Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
File: 3WQWapEXkwjyU6kXVhbMxoKMRGM.cer (raw, json)
Hash identifier: ui7+OJURGSf75/mf0/x3+JuMoxctJ1pDmjoguJqsZsc=
Subject key identifier: DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01977C87305B95A31DC91BD995F69FE36B19
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 17 Jun 2025 06:15:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 34250
AS: 197486
AS: 201767
AS: 202175
IP: 5.133.120.0/22
IP: 45.150.24.0/22
IP: 83.222.6.0/23
IP: 84.54.64.0/18
IP: 86.62.0.0/22
IP: 89.104.102.0/24
IP: 89.223.3.0/24
IP: 89.249.60.0/22
IP: 90.156.160.0/21
IP: 90.156.192.0/21
IP: 92.63.204.0/22
IP: 93.188.80.0/21
IP: 94.230.225.0 -- 94.230.226.255
IP: 94.230.228.0 -- 94.230.239.255
IP: 109.94.172.0/22
IP: 185.0.23.0/24
IP: 185.4.160.0/22
IP: 185.100.52.0/22
IP: 185.203.236.0/22
IP: 194.93.24.0/22
IP: 198.163.192.0/20
IP: 213.206.39.0 -- 213.206.40.255
IP: 213.206.42.0/24
IP: 213.206.44.0/23
IP: 213.206.47.0 -- 213.206.48.255
IP: 213.206.50.0 -- 213.206.55.255
IP: 213.206.58.0/24
IP: 213.206.60.0/22
IP: 2001:7f8:110::/48
IP: 2a09:6700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:87:30:5b:95:a3:1d:c9:1b:d9:95:f6:9f:e3:6b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 17 06:15:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd64166a91179308f253a9175616ccc6828c4463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:86:52:2b:52:56:5d:a9:57:fc:72:e4:0b:db:
b9:bb:14:e9:2e:97:68:16:5c:c6:bb:a7:9d:5c:9a:
84:6d:f3:bf:62:98:1f:5d:0f:e2:34:7b:ff:fc:e7:
90:66:2f:40:f2:6e:80:50:0e:aa:95:3b:f8:ba:dd:
3d:b2:64:cf:a8:5a:ae:31:e7:91:52:71:96:a2:77:
40:10:4a:cb:8c:f9:37:a7:aa:42:90:15:b2:54:17:
12:3f:97:02:60:a3:05:b0:cb:41:0b:4a:a0:57:9a:
ad:10:6f:82:e1:bc:9f:ef:77:1a:f4:6c:a4:31:fb:
8c:ed:fc:ca:4b:73:22:03:e2:b9:16:ba:03:e9:29:
60:c8:84:85:97:16:e3:35:1c:2c:17:d1:c3:56:26:
fd:a1:9f:bb:89:d1:69:4c:1c:04:64:43:db:c6:65:
d2:93:63:cc:69:ca:50:ee:29:66:3e:e7:60:f4:aa:
6d:21:1c:94:1d:07:e1:28:67:9f:a9:86:02:77:9b:
a8:c5:e9:61:66:0d:30:0a:dd:1a:98:52:d4:fb:e0:
1d:54:dc:b9:3f:01:ad:03:0e:01:69:17:b2:1f:03:
52:d6:14:43:3a:4d:8a:4a:d3:95:e8:ce:61:d3:c4:
08:c4:da:33:f1:43:96:a3:cc:7a:df:b4:c7:a5:3e:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.120.0/22
45.150.24.0/22
83.222.6.0/23
84.54.64.0/18
86.62.0.0/22
89.104.102.0/24
89.223.3.0/24
89.249.60.0/22
90.156.160.0/21
90.156.192.0/21
92.63.204.0/22
93.188.80.0/21
94.230.225.0-94.230.226.255
94.230.228.0-94.230.239.255
109.94.172.0/22
185.0.23.0/24
185.4.160.0/22
185.100.52.0/22
185.203.236.0/22
194.93.24.0/22
198.163.192.0/20
213.206.39.0-213.206.40.255
213.206.42.0/24
213.206.44.0/23
213.206.47.0-213.206.48.255
213.206.50.0-213.206.55.255
213.206.58.0/24
213.206.60.0/22
IPv6:
2001:7f8:110::/48
