Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1AdHFBQvg5cBSPqw7D4hF8OTxJE.cer
File: 1AdHFBQvg5cBSPqw7D4hF8OTxJE.cer (raw, json)
Hash identifier: bnsiqtikvX3BRi/WU4vsu5Gy4CHw6TEp/zl0yCCNdu4=
Subject key identifier: D4:07:47:14:14:2F:83:97:01:48:FA:B0:EC:3E:21:17:C3:93:C4:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01976804403713C6A341BA059FC97780AA44
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/1AdHFBQvg5cBSPqw7D4hF8OTxJE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 13 Jun 2025 06:39:58 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 46.235.15.0/24
IP: 103.54.88.0/22
IP: 103.126.48.0/23
IP: 103.209.228.0/23
IP: 217.65.75.0/24
IP: 2a00:9940::/29
IP: 2a04:e880::/29
IP: 2a06:4b80::/29
IP: 2a06:8540::/29
IP: 2a06:9dc0::/29
IP: 2a07:35c0::/29
IP: 2a09:2340::/29
IP: 2a0a:6cc0::/29
IP: 2a0a:cfc0::/29
IP: 2a0c:52c0::/29
IP: 2a0d:8180::/29
IP: 2a0d:c500::/29
IP: 2a0d:fd80::/29
IP: 2a0e:3dc0::/29
IP: 2a0e:7fc0::/29
IP: 2a0f:f9c0::/29
IP: 2a10:c80::/29
IP: 2a10:5480::/29
IP: 2a10:7b80::/29
IP: 2a11:3f40::/29
IP: 2a14:2b80::/29
IP: 2a14:5c80::/29
IP: 2a14:6580::/29
IP: 2a14:7080::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:04:40:37:13:c6:a3:41:ba:05:9f:c9:77:80:aa:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 13 06:39:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4074714142f83970148fab0ec3e2117c393c491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:3b:ab:4b:9a:ff:7d:1d:52:82:da:7c:b7:
b6:25:51:65:00:f5:f3:2d:f6:02:03:9b:a4:1e:65:
f2:25:91:5f:32:74:78:b2:6f:9e:dd:ed:57:4e:e5:
79:13:2b:30:15:7a:2b:bc:dc:73:55:97:d4:07:81:
89:09:04:dc:a7:21:7b:fa:2b:fd:95:95:39:69:6e:
6c:43:1e:6a:d8:09:f0:14:ac:6c:a2:a3:4e:06:f0:
71:c5:c9:6f:64:86:2a:df:2c:81:16:2a:65:f8:7c:
ca:71:1c:52:44:12:14:e9:a7:5a:99:a0:b2:d0:ff:
33:cd:86:ce:a3:f9:a7:e4:a6:a5:f7:0d:f6:e7:b6:
5f:25:96:82:44:32:6f:84:f8:73:2d:8d:4c:67:7e:
93:3d:55:79:e3:84:3b:29:73:d1:9b:26:a4:99:f3:
57:aa:87:ca:f4:ab:48:bd:29:20:1e:ab:45:2a:fe:
ca:f1:f7:9a:17:ae:28:81:53:0b:28:44:02:27:44:
26:96:b5:0e:53:ac:99:ae:49:2c:ae:ea:70:4b:4c:
e2:8a:1d:3a:6c:aa:62:6a:48:c5:30:22:43:7c:1c:
d1:84:ce:ca:aa:ff:5a:3d:33:84:88:f5:12:be:f8:
7e:f9:94:81:45:fc:2d:74:d5:9c:a0:8a:dc:ea:82:
62:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:07:47:14:14:2F:83:97:01:48:FA:B0:EC:3E:21:17:C3:93:C4:91
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1ff4c-a58f-4ee3-98e9-d79ce2deea70/1/1AdHFBQvg5cBSPqw7D4hF8OTxJE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.15.0/24
103.54.88.0/22
103.126.48.0/23
103.209.228.0/23
217.65.75.0/24
IPv6:
2a00:9940::/29
2a04:e880::/29
2a06:4b80::/29
2a06:8540::/29
2a06:9dc0::/29
2a07:35c0::/29
2a09:2340::/29
2a0a:6cc0::/29
2a0a:cfc0::/29
2a0c:52c0::/29
2a0d:8180::/29
2a0d:c500::/29
