Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0jh3jxNJtXVBjBnjg9BXGuvuot8.cer
File: 0jh3jxNJtXVBjBnjg9BXGuvuot8.cer (raw, json)
Hash identifier: NSYl9zDh/zM2KqzxFT3Fv719GV7s3ORV1r5W35UQKW4=
Subject key identifier: D2:38:77:8F:13:49:B5:75:41:8C:19:E3:83:D0:57:1A:EB:EE:A2:DF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DF20D89919604317E0FF0FDB8CFC2C279
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/0jh3jxNJtXVBjBnjg9BXGuvuot8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 04 May 2026 08:14:26 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 200850
IP: 2a0c:cd40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:0d:89:91:96:04:31:7e:0f:f0:fd:b8:cf:c2:c2:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 4 08:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d238778f1349b575418c19e383d0571aebeea2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:07:65:02:51:ef:ec:e7:dc:da:ce:09:2d:b8:
57:67:5d:e0:b1:4b:7c:70:1b:40:57:08:00:5d:04:
31:41:fd:ff:b4:68:b1:6c:c1:59:3c:58:9f:3d:f9:
54:4d:4e:e7:ab:ab:2a:dd:95:e4:ee:97:12:9c:51:
38:99:47:03:19:02:ea:c4:2a:1b:bf:21:c4:66:1c:
62:a2:59:87:52:72:d6:b0:4a:f0:4b:56:ac:53:81:
3a:78:75:b3:3f:74:bc:33:71:43:ee:84:79:2c:50:
b6:b3:ad:d2:10:85:5e:04:32:0f:c1:f7:dc:64:b7:
8d:6b:a1:ea:4b:8b:5d:6a:97:2e:ed:ec:05:8d:ec:
fd:96:b9:7a:fd:69:46:15:c3:08:d5:45:fc:fd:a8:
09:34:65:cc:63:e2:b8:70:15:3a:2e:b0:e1:84:f3:
02:af:b7:18:36:9b:20:ee:57:cb:93:ed:ec:8b:54:
ca:12:1f:95:ef:49:13:e6:21:59:d9:b6:2a:16:12:
a2:b9:91:51:ee:27:8b:55:3d:d0:95:a2:f6:c0:a8:
c2:84:a6:7f:7f:ce:ca:71:61:1c:fd:90:84:a0:00:
7b:07:1e:e3:14:00:51:9d:ca:80:e1:fd:d0:cc:ff:
b4:48:6e:14:e6:d2:a0:53:dc:32:32:b1:5b:b5:ac:
59:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:38:77:8F:13:49:B5:75:41:8C:19:E3:83:D0:57:1A:EB:EE:A2:DF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/0jh3jxNJtXVBjBnjg9BXGuvuot8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:cd40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200850
Signature Algorithm: sha256WithRSAEncryption
b0:fd:5b:08:e6:f2:3b:b5:97:55:78:7f:de:aa:98:8b:09:5d:
71:3c:d8:af:f9:37:b5:a2:de:7e:5c:46:23:23:b1:cf:fd:2a:
f9:6a:98:52:aa:f3:a8:c9:59:9a:fd:17:e4:25:a9:de:f1:47:
ed:9c:99:e3:1f:68:6a:f7:ff:1b:3a:d1:a4:aa:59:03:69:ac:
cc:5d:c6:a6:8c:7d:c6:af:04:f0:18:1c:39:91:6b:56:d6:00:
08:65:70:3f:37:91:e2:04:39:84:86:a4:f1:da:9e:e9:8e:2b:
25:b6:dc:e4:c4:3b:47:bb:9b:c4:24:80:21:69:e3:e6:d7:0f:
11:34:65:81:e9:9e:63:18:df:ef:15:c5:7f:e2:0c:cc:0e:a3:
ab:aa:98:d8:f6:ce:62:d2:61:e5:f7:d1:bb:a5:63:2d:ef:20:
f6:0e:56:36:c9:e8:d7:80:b6:0c:10:7b:63:ca:5c:bd:63:31:
8f:a4:93:f4:f0:82:e8:ad:ad:93:d5:cb:d3:97:6f:95:93:78:
4b:35:43:6b:35:90:f1:c5:af:59:bb:13:d0:83:c8:39:a1:1f:
7f:d6:9b:a7:16:4b:42:d5:f1:27:2e:b6:62:cb:6a:61:5f:ad:
54:cf:78:d9:f6:ec:15:ac:30:b5:dd:fd:9e:b0:02:c0:43:dd:
07:13:72:a8
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZ3yDYmRlgQxfg/w/bjPwsJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTA0MDgxNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjM4Nzc4ZjEzNDliNTc1NDE4YzE5ZTM4M2QwNTcxYWViZWVhMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QdlAlHv7Ofc2s4JLbhXZ13gsUt8
cBtAVwgAXQQxQf3/tGixbMFZPFifPflUTU7nq6sq3ZXk7pcSnFE4mUcDGQLqxCob
vyHEZhxiolmHUnLWsErwS1asU4E6eHWzP3S8M3FD7oR5LFC2s63SEIVeBDIPwffc
ZLeNa6HqS4tdapcu7ewFjez9lrl6/WlGFcMI1UX8/agJNGXMY+K4cBU6LrDhhPMC
r7cYNpsg7lfLk+3si1TKEh+V70kT5iFZ2bYqFhKiuZFR7ieLVT3QlaL2wKjChKZ/
f87KcWEc/ZCEoAB7Bx7jFABRncqA4f3QzP+0SG4U5tKgU9wyMrFbtaxZGwIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFNI4d48TSbV1QYwZ44PQVxrr7qLfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVhLzVmNzJi
Yy1jYWY0LTRlZGYtOTQzMi1lYzJjMTllYjY3ZjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEvNWY3MmJj
LWNhZjQtNGVkZi05NDMyLWVjMmMxOWViNjdmNi8xLzBqaDNqeE5KdFhWQmpCbmpn
OUJYR3V2dW90OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKgzNQDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMDEJIwDQYJKoZIhvcNAQELBQADggEBALD9Wwjm8ju1l1V4f96qmIsJXXE82K/5
N7Wi3n5cRiMjsc/9KvlqmFKq86jJWZr9F+Qlqd7xR+2cmeMfaGr3/xs60aSqWQNp
rMxdxqaMfcavBPAYHDmRa1bWAAhlcD83keIEOYSGpPHanumOKyW23OTEO0e7m8Qk
gCFp4+bXDxE0ZYHpnmMY3+8VxX/iDMwOo6uqmNj2zmLSYeX30bulYy3vIPYOVjbJ
6NeAtgwQe2PKXL1jMY+kk/TwguitrZPVy9OXb5WTeEs1Q2s1kPHFr1m7E9CDyDmh
H3/Wm6cWS0LV8ScutmLLamFfrVTPeNn27BWsMLXd/Z6wAsBD3QcTcqg=
-----END CERTIFICATE-----
Generated at Tue May 12 21:07:58 2026 by rpki-client