2a09:6700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34250
197486
201767
202175
Signature Algorithm: sha256WithRSAEncryption
66:de:b8:84:fe:da:18:ef:29:c0:3e:14:93:f9:92:91:1a:a7:
05:fa:45:02:64:70:58:aa:b5:86:19:26:94:01:d5:2a:f2:c2:
2c:7f:37:e6:37:09:69:bc:fc:a0:e9:63:ba:74:b6:b8:66:f4:
2e:62:6f:03:e2:f8:bc:7f:60:7e:83:db:3b:14:56:04:29:0e:
77:e7:83:a8:25:cf:30:d5:7d:28:23:56:66:a4:f8:11:96:e3:
c0:2c:30:0d:05:02:df:37:a2:6d:80:42:73:92:27:d3:8a:0f:
d0:68:3c:2e:38:f3:7b:26:ae:c1:a9:13:ba:9b:6e:e3:34:54:
d7:9f:2d:f7:31:4c:f3:6a:0d:81:af:08:79:e5:b9:1d:46:49:
c1:fa:e8:6d:3e:ff:ec:91:b3:49:8a:12:fa:0e:b6:b4:47:49:
5c:2c:26:13:a5:55:6d:0b:fb:7b:f9:1d:41:b4:0b:53:1e:75:
d9:86:64:8c:62:be:9c:75:85:ec:66:a7:d5:58:d3:cc:64:83:
be:0c:66:07:9c:9a:97:b4:c4:a2:f5:b0:d9:40:8b:78:8e:1d:
db:c4:d5:9f:7d:91:c7:78:43:6c:32:96:cd:ea:a3:33:b5:f1:
90:04:f0:dc:28:54:da:bb:f8:f7:a4:5b:47:8f:30:bf:b3:3f:
fe:b0:05:b2
-----BEGIN CERTIFICATE-----
MIIGizCCBXOgAwIBAgISAZd8hzBblaMdyRvZlfaf42sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjE3MDYxNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY0MTY2YTkxMTc5MzA4ZjI1M2E5MTc1NjE2Y2NjNjgyOGM0NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYZSK1JWXalX/HLkC9u5uxTpLpdo
FlzGu6edXJqEbfO/YpgfXQ/iNHv//OeQZi9A8m6AUA6qlTv4ut09smTPqFquMeeR
UnGWondAEErLjPk3p6pCkBWyVBcSP5cCYKMFsMtBC0qgV5qtEG+C4byf73ca9Gyk
MfuM7fzKS3MiA+K5FroD6SlgyISFlxbjNRwsF9HDVib9oZ+7idFpTBwEZEPbxmXS
k2PMacpQ7ilmPudg9KptIRyUHQfhKGefqYYCd5uoxelhZg0wCt0amFLU++AdVNy5
PwGtAw4BaReyHwNS1hRDOk2KStOV6M5h08QIxNoz8UOWo8x637THpT7L+wIDAQAB
o4IDlzCCA5MwHQYDVR0OBBYEFN1kFmqRF5MI8lOpF1YWzMaCjERjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzBhNDg5
Yi05ZDllLTRmNmEtODdjNy03NGRlMjU4YTc2ZjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvMGE0ODli
LTlkOWUtNGY2YS04N2M3LTc0ZGUyNThhNzZmOC8xLzNXUVdhcEVYa3dqeVU2a1hW
aGJNeG9LTVJHTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBQYIKwYB
BQUHAQcBAf8EgfUwgfIwgdcEAgABMIHQAwQCBYV4AwQCLZYYAwQBU94GAwQGVDZA
AwQCVj4AAwQAWWhmAwQAWd8DAwQCWfk8AwQDWpygAwQDWpzAAwQCXD/MAwQDXbxQ
MAwDBABe5uEDBABe5uIwDAMEAl7m5AMEBF7m4AMEAm1erAMEALkAFwMEArkEoAME
ArlkNAMEArnL7AMEAsJdGAMEBMajwDAMAwQA1c4nAwQA1c4oAwQA1c4qAwQB1c4s
MAwDBADVzi8DBADVzjAwDAMEAdXOMgMEA9XOMAMEANXOOgMEAtXOPDAWBAIAAjAQ
AwcAIAEH+AEQAwUDKglnADApBggrBgEFBQcBCAEB/wQaMBigFjAUAgMAhcoCAwMD
bgIDAxQnAgMDFb8wDQYJKoZIhvcNAQELBQADggEBAGbeuIT+2hjvKcA+FJP5kpEa
pwX6RQJkcFiqtYYZJpQB1Srywix/N+Y3CWm8/KDpY7p0trhm9C5ibwPi+Lx/YH6D
2zsUVgQpDnfng6glzzDVfSgjVmak+BGW48AsMA0FAt83om2AQnOSJ9OKD9BoPC44
83smrsGpE7qbbuM0VNefLfcxTPNqDYGvCHnluR1GScH66G0+/+yRs0mKEvoOtrRH
SVwsJhOlVW0L+3v5HUG0C1MeddmGZIxivpx1hexmp9VY08xkg74MZgecmpe0xKL1
sNlAi3iOHdvE1Z99kcd4Q2wyls3qozO18ZAE8NwoVNq7+PekW0ePML+zP/6wBbI=
-----END CERTIFICATE-----
Generated at Sat Jun 28 16:25:02 2025 by rpki-client