Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
File: 5cfDmlkS3cIen2tRmJZyV2ISeDM.cer (raw, json)
Hash identifier: +gHHEYpPnxeh+n9pqSwIRvLAR+hipBMdVXLPGBpmguM=
Subject key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7834FB45FB320F4E7E5E644CD53EBB54
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 06:18:16 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 60765
AS: 196640
IP: 185.25.168.0/22
IP: 185.162.152.0/22
IP: 188.65.184.0/21
IP: 195.72.36.0/22
IP: 2a00:5280::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:34:fb:45:fb:32:0f:4e:7e:5e:64:4c:d5:3e:bb:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:18:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5c7c39a5912ddc21e9f6b519896725762127833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d0:05:8f:41:e3:8d:fe:f6:e6:e6:9a:87:64:
a0:cb:2b:bf:b1:6b:df:e5:69:3a:1b:ae:b5:77:f5:
c9:a8:5d:d8:ef:8e:b3:b6:c7:1c:55:83:a6:1b:fd:
56:3b:c5:b4:cf:4b:a8:3b:cf:b2:3b:8b:51:30:51:
46:32:25:c5:aa:d1:a2:c7:22:1c:d4:d3:64:e9:40:
e1:d2:94:04:75:92:7d:b1:3c:32:38:38:a1:92:fa:
cd:9d:2a:ed:3c:61:46:7b:f8:2f:a3:d4:7b:e2:a1:
ba:16:4b:e4:cf:74:a5:dd:af:bb:90:8c:84:74:d8:
69:28:7d:da:bb:41:47:07:3a:a3:e4:38:30:93:ef:
3f:29:df:02:99:de:91:7d:7b:78:01:5a:65:42:37:
26:8f:27:d3:85:1a:7c:40:6d:ff:eb:d8:26:d4:dc:
e6:83:ae:a7:c8:3b:54:d0:3b:98:98:e6:21:17:a7:
d6:0f:46:61:58:2b:a7:25:06:37:8d:c1:e3:a4:7d:
26:f9:cc:48:0b:b3:32:72:0e:ce:f5:61:8c:aa:0e:
63:23:40:7e:bf:d9:63:4d:05:3c:a0:1e:63:0a:4d:
a0:34:84:9d:76:55:ad:3f:86:e1:50:18:d7:c0:db:
6c:7b:55:98:44:3c:0d:e1:4b:ac:2a:fd:6d:8a:a9:
43:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.168.0/22
185.162.152.0/22
188.65.184.0/21
195.72.36.0/22
IPv6:
2a00:5280::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60765
196640
Signature Algorithm: sha256WithRSAEncryption
31:84:3c:00:26:67:68:f1:b6:c9:ef:2a:1f:b6:a4:60:1b:7a:
eb:79:97:41:7d:44:49:a5:3c:1c:a7:5f:70:92:99:73:c6:e4:
42:2b:27:77:6e:93:45:f8:84:6f:27:89:bb:71:75:72:d3:8a:
35:ef:df:fa:eb:56:e2:67:24:b4:7a:4e:30:2c:67:43:29:2c:
69:05:a1:ae:c9:c7:6e:e9:24:ad:d9:02:38:55:89:df:06:1b:
9e:eb:3c:c9:8b:c0:4b:eb:04:c7:78:7d:af:de:c2:2e:2a:41:
4f:4b:c6:38:da:c9:c7:5a:e4:51:3a:4e:56:12:99:c0:10:a9:
77:00:94:87:72:b2:e3:be:3a:90:6f:10:a8:3e:34:92:c8:4f:
c9:4e:4e:43:85:c4:a1:b2:e2:95:c3:db:fb:fd:3c:93:f0:8a:
23:98:86:f6:12:5f:b9:9a:3c:bc:38:76:a8:72:1e:71:f8:3d:
2f:90:74:cf:d7:20:31:8c:d7:55:9f:d5:64:5c:a6:96:b7:d9:
83:93:dd:ca:89:0a:83:83:ef:31:a8:d4:1b:ee:11:fa:fb:61:
ed:ef:b3:d3:1c:4f:cc:c6:9d:32:2f:a0:d1:8f:c7:5f:19:22:
c2:74:fe:5b:4d:06:96:1d:00:69:73:c0:1b:60:9a:57:6f:ea:
bb:72:d4:f8
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZt4NPtF+zIPTn5eZEzVPrtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDYxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM3YzM5YTU5MTJkZGMyMWU5ZjZiNTE5ODk2NzI1NzYyMTI3ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tAFj0Hjjf725uaah2Sgyyu/sWvf
5Wk6G661d/XJqF3Y746ztsccVYOmG/1WO8W0z0uoO8+yO4tRMFFGMiXFqtGixyIc
1NNk6UDh0pQEdZJ9sTwyODihkvrNnSrtPGFGe/gvo9R74qG6Fkvkz3Sl3a+7kIyE
dNhpKH3au0FHBzqj5Dgwk+8/Kd8Cmd6RfXt4AVplQjcmjyfThRp8QG3/69gm1Nzm
g66nyDtU0DuYmOYhF6fWD0ZhWCunJQY3jcHjpH0m+cxIC7Mycg7O9WGMqg5jI0B+
v9ljTQU8oB5jCk2gNISddlWtP4bhUBjXwNtse1WYRDwN4UusKv1tiqlDGwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFOXHw5pZEt3CHp9rUZiWcldiEngzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1LzEwYWY4
My0wOGY1LTQ5MTktYmExZC0zOGY4NjRhMzRiNzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvMTBhZjgz
LTA4ZjUtNDkxOS1iYTFkLTM4Zjg2NGEzNGI3OC8xLzVjZkRtbGtTM2NJZW4ydFJt
Slp5VjJJU2VETS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQCuRmoAwQCuaKYAwQDvEG4AwQCw0gkMA0EAgAC
MAcDBQAqAFKAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDtXQIDAwAgMA0GCSqG
SIb3DQEBCwUAA4IBAQAxhDwAJmdo8bbJ7yoftqRgG3rreZdBfURJpTwcp19wkplz
xuRCKyd3bpNF+IRvJ4m7cXVy04o179/661biZyS0ek4wLGdDKSxpBaGuycdu6SSt
2QI4VYnfBhue6zzJi8BL6wTHeH2v3sIuKkFPS8Y42snHWuRROk5WEpnAEKl3AJSH
crLjvjqQbxCoPjSSyE/JTk5DhcShsuKVw9v7/TyT8IojmIb2El+5mjy8OHaoch5x
+D0vkHTP1yAxjNdVn9VkXKaWt9mDk93KiQqDg+8xqNQb7hH6+2Ht77PTHE/Mxp0y
L6DRj8dfGSLCdP5bTQaWHQBpc8AbYJpXb+q7ctT4
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:55:56 2026 by rpki-client