Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5ADgGnlalXLPsazYWWya0zxhJlk.cer
File: 5ADgGnlalXLPsazYWWya0zxhJlk.cer (raw, json)
Hash identifier: JZo1Pk4KWHWaqssDGitDSn61qjb9ryUB+4ELOUKsRjA=
Subject key identifier: E4:00:E0:1A:79:5A:95:72:CF:B1:AC:D8:59:6C:9A:D3:3C:61:26:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7D5BEA327AEA17BF40B2ACA1F76E6935
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/5ADgGnlalXLPsazYWWya0zxhJlk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 06:18:54 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 35656
IP: 87.236.232.0/21
IP: 185.200.128.0/22
IP: 2a04:6200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5b:ea:32:7a:ea:17:bf:40:b2:ac:a1:f7:6e:69:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:18:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e400e01a795a9572cfb1acd8596c9ad33c612659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:27:d9:e8:6d:43:55:87:43:51:d3:c5:da:58:
c2:cf:e6:24:e4:22:e2:b0:27:ee:08:78:9e:ec:aa:
ae:c2:f5:f2:4b:93:ee:6f:c0:4f:3a:cb:6c:93:e5:
9b:3c:ab:3f:71:56:e7:99:8b:3b:10:53:7c:fc:14:
e1:68:34:f3:40:20:6e:78:82:12:df:a5:9c:a8:09:
2d:c8:7d:30:67:3b:30:cf:f1:13:35:f8:5a:76:c1:
b6:a3:4b:d0:21:60:c2:db:90:93:b0:90:d6:cc:87:
ed:14:b7:d5:67:82:b0:f1:12:78:9d:6d:49:43:cd:
f4:59:31:20:a6:ad:6c:24:f9:f4:93:62:bc:f3:a5:
be:73:1d:ae:ad:2a:87:01:69:fa:83:44:84:18:5f:
54:c0:af:f3:cc:a7:43:7d:cf:6b:7d:ea:9a:79:4a:
61:8f:54:e0:83:75:8f:4f:d6:37:f6:84:76:59:2c:
c2:bd:3f:6b:7d:38:c2:27:c5:f2:4e:9c:cb:d4:23:
2d:d4:ff:e6:4f:bd:6d:27:b4:01:56:f8:4d:1c:b3:
e3:53:cb:49:5a:e2:29:f9:88:01:6a:30:eb:9a:3c:
eb:de:08:b0:20:15:15:b7:ad:68:a5:8a:90:d8:02:
c7:2a:d0:8f:03:db:9e:87:75:9c:75:06:49:ed:64:
0c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:00:E0:1A:79:5A:95:72:CF:B1:AC:D8:59:6C:9A:D3:3C:61:26:59
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aed261-93bc-4b0f-95f9-0c3eb1a0dd80/1/5ADgGnlalXLPsazYWWya0zxhJlk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.232.0/21
185.200.128.0/22
IPv6:
2a04:6200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35656
Signature Algorithm: sha256WithRSAEncryption
a9:b3:34:55:6d:9b:09:6a:87:e4:df:6a:06:66:71:2c:16:b6:
2a:8c:98:d6:c0:67:ef:49:6d:96:37:53:0b:29:1e:ab:96:0b:
6e:e7:78:bc:fe:c3:cd:77:bd:0e:9b:3d:16:95:b7:32:6d:ad:
ba:1c:9a:7a:74:31:6a:06:52:2c:aa:11:09:06:2a:f5:32:88:
35:e5:63:10:e7:1a:58:d8:2d:b6:97:bc:8e:08:00:aa:77:53:
0a:ed:e4:27:6f:5b:f7:b3:27:53:44:f7:3e:43:4b:d5:7d:ff:
86:a0:3b:61:f1:50:80:15:75:e7:00:82:b3:0b:3c:75:fb:a2:
c5:e7:47:b1:55:f2:5c:1f:1c:59:1d:24:e3:b6:a5:92:fa:01:
03:c1:ed:a0:c9:d2:30:a7:d0:60:05:13:0a:49:dc:de:4d:f3:
34:3a:f6:d2:c3:61:aa:d3:38:8c:bf:a2:cb:d5:ee:da:a7:2a:
c5:85:1b:3f:9f:1d:e8:d9:5a:d4:c6:db:14:49:a9:fa:cc:7f:
7e:13:5b:77:fe:74:5a:1c:88:12:e9:ed:25:58:b1:75:26:2e:
11:5e:66:2d:d6:11:d0:63:80:15:ee:b7:24:a1:31:ff:37:39:
61:f8:52:a4:ca:22:26:7e:38:1d:cd:0c:d1:8a:83:97:39:1f:
66:2b:30:8d
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZt9W+oyeuoXv0CyrKH3bmk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDYxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDAwZTAxYTc5NWE5NTcyY2ZiMWFjZDg1OTZjOWFkMzNjNjEyNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSfZ6G1DVYdDUdPF2ljCz+Yk5CLi
sCfuCHie7KquwvXyS5Pub8BPOstsk+WbPKs/cVbnmYs7EFN8/BThaDTzQCBueIIS
36WcqAktyH0wZzswz/ETNfhadsG2o0vQIWDC25CTsJDWzIftFLfVZ4Kw8RJ4nW1J
Q830WTEgpq1sJPn0k2K886W+cx2urSqHAWn6g0SEGF9UwK/zzKdDfc9rfeqaeUph
j1Tgg3WPT9Y39oR2WSzCvT9rfTjCJ8XyTpzL1CMt1P/mT71tJ7QBVvhNHLPjU8tJ
WuIp+YgBajDrmjzr3giwIBUVt61opYqQ2ALHKtCPA9ueh3WcdQZJ7WQMrwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFOQA4Bp5WpVyz7Gs2FlsmtM8YSZZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyL2FlZDI2
MS05M2JjLTRiMGYtOTVmOS0wYzNlYjFhMGRkODAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvYWVkMjYx
LTkzYmMtNGIwZi05NWY5LTBjM2ViMWEwZGQ4MC8xLzVBRGdHbmxhbFhMUHNhellX
V3lhMHp4aEpsay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDV+zoAwQCuciAMA0EAgACMAcDBQMqBGIAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCLSDANBgkqhkiG9w0BAQsFAAOCAQEAqbM0
VW2bCWqH5N9qBmZxLBa2KoyY1sBn70ltljdTCykeq5YLbud4vP7DzXe9Dps9FpW3
Mm2tuhyaenQxagZSLKoRCQYq9TKINeVjEOcaWNgttpe8jggAqndTCu3kJ29b97Mn
U0T3PkNL1X3/hqA7YfFQgBV15wCCsws8dfuixedHsVXyXB8cWR0k47alkvoBA8Ht
oMnSMKfQYAUTCknc3k3zNDr20sNhqtM4jL+iy9Xu2qcqxYUbP58d6Nla1MbbFEmp
+sx/fhNbd/50WhyIEuntJVixdSYuEV5mLdYR0GOAFe63JKEx/zc5YfhSpMoiJn44
Hc0M0YqDlzkfZiswjQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:19:04 2026 by rpki-client