Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8fXgGBxLuuXAkKsVnQZWLxMi4ng.cer
File: 8fXgGBxLuuXAkKsVnQZWLxMi4ng.cer (raw, json)
Hash identifier: iIKigeIgcUfzYMaG4VvONjxmijqHc6x2/R8EBCNIWK0=
Subject key identifier: F1:F5:E0:18:1C:4B:BA:E5:C0:90:AB:15:9D:06:56:2F:13:22:E2:78
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B76EB6D57B4D8AE9761E61F42586A20FA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/8fXgGBxLuuXAkKsVnQZWLxMi4ng.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 00:18:19 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 43734
IP: 78.24.240.0/21
IP: 109.235.80.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:76:eb:6d:57:b4:d8:ae:97:61:e6:1f:42:58:6a:20:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:18:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f1f5e0181c4bbae5c090ab159d06562f1322e278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0f:d0:ea:28:fd:ab:fc:a9:71:09:e5:31:24:
00:a2:e8:f6:76:33:1b:e2:13:6a:5f:ac:d1:3f:4c:
9c:69:d7:6f:70:04:d3:fe:2f:be:3e:b2:39:1b:6c:
e1:7a:a5:b8:f9:56:b7:e6:54:d3:1e:30:06:79:0b:
7c:26:60:b3:95:97:79:b5:c6:70:69:45:b4:9a:6c:
c4:4e:03:78:68:3a:68:cc:dc:e1:56:cd:71:28:12:
bb:cc:77:f0:04:18:f0:f1:1a:b3:0c:4e:52:b8:5d:
4a:08:b3:84:bb:9b:3a:ea:a6:95:7c:8b:43:d1:bc:
f5:53:53:70:87:be:f0:75:df:4c:f0:4f:fe:ec:03:
85:9b:13:3b:74:bd:23:c3:1b:dd:e7:7e:c2:4d:96:
e8:0d:51:c5:71:37:7b:02:4c:64:00:4b:be:8b:04:
3e:24:6f:74:1b:f1:f0:f9:66:54:9e:01:61:f7:6c:
63:fa:57:af:dd:f4:8e:ae:eb:be:d2:3e:18:a6:58:
26:96:3c:12:b3:90:25:de:5b:91:99:73:58:53:0f:
b4:02:ff:6f:57:c2:9b:9d:6e:af:ba:e4:c3:1e:1c:
24:ed:c1:25:d4:40:90:8a:1f:e4:08:84:ea:17:4b:
a1:7d:52:dd:8a:fe:83:b0:0c:3f:61:ce:b1:85:96:
bb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F5:E0:18:1C:4B:BA:E5:C0:90:AB:15:9D:06:56:2F:13:22:E2:78
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/8fXgGBxLuuXAkKsVnQZWLxMi4ng.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.240.0/21
109.235.80.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43734
Signature Algorithm: sha256WithRSAEncryption
10:96:8f:88:f0:01:aa:11:95:ba:af:74:00:d8:3c:71:00:06:
73:c2:2b:03:b2:d7:31:6e:80:d2:20:45:f1:2c:de:b3:37:ba:
10:e8:f2:57:02:16:6f:19:e4:01:cf:f3:38:e1:9b:6b:16:c3:
ac:f1:0e:ab:97:80:a3:bf:ea:14:c1:6b:db:21:10:1a:ef:e4:
65:7c:99:30:a0:8a:79:bf:15:26:a8:0c:a2:ee:12:12:98:5a:
d5:bb:51:46:1a:0f:5b:22:d3:4f:fd:e9:40:5f:e0:84:fe:a8:
fe:ba:08:17:c6:80:80:ca:19:6d:e6:90:7f:bb:fa:d1:f0:3c:
5d:43:79:35:4b:d8:66:89:5a:71:db:cd:f4:ef:90:af:ff:63:
27:34:56:59:d8:72:d9:9e:7d:a1:f7:b8:38:9c:38:2e:9d:7b:
ff:27:2a:bd:0d:1b:18:67:f3:98:4e:9a:12:9e:2b:18:3e:7b:
55:22:1b:a7:38:7a:f0:83:83:55:a7:2b:a4:cf:94:5c:5e:6d:
e6:94:87:09:07:0d:ec:20:fb:bc:87:9d:f8:c0:24:f9:02:d7:
cb:bc:d2:e0:ab:ca:c2:20:48:8f:f7:8e:2e:40:bf:5c:1f:db:
69:e8:73:77:f1:7e:c4:88:f0:73:35:64:b9:12:a0:1f:d7:45:
be:6e:48:15
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZt2621XtNiul2HmH0JYaiD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWY1ZTAxODFjNGJiYWU1YzA5MGFiMTU5ZDA2NTYyZjEzMjJlMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg/Q6ij9q/ypcQnlMSQAouj2djMb
4hNqX6zRP0ycaddvcATT/i++PrI5G2zheqW4+Va35lTTHjAGeQt8JmCzlZd5tcZw
aUW0mmzETgN4aDpozNzhVs1xKBK7zHfwBBjw8RqzDE5SuF1KCLOEu5s66qaVfItD
0bz1U1Nwh77wdd9M8E/+7AOFmxM7dL0jwxvd537CTZboDVHFcTd7AkxkAEu+iwQ+
JG90G/Hw+WZUngFh92xj+lev3fSOruu+0j4YplgmljwSs5Al3luRmXNYUw+0Av9v
V8KbnW6vuuTDHhwk7cEl1ECQih/kCITqF0uhfVLdiv6DsAw/Yc6xhZa7hwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFPH14BgcS7rlwJCrFZ0GVi8TIuJ4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVjLzI5NDY4
My01NzQ3LTRlYTEtYjc3Yy05YmViZjdkY2MxYTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMvMjk0Njgz
LTU3NDctNGVhMS1iNzdjLTliZWJmN2RjYzFhNi8xLzhmWGdHQnhMdXVYQWtLc1Zu
UVpXTHhNaTRuZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDThjwAwQDbetQMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCq1jANBgkqhkiG9w0BAQsFAAOCAQEAEJaPiPABqhGVuq90ANg8cQAG
c8IrA7LXMW6A0iBF8Szesze6EOjyVwIWbxnkAc/zOOGbaxbDrPEOq5eAo7/qFMFr
2yEQGu/kZXyZMKCKeb8VJqgMou4SEpha1btRRhoPWyLTT/3pQF/ghP6o/roIF8aA
gMoZbeaQf7v60fA8XUN5NUvYZolacdvN9O+Qr/9jJzRWWdhy2Z59ofe4OJw4Lp17
/ycqvQ0bGGfzmE6aEp4rGD57VSIbpzh68IODVacrpM+UXF5t5pSHCQcN7CD7vIed
+MAk+QLXy7zS4KvKwiBIj/eOLkC/XB/baehzd/F+xIjwczVkuRKgH9dFvm5IFQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:10:31 2026 by rpki-client