Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1AdHFBQvg5cBSPqw7D4hF8OTxJE.cer
File: 1AdHFBQvg5cBSPqw7D4hF8OTxJE.cer (raw, json)
Hash identifier: xZ7654q1EcSmJu10/teN7G2qAtuQ4JnijtkXvOfl5c4=
Subject key identifier: D4:07:47:14:14:2F:83:97:01:48:FA:B0:EC:3E:21:17:C3:93:C4:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D06F20DA36356F2692EE302EE132B5A81
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/1AdHFBQvg5cBSPqw7D4hF8OTxJE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 19 Mar 2026 16:33:39 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 103.54.88.0/22
IP: 103.126.48.0/23
IP: 103.209.228.0/23
IP: 217.65.75.0/24
IP: 2a00:9940::/29
IP: 2a04:e880::/29
IP: 2a06:4b80::/29
IP: 2a06:8540::/29
IP: 2a06:9dc0::/29
IP: 2a07:35c0::/29
IP: 2a09:2340::/29
IP: 2a0a:6cc0::/29
IP: 2a0a:cfc0::/29
IP: 2a0c:52c0::/29
IP: 2a0d:8180::/29
IP: 2a0d:c500::/29
IP: 2a0d:fd80::/29
IP: 2a0e:3dc0::/29
IP: 2a0e:7fc0::/29
IP: 2a0f:f9c0::/29
IP: 2a10:c80::/29
IP: 2a10:5480::/29
IP: 2a10:7b80::/29
IP: 2a11:3f40::/29
IP: 2a14:2b80::/29
IP: 2a14:5c80::/29
IP: 2a14:6580::/29
IP: 2a14:7080::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:f2:0d:a3:63:56:f2:69:2e:e3:02:ee:13:2b:5a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 19 16:33:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d4074714142f83970148fab0ec3e2117c393c491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:3b:ab:4b:9a:ff:7d:1d:52:82:da:7c:b7:
b6:25:51:65:00:f5:f3:2d:f6:02:03:9b:a4:1e:65:
f2:25:91:5f:32:74:78:b2:6f:9e:dd:ed:57:4e:e5:
79:13:2b:30:15:7a:2b:bc:dc:73:55:97:d4:07:81:
89:09:04:dc:a7:21:7b:fa:2b:fd:95:95:39:69:6e:
6c:43:1e:6a:d8:09:f0:14:ac:6c:a2:a3:4e:06:f0:
71:c5:c9:6f:64:86:2a:df:2c:81:16:2a:65:f8:7c:
ca:71:1c:52:44:12:14:e9:a7:5a:99:a0:b2:d0:ff:
33:cd:86:ce:a3:f9:a7:e4:a6:a5:f7:0d:f6:e7:b6:
5f:25:96:82:44:32:6f:84:f8:73:2d:8d:4c:67:7e:
93:3d:55:79:e3:84:3b:29:73:d1:9b:26:a4:99:f3:
57:aa:87:ca:f4:ab:48:bd:29:20:1e:ab:45:2a:fe:
ca:f1:f7:9a:17:ae:28:81:53:0b:28:44:02:27:44:
26:96:b5:0e:53:ac:99:ae:49:2c:ae:ea:70:4b:4c:
e2:8a:1d:3a:6c:aa:62:6a:48:c5:30:22:43:7c:1c:
d1:84:ce:ca:aa:ff:5a:3d:33:84:88:f5:12:be:f8:
7e:f9:94:81:45:fc:2d:74:d5:9c:a0:8a:dc:ea:82:
62:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:07:47:14:14:2F:83:97:01:48:FA:B0:EC:3E:21:17:C3:93:C4:91
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/1AdHFBQvg5cBSPqw7D4hF8OTxJE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.54.88.0/22
103.126.48.0/23
103.209.228.0/23
217.65.75.0/24
IPv6:
2a00:9940::/29
2a04:e880::/29
2a06:4b80::/29
2a06:8540::/29
2a06:9dc0::/29
2a07:35c0::/29
2a09:2340::/29
2a0a:6cc0::/29
2a0a:cfc0::/29
2a0c:52c0::/29
2a0d:8180::/29
2a0d:c500::/29
2a0d:fd80::/29
2a0e:3dc0::/29
