Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
File: 7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer (raw, json)
Hash identifier: C2e3StJAiiOLZGndFsF9fUme3BepG+BJOQC+pO0X/4E=
Subject key identifier: EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7BA4ED1C849A641C8A7474910297A681
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 22:19:24 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 201922
AS: 207167
AS: 208143
AS: 211085
IP: 85.209.28.0/22
IP: 91.198.87.0/24
IP: 185.59.144.0/22
IP: 185.179.32.0/22
IP: 185.234.132.0/22
IP: 2a02:6c20::/32
IP: 2a0a:7780::/29
IP: 2a10:d4c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a4:ed:1c:84:9a:64:1c:8a:74:74:91:02:97:a6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:19:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:46:92:f3:91:7b:ae:6e:8c:c0:a2:72:a6:a5:
a6:f1:19:4e:15:c0:8e:c1:69:b4:f2:6a:2b:95:25:
9e:20:52:0d:66:56:dc:ac:7b:34:3d:e3:72:d3:19:
7b:92:e1:c3:cb:99:84:a5:9c:9b:92:db:38:70:55:
1b:f5:24:51:2d:41:46:a8:5d:d2:12:bf:5a:8c:1c:
95:9e:4f:07:fe:bf:0f:f7:db:a3:ac:06:9a:24:eb:
48:b8:cf:57:95:16:6e:2c:94:5d:9a:d0:83:84:04:
15:7b:e9:ba:c3:11:38:4b:aa:75:bc:91:5f:a7:e8:
dc:7f:43:29:a4:43:10:8d:3f:f2:9f:de:6a:97:56:
fd:84:41:43:bd:b4:14:13:5a:66:91:40:2d:8c:c1:
1e:98:1d:3b:4a:7e:fd:74:40:84:8e:92:04:53:27:
5e:ae:4e:65:98:8f:4a:f6:24:d3:93:e1:fe:0a:4a:
be:b3:bb:55:71:d3:0d:0d:34:f1:9f:cf:98:7c:15:
11:01:d9:38:f9:ba:de:17:3d:ce:59:c4:33:b1:78:
65:a5:4f:4a:c4:26:37:90:db:ac:66:a7:b6:a7:ba:
bd:3a:3c:41:d2:e8:a2:6d:82:64:58:a7:cf:5a:6d:
39:3a:af:30:bb:a0:cf:99:3e:42:8f:2c:61:96:b2:
05:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.28.0/22
91.198.87.0/24
185.59.144.0/22
185.179.32.0/22
185.234.132.0/22
IPv6:
2a02:6c20::/32
2a0a:7780::/29
2a10:d4c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201922
207167
208143
211085
Signature Algorithm: sha256WithRSAEncryption
74:1d:c6:29:f5:30:0d:35:c4:07:72:24:26:b8:3f:1e:36:02:
84:9b:c1:6f:09:c1:58:9c:f9:d6:58:e6:e6:64:21:15:3e:b2:
a7:01:10:0e:c9:5f:3f:58:ae:96:23:72:e7:db:4e:ca:79:55:
f9:ff:0d:af:fe:9f:5b:07:ec:5d:d3:db:52:81:e5:bc:b1:c3:
4a:42:d8:4c:96:70:f0:1a:34:eb:ca:61:bd:bf:d9:7a:f6:d8:
41:19:56:f0:57:0d:3b:6c:79:a8:29:18:a0:3b:2b:f9:6c:88:
0c:77:f6:16:5c:9b:dd:87:40:4a:50:f3:86:da:83:b8:8c:ea:
6c:3a:52:dd:97:16:3b:af:65:aa:1e:4d:40:b4:1c:be:a3:ea:
e2:3e:c5:4b:95:42:44:c3:76:7d:35:a5:2c:35:4f:2c:54:41:
d7:64:f5:5b:72:d1:f4:96:6b:bf:5d:1c:6a:52:96:a8:83:18:
e6:60:af:4a:d6:f1:c9:26:ba:ff:d7:d2:4d:dc:b0:a9:cd:ad:
6e:fa:f4:1e:7a:b4:62:2c:de:1d:0b:52:87:ea:09:05:ba:f4:
2e:77:2e:20:e5:2a:0c:2c:e5:55:e8:0a:78:82:da:56:fa:52:
ba:fd:9a:c0:89:83:e8:dc:d3:84:a6:df:9c:e5:f4:93:60:a6:
db:0a:88:1e
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZt7pO0chJpkHIp0dJECl6aBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjIxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWI1OWI3OTFjN2ExMWQyMzJhOTVjN2VmMTY5Mjg1Y2FlYTY5NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EaS85F7rm6MwKJypqWm8RlOFcCO
wWm08morlSWeIFINZlbcrHs0PeNy0xl7kuHDy5mEpZybkts4cFUb9SRRLUFGqF3S
Er9ajByVnk8H/r8P99ujrAaaJOtIuM9XlRZuLJRdmtCDhAQVe+m6wxE4S6p1vJFf
p+jcf0MppEMQjT/yn95ql1b9hEFDvbQUE1pmkUAtjMEemB07Sn79dECEjpIEUyde
rk5lmI9K9iTTk+H+Ckq+s7tVcdMNDTTxn8+YfBURAdk4+breFz3OWcQzsXhlpU9K
xCY3kNusZqe2p7q9OjxB0uiibYJkWKfPWm05Oq8wu6DPmT5CjyxhlrIFtwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFO61m3kcehHSMqlcfvFpKFyuppW8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5L2VmZmY3
MS03ZDExLTRhMWEtOGFkMy1hNjdkOGM3ZWQ3Y2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvZWZmZjcx
LTdkMTEtNGExYS04YWQzLWE2N2Q4YzdlZDdjYS8xLzdyV2JlUng2RWRJeXFWeC04
V2tvWEs2bWxidy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUF
BwEHAQH/BEUwQzAkBAIAATAeAwQCVdEcAwQAW8ZXAwQCuTuQAwQCubMgAwQCueqE
MBsEAgACMBUDBQAqAmwgAwUDKgp3gAMFAyoQ1MAwKQYIKwYBBQUHAQgBAf8EGjAY
oBYwFAIDAxTCAgMDKT8CAwMtDwIDAziNMA0GCSqGSIb3DQEBCwUAA4IBAQB0HcYp
9TANNcQHciQmuD8eNgKEm8FvCcFYnPnWWObmZCEVPrKnARAOyV8/WK6WI3Ln207K
eVX5/w2v/p9bB+xd09tSgeW8scNKQthMlnDwGjTrymG9v9l69thBGVbwVw07bHmo
KRigOyv5bIgMd/YWXJvdh0BKUPOG2oO4jOpsOlLdlxY7r2WqHk1AtBy+o+riPsVL
lUJEw3Z9NaUsNU8sVEHXZPVbctH0lmu/XRxqUpaogxjmYK9K1vHJJrr/19JN3LCp
za1u+vQeerRiLN4dC1KH6gkFuvQudy4g5SoMLOVV6Ap4gtpW+lK6/ZrAiYPo3NOE
pt+c5fSTYKbbCoge
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:41:34 2026 by rpki-client