Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1tSrT7TFdkBWSIHcd7OmYfxMxDU.cer
File: 1tSrT7TFdkBWSIHcd7OmYfxMxDU.cer (raw, json)
Hash identifier: X06auoTfGSzeTxNbi3vLGYcvNLjK5ox9ZcSvb2bVWWQ=
Subject key identifier: D6:D4:AB:4F:B4:C5:76:40:56:48:81:DC:77:B3:A6:61:FC:4C:C4:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01997BB4D0F3152AE31D58AD0EE87F8E8C49
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/1tSrT7TFdkBWSIHcd7OmYfxMxDU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 24 Sep 2025 12:31:11 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 203043
IP: 78.111.176.0/20
IP: 93.180.240.0/20
IP: 185.146.248.0/22
IP: 2a05:6c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7b:b4:d0:f3:15:2a:e3:1d:58:ad:0e:e8:7f:8e:8c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 24 12:31:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6d4ab4fb4c57640564881dc77b3a661fc4cc435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e9:f3:16:e9:78:14:68:1c:aa:46:f9:9e:a6:
a4:3e:b7:fd:76:60:30:51:76:6d:a1:1e:6d:c8:56:
c6:3c:c0:38:41:ad:46:25:c5:12:cb:5f:61:9a:83:
7a:79:2d:9d:e5:94:d1:9e:44:d6:11:ea:ac:1d:fd:
4f:1a:c9:98:64:1e:46:aa:2e:c8:5f:b4:45:83:c2:
f3:fb:d6:34:53:75:b2:90:aa:f0:a5:da:b6:01:c9:
e0:44:1c:1f:93:14:0b:89:27:da:b9:70:6f:4f:5e:
bd:dc:ba:60:7b:7a:d0:78:ad:b8:89:0c:7c:98:ac:
8e:47:da:e5:44:d1:67:45:83:e1:e8:fb:bb:8b:89:
0b:b9:3e:f3:4a:b9:e8:f3:79:a5:ab:2f:7c:66:6b:
40:b6:fe:b8:82:ee:05:2e:a5:88:11:44:a6:02:7b:
ca:44:1f:e3:67:5d:9b:3b:9f:a8:78:8d:c3:77:72:
7f:16:4c:98:36:08:61:ae:df:40:15:14:ed:c0:d4:
bd:f8:bd:f2:ff:9a:63:6e:2d:50:6a:af:0a:10:79:
f8:c1:82:ea:ea:ae:4d:94:49:d7:f7:a8:45:05:e5:
f5:0c:cf:65:97:80:79:39:75:67:77:f9:c1:88:6b:
c4:0e:64:8b:d0:70:21:94:61:4a:87:10:15:7f:99:
03:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D4:AB:4F:B4:C5:76:40:56:48:81:DC:77:B3:A6:61:FC:4C:C4:35
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/1tSrT7TFdkBWSIHcd7OmYfxMxDU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.176.0/20
93.180.240.0/20
185.146.248.0/22
IPv6:
2a05:6c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203043
Signature Algorithm: sha256WithRSAEncryption
3b:66:b7:b6:2f:bb:67:21:9a:06:c8:0e:2a:6c:8d:a8:f3:56:
de:e1:88:ca:90:55:cb:89:bb:86:42:42:a9:79:b1:af:37:17:
b4:6b:2a:85:7a:b1:eb:05:35:a7:a4:32:e1:42:9d:0c:a0:fe:
ab:fe:42:bf:8f:29:a1:f3:e9:7b:be:7b:9e:fc:7f:24:1b:d9:
4f:f7:7c:fb:15:c3:d5:f7:34:6c:4a:44:16:92:34:75:1d:de:
9c:e7:3e:f0:1c:13:c3:86:84:9c:ec:94:87:e6:f6:aa:31:d0:
1b:08:dc:16:91:b8:71:f6:4c:c6:25:69:c3:57:d3:82:46:4e:
cd:4a:fe:bc:11:3a:21:69:dd:3e:62:33:85:2e:14:26:9c:f1:
ed:26:2e:34:e5:88:b1:31:ec:22:d9:22:fb:23:e0:ff:cd:ba:
ba:7f:c2:4d:bc:a0:49:c2:72:83:89:34:5c:6b:a5:d9:8a:dc:
67:91:ed:3a:b2:28:fc:93:4a:17:c8:d6:1e:e7:0e:15:1f:07:
57:e4:fe:98:5e:d7:65:fe:7f:9e:9f:9a:b8:25:7c:67:50:7e:
6a:4b:2b:44:ee:a6:90:4e:5b:ae:59:94:91:5a:c2:49:b4:e2:
0b:21:83:c8:82:58:f7:d2:36:09:ea:39:e0:d9:d5:d6:2f:a4:
2d:0c:77:c0
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZl7tNDzFSrjHVitDuh/joxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTI0MTIzMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ0YWI0ZmI0YzU3NjQwNTY0ODgxZGM3N2IzYTY2MWZjNGNjNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+nzFul4FGgcqkb5nqakPrf9dmAw
UXZtoR5tyFbGPMA4Qa1GJcUSy19hmoN6eS2d5ZTRnkTWEeqsHf1PGsmYZB5Gqi7I
X7RFg8Lz+9Y0U3WykKrwpdq2AcngRBwfkxQLiSfauXBvT1693Lpge3rQeK24iQx8
mKyOR9rlRNFnRYPh6Pu7i4kLuT7zSrno83mlqy98ZmtAtv64gu4FLqWIEUSmAnvK
RB/jZ12bO5+oeI3Dd3J/FkyYNghhrt9AFRTtwNS9+L3y/5pjbi1Qaq8KEHn4wYLq
6q5NlEnX96hFBeX1DM9ll4B5OXVnd/nBiGvEDmSL0HAhlGFKhxAVf5kDzQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFNbUq0+0xXZAVkiB3HezpmH8TMQ1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk3LzY4ZTUz
Zi03MGE4LTQzYWUtODMwZS1mOWQ2ZjRhMzMzMDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcvNjhlNTNm
LTcwYTgtNDNhZS04MzBlLWY5ZDZmNGEzMzMwOS8xLzF0U3JUN1RGZGtCV1NJSGNk
N09tWWZ4TXhEVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQETm+wAwQEXbTwAwQCuZL4MA0EAgACMAcDBQMq
BQbAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMZIzANBgkqhkiG9w0BAQsFAAOC
AQEAO2a3ti+7ZyGaBsgOKmyNqPNW3uGIypBVy4m7hkJCqXmxrzcXtGsqhXqx6wU1
p6Qy4UKdDKD+q/5Cv48pofPpe757nvx/JBvZT/d8+xXD1fc0bEpEFpI0dR3enOc+
8BwTw4aEnOyUh+b2qjHQGwjcFpG4cfZMxiVpw1fTgkZOzUr+vBE6IWndPmIzhS4U
Jpzx7SYuNOWIsTHsItki+yPg/826un/CTbygScJyg4k0XGul2YrcZ5HtOrIo/JNK
F8jWHucOFR8HV+T+mF7XZf5/np+auCV8Z1B+aksrRO6mkE5brlmUkVrCSbTiCyGD
yIJY99I2Ceo54NnV1i+kLQx3wA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:28:54 2025 by rpki-client