Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5ADgGnlalXLPsazYWWya0zxhJlk.cer
File: 5ADgGnlalXLPsazYWWya0zxhJlk.cer (raw, json)
Hash identifier: rbRpZ/uLVWx6BgZ89UrFQuzbKx5/dQvfhrwF9xDUTl8=
Subject key identifier: E4:00:E0:1A:79:5A:95:72:CF:B1:AC:D8:59:6C:9A:D3:3C:61:26:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019923E7D15C61773D8E3FEB4B940B28FD05
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/5ADgGnlalXLPsazYWWya0zxhJlk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 07 Sep 2025 11:20:19 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35656
IP: 87.236.232.0/21
IP: 185.200.128.0/22
IP: 2a04:6200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:e7:d1:5c:61:77:3d:8e:3f:eb:4b:94:0b:28:fd:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 7 11:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e400e01a795a9572cfb1acd8596c9ad33c612659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:27:d9:e8:6d:43:55:87:43:51:d3:c5:da:58:
c2:cf:e6:24:e4:22:e2:b0:27:ee:08:78:9e:ec:aa:
ae:c2:f5:f2:4b:93:ee:6f:c0:4f:3a:cb:6c:93:e5:
9b:3c:ab:3f:71:56:e7:99:8b:3b:10:53:7c:fc:14:
e1:68:34:f3:40:20:6e:78:82:12:df:a5:9c:a8:09:
2d:c8:7d:30:67:3b:30:cf:f1:13:35:f8:5a:76:c1:
b6:a3:4b:d0:21:60:c2:db:90:93:b0:90:d6:cc:87:
ed:14:b7:d5:67:82:b0:f1:12:78:9d:6d:49:43:cd:
f4:59:31:20:a6:ad:6c:24:f9:f4:93:62:bc:f3:a5:
be:73:1d:ae:ad:2a:87:01:69:fa:83:44:84:18:5f:
54:c0:af:f3:cc:a7:43:7d:cf:6b:7d:ea:9a:79:4a:
61:8f:54:e0:83:75:8f:4f:d6:37:f6:84:76:59:2c:
c2:bd:3f:6b:7d:38:c2:27:c5:f2:4e:9c:cb:d4:23:
2d:d4:ff:e6:4f:bd:6d:27:b4:01:56:f8:4d:1c:b3:
e3:53:cb:49:5a:e2:29:f9:88:01:6a:30:eb:9a:3c:
eb:de:08:b0:20:15:15:b7:ad:68:a5:8a:90:d8:02:
c7:2a:d0:8f:03:db:9e:87:75:9c:75:06:49:ed:64:
0c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:00:E0:1A:79:5A:95:72:CF:B1:AC:D8:59:6C:9A:D3:3C:61:26:59
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/5ADgGnlalXLPsazYWWya0zxhJlk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.232.0/21
185.200.128.0/22
IPv6:
2a04:6200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35656
Signature Algorithm: sha256WithRSAEncryption
6a:34:a7:4d:95:bf:2b:17:9c:33:d0:6d:4e:92:ed:f6:75:7b:
d2:f2:ae:2c:a6:ea:16:63:87:cb:6e:75:a7:f2:de:b2:e3:78:
ab:a0:68:3d:f2:72:ae:56:fc:de:a1:91:57:c6:62:12:4c:b3:
45:96:98:e2:da:db:ba:c5:4f:b2:14:f1:7a:2d:29:2c:f8:b1:
ec:b3:ae:f2:c1:d1:4a:a5:38:4c:8c:90:2d:05:82:a1:a8:5f:
c7:e9:0c:fa:bd:1a:d6:19:31:a1:24:72:d6:75:7c:59:35:f7:
91:b6:34:cf:09:d3:ed:07:06:d1:e0:69:69:d1:f4:58:60:f9:
fd:4c:b5:ad:a8:ac:7c:5d:ba:72:ea:1e:b2:85:32:95:f8:0f:
0a:b2:79:b2:21:99:1e:35:5b:aa:2c:54:a2:81:bf:2a:52:3d:
e1:7c:94:ac:0a:7f:c5:0e:f5:92:af:1d:e9:43:00:ba:ac:ba:
1c:68:bd:14:12:e5:ee:fe:59:59:d4:73:1a:1e:c8:7d:f0:0e:
dd:37:b7:84:93:11:e5:22:2d:8d:56:18:41:a2:79:3d:f8:40:
67:39:1b:4b:a1:cd:5e:26:68:d4:47:96:c7:ed:d5:8d:5c:c5:
49:a2:4b:68:a6:5c:2e:e7:fd:02:71:93:5d:ba:8c:b1:d2:74:
c9:51:e7:7a
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZkj59FcYXc9jj/rS5QLKP0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTA3MTEyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDAwZTAxYTc5NWE5NTcyY2ZiMWFjZDg1OTZjOWFkMzNjNjEyNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSfZ6G1DVYdDUdPF2ljCz+Yk5CLi
sCfuCHie7KquwvXyS5Pub8BPOstsk+WbPKs/cVbnmYs7EFN8/BThaDTzQCBueIIS
36WcqAktyH0wZzswz/ETNfhadsG2o0vQIWDC25CTsJDWzIftFLfVZ4Kw8RJ4nW1J
Q830WTEgpq1sJPn0k2K886W+cx2urSqHAWn6g0SEGF9UwK/zzKdDfc9rfeqaeUph
j1Tgg3WPT9Y39oR2WSzCvT9rfTjCJ8XyTpzL1CMt1P/mT71tJ7QBVvhNHLPjU8tJ
WuIp+YgBajDrmjzr3giwIBUVt61opYqQ2ALHKtCPA9ueh3WcdQZJ7WQMrwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFOQA4Bp5WpVyz7Gs2FlsmtM8YSZZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyL2FlZDI2
MS05M2JjLTRiMGYtOTVmOS0wYzNlYjFhMGRkODAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvYWVkMjYx
LTkzYmMtNGIwZi05NWY5LTBjM2ViMWEwZGQ4MC8xLzVBRGdHbmxhbFhMUHNhellX
V3lhMHp4aEpsay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDV+zoAwQCuciAMA0EAgACMAcDBQMqBGIAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCLSDANBgkqhkiG9w0BAQsFAAOCAQEAajSn
TZW/KxecM9BtTpLt9nV70vKuLKbqFmOHy251p/LesuN4q6BoPfJyrlb83qGRV8Zi
EkyzRZaY4trbusVPshTxei0pLPix7LOu8sHRSqU4TIyQLQWCoahfx+kM+r0a1hkx
oSRy1nV8WTX3kbY0zwnT7QcG0eBpadH0WGD5/Uy1raisfF26cuoesoUylfgPCrJ5
siGZHjVbqixUooG/KlI94XyUrAp/xQ71kq8d6UMAuqy6HGi9FBLl7v5ZWdRzGh7I
ffAO3Te3hJMR5SItjVYYQaJ5PfhAZzkbS6HNXiZo1EeWx+3VjVzFSaJLaKZcLuf9
AnGTXbqMsdJ0yVHneg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:28:48 2025 by rpki-client