71:60:f9:ae:ca:47:87:ab:55:
f7:27:16:74:49:41:6c:51:ab:da:94:dd:13:e6:d9:
cb:b1:3d:f6:64:25:7c:d0:8f:bb:29:d3:21:64:b0:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:73:56:50:52:6D:2B:BF:52:50:D9:79:7E:49:DB:1D:9F:1C:C2:7F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.108.0/24
IPv6:
2a14:da00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203014
Signature Algorithm: sha256WithRSAEncryption
3c:4c:18:18:f4:e4:53:c6:78:ee:b2:e3:8e:3d:3b:a5:b1:de:
eb:45:28:45:27:09:6e:d2:b7:af:08:f2:f4:87:a4:dd:93:50:
7f:6c:52:c7:0d:db:20:89:21:7b:31:4a:62:62:16:46:a1:0c:
84:de:29:d1:2f:dd:52:3d:92:fe:25:85:90:db:fc:fb:12:16:
74:95:98:01:12:5b:3b:2a:48:18:c8:14:4e:c2:44:47:b6:8a:
f0:18:5e:55:4e:2f:d4:2b:a7:3d:e7:f0:9b:60:b4:da:35:29:
9b:1b:d0:19:ce:b4:7e:2e:c6:2e:43:54:7f:44:93:eb:19:ed:
e0:e1:ba:19:56:37:92:81:23:25:63:1d:31:ca:cb:d2:94:64:
09:b7:ee:ee:46:59:48:44:6e:a0:ca:e9:5e:1a:5c:d1:9d:83:
42:70:4c:3e:c4:d1:5b:9c:bf:5e:7c:71:ba:91:e6:f1:2d:ce:
59:6d:78:ce:a6:54:8c:0b:06:aa:02:8c:32:d8:41:ac:aa:74:
98:e5:bb:95:09:73:8c:11:2c:8c:61:f4:6f:17:6a:1a:e0:c1:
79:f3:21:77:4d:15:44:19:72:24:8c:da:2d:78:27:85:f6:61:
de:46:51:79:00:ad:f5:6d:46:06:57:1d:01:4e:13:38:3c:27:
9e:11:78:e0
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt87YN2bLBtt6DG3qtw8SKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDQxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDczNTY1MDUyNmQyYmJmNTI1MGQ5Nzk3ZTQ5ZGIxZDlmMWNjMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/55Poag/Qc31fuLFANYnFgXuKir
FNbzHSqWen3jcQBhRm4C6CqHkfEYL/+QFyd+1yusHxm/EVnQz7WmXRUgRp0Cl6fK
uNEzr+THTivS88UfPUlFhZZThxf7codrtK0anvWr3nMolaQcdx4y01okBCm/XdJa
GlnMhpUeeWRy8ffpn54r/uGj8nMMtztVDpmZMwySpYPoGVGqcBDfILFjDeEV2UNK
W/0BmciKa/9HsxHzXAxFpzl5bPveTHjRFf1jbnbw9EexuNVFPs4c2fu3PqmqJ6N/
kXZxYPmuykeHq1X3JxZ0SUFsUavalN0T5tnLsT32ZCV80I+7KdMhZLDzGQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNBzVlBSbSu/UlDZeX5J2x2fHMJ/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2I0OTUw
MC0wYjc0LTRjNDUtYTg4Mi0wYzg0ZmQ3NTc5OTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvYjQ5NTAw
LTBiNzQtNGM0NS1hODgyLTBjODRmZDc1Nzk5MC8xLzBITldVRkp0Szc5U1VObDVm
a25iSFo4Y3duOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAPtxsMA0EAgACMAcDBQMqFNoAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMZBjANBgkqhkiG9w0BAQsFAAOCAQEAPEwYGPTkU8Z4
7rLjjj07pbHe60UoRScJbtK3rwjy9Iek3ZNQf2xSxw3bIIkhezFKYmIWRqEMhN4p
0S/dUj2S/iWFkNv8+xIWdJWYARJbOypIGMgUTsJER7aK8BheVU4v1CunPefwm2C0
2jUpmxvQGc60fi7GLkNUf0ST6xnt4OG6GVY3koEjJWMdMcrL0pRkCbfu7kZZSERu
oMrpXhpc0Z2DQnBMPsTRW5y/XnxxupHm8S3OWW14zqZUjAsGqgKMMthBrKp0mOW7
lQlzjBEsjGH0bxdqGuDBefMhd00VRBlyJIzaLXgnhfZh3kZReQCt9W1GBlcdAU4T
ODwnnhF44A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:42:18 2026 by rpki-client