Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
File: 9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer (raw, json)
Hash identifier: 0O6R9+S5DKZw+mSzUyKcrieYs9vW5We5meA3lTf+s/k=
Subject key identifier: F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0197A6BE0BF6F97DB764F4974D5F31DFA4C2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 25 Jun 2025 10:59:22 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 205051
IP: 45.142.168.0/22
IP: 91.205.80.0/22
IP: 185.25.232.0/24
IP: 185.231.208.0/22
IP: 2a0c:8100::/29
IP: 2a0e:dac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:be:0b:f6:f9:7d:b7:64:f4:97:4d:5f:31:df:a4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 25 10:59:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0a:f1:d1:84:c4:71:59:d1:85:91:6a:07:7a:
fa:c4:b3:d0:d5:c6:dc:47:3d:54:e1:26:b4:76:c5:
04:4f:06:80:78:b2:f2:c9:b5:99:d8:3c:f3:fc:cd:
e4:e6:55:24:06:e2:59:c9:ef:c0:56:aa:df:d9:6d:
5f:77:f5:3c:df:21:fa:ca:39:bd:9d:89:e6:c4:ec:
6d:45:2e:b5:0b:b0:e1:7c:fb:a5:1e:cc:72:4b:7d:
80:09:74:f9:87:ca:9d:04:29:7d:9b:c9:6b:62:ef:
e2:e7:a3:c4:84:49:39:49:13:dc:ff:9b:b4:e7:ab:
8a:02:a1:c2:5d:a7:9f:17:86:8f:ae:e1:37:63:55:
13:48:66:8c:ad:bb:a2:b9:b2:3f:98:2a:a9:62:9f:
96:f8:49:da:9b:da:2b:ed:2a:c2:d2:4e:54:9a:94:
99:e6:db:b6:64:ae:5f:48:32:9c:38:c4:7c:fa:45:
3f:25:f5:78:e5:61:54:7d:35:8d:ba:e4:57:61:5c:
7d:fa:91:9d:b1:44:55:ba:b4:e7:5e:93:4b:26:17:
0c:81:93:b2:f9:b1:a5:97:0b:8a:11:25:38:b4:c1:
02:f9:ba:ae:d1:bd:34:e7:6a:42:af:17:cb:bf:39:
29:a5:eb:49:57:d2:76:d5:4b:c1:96:dd:a3:99:41:
82:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.168.0/22
91.205.80.0/22
185.25.232.0/24
185.231.208.0/22
IPv6:
2a0c:8100::/29
2a0e:dac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205051
Signature Algorithm: sha256WithRSAEncryption
aa:81:27:e5:8b:ce:09:3d:ce:d4:47:fc:b2:db:5e:32:b3:bf:
52:56:c4:79:ea:82:5b:72:d6:35:d4:fe:4a:76:c7:ba:88:58:
0a:29:88:0e:88:26:7b:09:50:c1:0c:de:04:bc:14:de:0a:65:
f8:e1:e6:28:89:57:35:52:3d:8b:4f:8c:b6:87:19:db:e4:ca:
ff:89:d6:bc:ec:0b:2f:d4:df:55:1c:7f:8e:b1:a2:12:a7:6a:
f7:b9:be:b1:12:73:a4:e5:0f:b4:ed:51:ea:e9:51:4c:d9:51:
d2:9e:78:e3:77:92:a9:1c:d5:47:2e:96:01:ff:9a:c4:ec:04:
94:47:7f:b4:16:5e:1d:de:0d:25:0c:0d:a3:8e:05:eb:83:3d:
f6:5d:79:9e:bb:86:60:ff:0f:d4:52:fd:a5:fa:02:54:0f:a4:
7d:7f:64:e6:3a:cd:8b:26:cc:8c:b7:83:7c:48:ef:a0:9c:0e:
83:34:58:df:20:85:64:c1:ce:35:64:67:6b:13:26:13:01:23:
9d:95:20:09:33:eb:57:69:78:86:af:45:87:2b:db:69:0e:c9:
6f:87:17:dd:c3:c2:49:76:1b:8d:b6:49:38:4d:c0:a9:20:53:
40:bf:21:ac:b3:bf:c5:a8:a0:d6:5b:5a:ca:01:f9:c7:f0:b3:
3b:50:01:d5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZemvgv2+X23ZPSXTV8x36TCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjI1MTA1OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU3YzAyMGNkYzIyYjY4ZGEyNmE0NjlmNmZmYTZiNDQ4MzcwZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgrx0YTEcVnRhZFqB3r6xLPQ1cbc
Rz1U4Sa0dsUETwaAeLLyybWZ2Dzz/M3k5lUkBuJZye/AVqrf2W1fd/U83yH6yjm9
nYnmxOxtRS61C7DhfPulHsxyS32ACXT5h8qdBCl9m8lrYu/i56PEhEk5SRPc/5u0
56uKAqHCXaefF4aPruE3Y1UTSGaMrbuiubI/mCqpYp+W+Enam9or7SrC0k5UmpSZ
5tu2ZK5fSDKcOMR8+kU/JfV45WFUfTWNuuRXYVx9+pGdsURVurTnXpNLJhcMgZOy
+bGllwuKESU4tMEC+bqu0b0052pCrxfLvzkppetJV9J21UvBlt2jmUGCbQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFPRXwCDNwito2iakafb/prRINw0dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmL2UwY2Iw
Ni1kZWNhLTQ5NWQtYWNjMC03YmFmZDQzZTc4NjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvZTBjYjA2
LWRlY2EtNDk1ZC1hY2MwLTdiYWZkNDNlNzg2Mi8xLzlGZkFJTTNDSzJqYUpxUnA5
di1tdEVnM0RSMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF
BwEHAQH/BDgwNjAeBAIAATAYAwQCLY6oAwQCW81QAwQAuRnoAwQCuefQMBQEAgAC
MA4DBQMqDIEAAwUDKg7awDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDIPswDQYJ
KoZIhvcNAQELBQADggEBAKqBJ+WLzgk9ztRH/LLbXjKzv1JWxHnqglty1jXU/kp2
x7qIWAopiA6IJnsJUMEM3gS8FN4KZfjh5iiJVzVSPYtPjLaHGdvkyv+J1rzsCy/U
31Ucf46xohKnave5vrESc6TlD7TtUerpUUzZUdKeeON3kqkc1UculgH/msTsBJRH
f7QWXh3eDSUMDaOOBeuDPfZdeZ67hmD/D9RS/aX6AlQPpH1/ZOY6zYsmzIy3g3xI
76CcDoM0WN8ghWTBzjVkZ2sTJhMBI52VIAkz61dpeIavRYcr22kOyW+HF93Dwkl2
G422SThNwKkgU0C/Iayzv8WooNZbWsoB+cfwsztQAdU=
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:02:23 2025 by rpki-client