2a0e:7fc0::/29
2a0f:f9c0::/29
2a10:c80::/29
2a10:5480::/29
2a10:7b80::/29
2a11:3f40::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
0c:88:49:0e:1d:b7:d2:45:01:ea:60:8c:bf:2e:84:66:47:64:
91:c8:55:87:08:c7:de:b6:69:29:f5:3e:43:d2:ef:e4:9d:33:
e9:60:02:e8:6c:2b:a4:cf:8e:e8:01:4d:bf:39:86:72:35:18:
7d:63:c3:4c:83:a7:74:2b:88:dd:94:cb:48:1a:f0:79:82:cd:
9a:ae:bf:fd:78:dd:8b:eb:2b:4d:b5:76:75:7d:3c:00:9f:69:
97:e7:39:b7:49:22:34:d4:35:bd:25:47:3d:bc:5f:09:c9:b2:
a8:9a:93:df:57:83:d3:d4:69:61:46:3b:8d:dd:9a:9d:a3:98:
46:75:7b:24:91:ab:6d:93:c1:1c:0d:f3:16:7f:89:2a:c2:6e:
6a:26:4b:0c:90:75:94:0f:34:74:37:6b:8b:2e:b4:62:4d:00:
77:31:09:a6:02:64:53:b0:ee:0a:09:41:1b:82:84:c7:b6:17:
e3:bb:d5:d1:46:18:0c:10:ba:a7:12:99:8e:01:c4:df:d4:2c:
52:23:3b:d9:c8:6b:e7:29:8b:6f:82:34:46:a0:03:ce:d7:7c:
a5:20:48:6e:7a:c8:d3:f0:c7:26:6c:82:2f:ec:48:0e:7d:65:
b8:c1:e1:6f:2e:4a:07:9e:52:5d:19:06:4b:4e:3b:47:f7:bc:
93:e6:74:28
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAZ0G8g2jY1byaS7jAu4TK1qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzE5MTYzMzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA3NDcxNDE0MmY4Mzk3MDE0OGZhYjBlYzNlMjExN2MzOTNjNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXA7q0ua/30dUoLafLe2JVFlAPXz
LfYCA5ukHmXyJZFfMnR4sm+e3e1XTuV5EyswFXorvNxzVZfUB4GJCQTcpyF7+iv9
lZU5aW5sQx5q2AnwFKxsoqNOBvBxxclvZIYq3yyBFipl+HzKcRxSRBIU6adamaCy
0P8zzYbOo/mn5Kal9w3257ZfJZaCRDJvhPhzLY1MZ36TPVV544Q7KXPRmyakmfNX
qofK9KtIvSkgHqtFKv7K8feaF64ogVMLKEQCJ0QmlrUOU6yZrkksrupwS0ziih06
bKpiakjFMCJDfBzRhM7Kqv9aPTOEiPUSvvh++ZSBRfwtdNWcoIrc6oJi1wIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFNQHRxQUL4OXAUj6sOw+IRfDk8SRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjL2ExZmY0
Yy1hNThmLTRlZTMtOThlOS1kNzljZTJkZWVhNzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvYTFmZjRj
LWE1OGYtNGVlMy05OGU5LWQ3OWNlMmRlZWE3MC8xLzFBZEhGQlF2ZzVjQlNQcXc3
RDRoRjhPVHhKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHlBggrBgEF
BQcBBwEB/wSB1TCB0jAeBAIAATAYAwQCZzZYAwQBZ34wAwQBZ9HkAwQA2UFLMIGv
BAIAAjCBqAMFAyoAmUADBQMqBOiAAwUDKgZLgAMFAyoGhUADBQMqBp3AAwUDKgc1
wAMFAyoJI0ADBQMqCmzAAwUDKgrPwAMFAyoMUsADBQMqDYGAAwUDKg3FAAMFAyoN
/YADBQMqDj3AAwUDKg5/wAMFAyoP+cADBQMqEAyAAwUDKhBUgAMFAyoQe4ADBQMq
ET9AAwUDKhQrgAMFAyoUXIADBQMqFGWAAwUDKhRwgDANBgkqhkiG9w0BAQsFAAOC
AQEADIhJDh230kUB6mCMvy6EZkdkkchVhwjH3rZpKfU+Q9Lv5J0z6WAC6GwrpM+O
6AFNvzmGcjUYfWPDTIOndCuI3ZTLSBrweYLNmq6//Xjdi+srTbV2dX08AJ9pl+c5
t0kiNNQ1vSVHPbxfCcmyqJqT31eD09RpYUY7jd2anaOYRnV7JJGrbZPBHA3zFn+J
KsJuaiZLDJB1lA80dDdriy60Yk0AdzEJpgJkU7DuCglBG4KEx7YX47vV0UYYDBC6
pxKZjgHE39QsUiM72chr5ymLb4I0RqADztd8pSBIbnrI0/DHJmyCL+xIDn1luMHh
by5KB55SXRkGS047R/e8k+Z0KA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:59:51 2026 by rpki-client