2a0d:fd80::/29
2a0e:3dc0::/29
2a0e:7fc0::/29
2a0f:f9c0::/29
2a10:c80::/29
2a10:5480::/29
2a10:7b80::/29
2a11:3f40::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
4c:1d:c5:bb:e4:0f:72:30:88:c0:4a:4a:58:7f:bd:8a:e5:5d:
31:cf:41:b9:03:d0:22:5d:db:fe:7c:f1:bb:71:da:80:ce:2a:
e8:32:30:1c:be:c6:24:f0:07:ae:31:aa:88:d4:bf:19:8a:cc:
bd:a7:8e:74:91:4c:71:9c:de:9b:d4:64:ac:4f:ed:28:20:0d:
a1:47:18:9f:78:9e:92:e0:c1:3d:8b:f8:2d:d7:d3:aa:2c:a8:
0b:7f:73:a4:b9:6f:55:06:6f:c7:7d:3e:59:ce:a4:62:e8:c2:
02:d3:fd:f7:25:b7:e3:df:85:63:48:a3:87:a8:ac:94:79:3e:
8a:46:34:11:17:1f:9a:d5:c7:aa:e7:bf:d1:14:37:60:e9:01:
08:bc:a1:e3:a4:d9:e0:9c:32:32:21:fb:2b:75:8c:e7:7f:86:
10:cd:50:a9:bd:46:52:6a:ad:2c:2b:e4:12:85:7b:a8:9a:3f:
aa:81:90:b8:e9:e6:68:ad:b7:3f:50:16:c4:88:07:85:9d:6d:
db:45:da:6f:f9:e5:63:6d:e9:be:61:c4:fa:5a:5e:53:5e:65:
0a:8d:eb:15:d9:04:ab:83:1d:1a:a7:2e:9a:9a:7d:ba:a7:a2:
ca:ec:cf:14:d3:51:63:b8:76:f2:1d:a5:bd:8a:31:8e:54:8b:
fe:41:3c:1b
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAZdoBEA3E8ajQboFn8l3gKpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjEzMDYzOTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA3NDcxNDE0MmY4Mzk3MDE0OGZhYjBlYzNlMjExN2MzOTNjNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXA7q0ua/30dUoLafLe2JVFlAPXz
LfYCA5ukHmXyJZFfMnR4sm+e3e1XTuV5EyswFXorvNxzVZfUB4GJCQTcpyF7+iv9
lZU5aW5sQx5q2AnwFKxsoqNOBvBxxclvZIYq3yyBFipl+HzKcRxSRBIU6adamaCy
0P8zzYbOo/mn5Kal9w3257ZfJZaCRDJvhPhzLY1MZ36TPVV544Q7KXPRmyakmfNX
qofK9KtIvSkgHqtFKv7K8feaF64ogVMLKEQCJ0QmlrUOU6yZrkksrupwS0ziih06
bKpiakjFMCJDfBzRhM7Kqv9aPTOEiPUSvvh++ZSBRfwtdNWcoIrc6oJi1wIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFNQHRxQUL4OXAUj6sOw+IRfDk8SRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjL2ExZmY0
Yy1hNThmLTRlZTMtOThlOS1kNzljZTJkZWVhNzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvYTFmZjRj
LWE1OGYtNGVlMy05OGU5LWQ3OWNlMmRlZWE3MC8xLzFBZEhGQlF2ZzVjQlNQcXc3
RDRoRjhPVHhKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHrBggrBgEF
BQcBBwEB/wSB2zCB2DAkBAIAATAeAwQALusPAwQCZzZYAwQBZ34wAwQBZ9HkAwQA
2UFLMIGvBAIAAjCBqAMFAyoAmUADBQMqBOiAAwUDKgZLgAMFAyoGhUADBQMqBp3A
AwUDKgc1wAMFAyoJI0ADBQMqCmzAAwUDKgrPwAMFAyoMUsADBQMqDYGAAwUDKg3F
AAMFAyoN/YADBQMqDj3AAwUDKg5/wAMFAyoP+cADBQMqEAyAAwUDKhBUgAMFAyoQ
e4ADBQMqET9AAwUDKhQrgAMFAyoUXIADBQMqFGWAAwUDKhRwgDANBgkqhkiG9w0B
AQsFAAOCAQEATB3Fu+QPcjCIwEpKWH+9iuVdMc9BuQPQIl3b/nzxu3HagM4q6DIw
HL7GJPAHrjGqiNS/GYrMvaeOdJFMcZzem9RkrE/tKCANoUcYn3iekuDBPYv4LdfT
qiyoC39zpLlvVQZvx30+Wc6kYujCAtP99yW349+FY0ijh6islHk+ikY0ERcfmtXH
que/0RQ3YOkBCLyh46TZ4JwyMiH7K3WM53+GEM1Qqb1GUmqtLCvkEoV7qJo/qoGQ
uOnmaK23P1AWxIgHhZ1t20Xab/nlY23pvmHE+lpeU15lCo3rFdkEq4MdGqcumpp9
uqeiyuzPFNNRY7h28h2lvYoxjlSL/kE8Gw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:46:04 2025 by rpki-client