Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0IaqHaAvZwEYCywDQdYDB_FKLL4.cer
File: 0IaqHaAvZwEYCywDQdYDB_FKLL4.cer (raw, json)
Hash identifier: /kRr78Fq9xClVBhGdKhJU0+ZHpN2VC+OfyFVjxKrPM0=
Subject key identifier: D0:86:AA:1D:A0:2F:67:01:18:0B:2C:03:41:D6:03:07:F1:4A:2C:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CF0B417DA120D257828D2B48C345A84ED
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/73/873a70-7504-4308-9314-bf133af1edcc/1/0IaqHaAvZwEYCywDQdYDB_FKLL4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/73/873a70-7504-4308-9314-bf133af1edcc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 15 Mar 2026 08:54:20 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 200097
IP: 2a13:3280::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f0:b4:17:da:12:0d:25:78:28:d2:b4:8c:34:5a:84:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 15 08:54:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d086aa1da02f6701180b2c0341d60307f14a2cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b2:4c:47:fa:23:6d:f3:6e:f1:7e:91:5d:5f:
0c:07:ee:fa:68:13:1d:dc:b5:4a:7d:de:4f:f1:e9:
e7:1c:60:3e:c6:4d:b0:0f:73:06:06:56:39:2e:7e:
93:8b:7e:17:90:4c:e2:47:51:dd:42:31:82:18:b4:
0e:fe:95:2d:af:bd:2e:4e:84:3b:39:5d:bd:b9:86:
61:bd:ed:09:eb:d1:55:89:50:24:3a:c2:d1:9a:df:
0e:8f:32:61:f5:48:32:51:0e:2a:9c:d0:df:73:19:
43:8c:da:fa:84:7c:24:63:4b:0b:56:da:7d:f6:42:
d4:cc:35:0f:13:fe:6d:88:27:39:94:6b:67:f9:34:
e8:25:b3:ed:52:2b:75:ee:25:d5:25:76:28:69:31:
fc:7c:7d:de:e8:0a:81:9f:99:37:9d:fb:12:6a:7d:
66:3e:2d:f6:fa:80:4e:75:5f:2e:ac:38:f1:e0:e5:
d8:39:8a:c4:29:d0:6f:1d:cc:84:7a:fc:62:b4:65:
a9:ad:89:0c:2f:00:04:fc:28:af:bb:fd:33:cb:4e:
84:b7:a2:f1:bd:a9:ec:87:6a:fe:8c:47:2b:4c:c7:
94:6e:9c:b7:55:9a:32:a5:d4:56:44:42:00:31:ba:
b5:d7:7b:a1:3b:20:93:85:b7:76:40:ba:bf:18:5a:
d1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:86:AA:1D:A0:2F:67:01:18:0B:2C:03:41:D6:03:07:F1:4A:2C:BE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/873a70-7504-4308-9314-bf133af1edcc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/873a70-7504-4308-9314-bf133af1edcc/1/0IaqHaAvZwEYCywDQdYDB_FKLL4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3280::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200097
Signature Algorithm: sha256WithRSAEncryption
8d:37:11:85:d2:c0:06:f7:9f:ad:2a:3e:c1:f5:af:a7:2c:97:
ad:6d:9b:c2:bf:ad:c8:33:b0:41:98:4a:1c:47:b3:bb:96:5e:
18:ee:c2:f1:5a:2f:32:3c:96:be:a2:72:b7:6b:be:64:f1:4a:
56:dc:1e:fa:54:b0:be:2c:78:5a:db:c0:30:07:9b:b6:3f:ec:
f3:3c:91:ce:0b:93:68:86:40:5d:7e:41:60:3b:f5:13:7d:82:
c9:b1:fc:fc:fe:22:bf:9d:5a:58:46:85:a7:32:f2:71:00:ed:
8e:f1:6b:96:f3:1a:2d:89:39:4f:6f:a3:e6:98:45:ab:c4:22:
0b:29:fd:4a:41:ad:5a:31:88:54:e1:33:e3:98:58:c5:ab:d2:
71:bc:e6:75:7a:41:ee:7e:a5:95:73:43:04:28:36:70:27:4f:
a4:cd:d8:58:a2:3c:ae:5e:d5:fd:dd:86:94:b0:17:00:e8:46:
e7:ba:98:45:6b:98:11:83:98:1b:58:25:7f:4d:91:6c:63:b5:
75:84:20:53:66:03:2b:b5:41:c5:6d:b4:f1:50:82:f8:ee:f1:
79:fc:14:f9:6d:c8:9d:a3:d0:5c:7c:d2:34:57:52:6c:28:c3:
16:24:44:a5:3f:02:06:f1:a9:fe:ee:52:12:e3:d7:83:45:00:
06:e0:ef:58
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZzwtBfaEg0leCjStIw0WoTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzE1MDg1NDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg2YWExZGEwMmY2NzAxMTgwYjJjMDM0MWQ2MDMwN2YxNGEyY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LJMR/ojbfNu8X6RXV8MB+76aBMd
3LVKfd5P8ennHGA+xk2wD3MGBlY5Ln6Ti34XkEziR1HdQjGCGLQO/pUtr70uToQ7
OV29uYZhve0J69FViVAkOsLRmt8OjzJh9UgyUQ4qnNDfcxlDjNr6hHwkY0sLVtp9
9kLUzDUPE/5tiCc5lGtn+TToJbPtUit17iXVJXYoaTH8fH3e6AqBn5k3nfsSan1m
Pi32+oBOdV8urDjx4OXYOYrEKdBvHcyEevxitGWprYkMLwAE/Civu/0zy06Et6Lx
vansh2r+jEcrTMeUbpy3VZoypdRWREIAMbq113uhOyCThbd2QLq/GFrREQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFNCGqh2gL2cBGAssA0HWAwfxSiy+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzczLzg3M2E3
MC03NTA0LTQzMDgtOTMxNC1iZjEzM2FmMWVkY2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMvODczYTcw
LTc1MDQtNDMwOC05MzE0LWJmMTMzYWYxZWRjYy8xLzBJYXFIYUF2WndFWUN5d0RR
ZFlEQl9GS0xMNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKhMygDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMDDaEwDQYJKoZIhvcNAQELBQADggEBAI03EYXSwAb3n60qPsH1r6csl61tm8K/
rcgzsEGYShxHs7uWXhjuwvFaLzI8lr6icrdrvmTxSlbcHvpUsL4seFrbwDAHm7Y/
7PM8kc4Lk2iGQF1+QWA79RN9gsmx/Pz+Ir+dWlhGhacy8nEA7Y7xa5bzGi2JOU9v
o+aYRavEIgsp/UpBrVoxiFThM+OYWMWr0nG85nV6Qe5+pZVzQwQoNnAnT6TN2Fii
PK5e1f3dhpSwFwDoRue6mEVrmBGDmBtYJX9NkWxjtXWEIFNmAyu1QcVttPFQgvju
8Xn8FPltyJ2j0Fx80jRXUmwowxYkRKU/Agbxqf7uUhLj14NFAAbg71g=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:13:22 2026 by rpki-client