Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
File: 9Ma33VF1vo23oFIvfU5BxcQsayk.cer (raw, json)
Hash identifier: /m994rlMTug0tpXZdd1Rotrp5dMjDob89ACIy4In3fQ=
Subject key identifier: F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7AC949A5DD36354619DAD6E47FB68D77
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 18:19:30 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 212136
IP: 5.172.178.0/24
IP: 5.181.12.0/24
IP: 81.22.46.0/23
IP: 91.214.116.0/24
IP: 176.56.32.0/24
IP: 176.111.174.0/24
IP: 185.122.204.0/24
IP: 185.198.69.0/24
IP: 185.228.248.0/24
IP: 185.234.216.0/24
IP: 185.247.187.0/24
IP: 194.31.9.0/24
IP: 213.232.254.0/24
IP: 2a10:aa80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c9:49:a5:dd:36:35:46:19:da:d6:e4:7f:b6:8d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:19:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:11:fa:33:c8:fb:e1:4b:1e:8e:41:e6:bd:
cd:10:a8:bd:a3:52:e5:08:a1:aa:a9:f0:1b:8e:ef:
ec:35:a6:4b:93:88:99:88:f1:61:ff:f1:90:45:7a:
33:29:8b:6c:c3:bc:09:81:1d:be:56:96:ef:a9:eb:
f0:c1:ba:85:aa:ba:fe:72:45:e3:b3:da:33:a9:ac:
09:fe:9b:96:3f:e0:b7:bb:3a:68:27:c1:59:9a:ac:
f8:6d:ea:58:63:f8:37:fe:c0:01:d3:6e:72:f6:5c:
74:8b:ec:44:4b:db:7b:be:cc:bd:00:fa:26:f3:c6:
55:8b:56:9f:23:5a:62:e6:2d:d0:f6:ea:8d:b5:2f:
d0:f8:2a:30:61:71:5f:53:02:01:c8:55:31:d0:4d:
b5:0d:04:4f:58:56:c7:3a:30:4a:c4:47:94:7b:3d:
f7:7e:13:30:16:46:3b:cc:bf:64:4d:12:c0:b0:57:
a5:57:b6:21:9c:85:38:93:a2:75:ce:e5:75:c3:10:
81:77:ce:de:a8:24:17:51:e7:b3:4f:ae:13:d9:f6:
09:e8:3a:03:f9:a3:60:a2:b5:57:74:d3:2a:75:4b:
21:7e:b0:55:2d:49:d5:6b:4d:ed:45:2c:4c:ce:e6:
ea:f1:62:90:c1:b7:bf:12:84:f3:78:d6:d0:74:a1:
a0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.178.0/24
5.181.12.0/24
81.22.46.0/23
91.214.116.0/24
176.56.32.0/24
176.111.174.0/24
185.122.204.0/24
185.198.69.0/24
185.228.248.0/24
185.234.216.0/24
185.247.187.0/24
194.31.9.0/24
213.232.254.0/24
IPv6:
2a10:aa80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212136
Signature Algorithm: sha256WithRSAEncryption
7f:45:0e:53:74:71:9a:42:6c:a0:d1:54:6f:09:00:fd:e1:ff:
71:33:f7:92:11:d1:64:f9:48:ac:a6:dc:25:a7:62:9a:3d:81:
bb:95:e8:2e:6d:f2:8d:05:af:4e:44:29:4d:7b:03:60:2b:44:
f8:89:e8:e4:e3:64:00:46:c8:3e:f6:13:e6:2a:15:c0:5a:0e:
0a:ca:3d:6a:fa:f1:e5:6f:2d:05:b8:0b:64:3a:24:b9:b2:01:
77:63:4c:1a:fc:a2:db:03:38:24:e4:31:5e:61:80:21:ef:1b:
68:87:87:3d:b7:ea:01:93:51:9d:f7:de:52:7a:27:ae:26:d8:
cf:a1:af:0b:45:de:5a:ae:88:2e:83:30:7f:a9:03:74:e0:df:
3a:43:b7:fd:7c:50:c8:6f:34:06:23:6a:c1:aa:a1:47:38:e3:
6f:2d:18:8e:1f:c9:8f:a9:fd:fe:f1:89:7e:80:d5:84:e6:a9:
c7:e4:f2:fe:d3:dd:9c:df:d9:06:e5:1c:d1:b6:47:a7:5e:76:
af:4d:85:0d:ca:92:96:a8:08:f6:ff:54:8b:03:28:e1:ec:d3:
e1:02:e8:ba:46:23:9e:6a:4d:d5:dc:d3:33:87:c7:39:d3:fd:
ee:14:09:e1:0b:e7:dd:6e:3b:44:e9:d2:46:51:8c:3c:d9:94:
88:20:8f:76
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZt6yUml3TY1Rhna1uR/to13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTgxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM2YjdkZDUxNzViZThkYjdhMDUyMmY3ZDRlNDFjNWM0MmM2YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwwR+jPI++FLHo5B5r3NEKi9o1Ll
CKGqqfAbju/sNaZLk4iZiPFh//GQRXozKYtsw7wJgR2+VpbvqevwwbqFqrr+ckXj
s9ozqawJ/puWP+C3uzpoJ8FZmqz4bepYY/g3/sAB025y9lx0i+xES9t7vsy9APom
88ZVi1afI1pi5i3Q9uqNtS/Q+CowYXFfUwIByFUx0E21DQRPWFbHOjBKxEeUez33
fhMwFkY7zL9kTRLAsFelV7YhnIU4k6J1zuV1wxCBd87eqCQXUeezT64T2fYJ6DoD
+aNgorVXdNMqdUshfrBVLUnVa03tRSxMzubq8WKQwbe/EoTzeNbQdKGghQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFPTGt91Rdb6Nt6BSL31OQcXELGspMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZhL2M1Zjcx
NC00NzJjLTQ4NTYtYWE0Yi05YjIxYjZmNjY3OWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvYzVmNzE0
LTQ3MmMtNDg1Ni1hYTRiLTliMjFiNmY2Njc5YS8xLzlNYTMzVkYxdm8yM29GSXZm
VTVCeGNRc2F5ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHYGCCsGAQUF
BwEHAQH/BGcwZTBUBAIAATBOAwQABayyAwQABbUMAwQBURYuAwQAW9Z0AwQAsDgg
AwQAsG+uAwQAuXrMAwQAucZFAwQAueT4AwQAuerYAwQAufe7AwQAwh8JAwQA1ej+
MA0EAgACMAcDBQMqEKqAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwM8qDANBgkq
hkiG9w0BAQsFAAOCAQEAf0UOU3RxmkJsoNFUbwkA/eH/cTP3khHRZPlIrKbcJadi
mj2Bu5XoLm3yjQWvTkQpTXsDYCtE+Ino5ONkAEbIPvYT5ioVwFoOCso9avrx5W8t
BbgLZDokubIBd2NMGvyi2wM4JOQxXmGAIe8baIeHPbfqAZNRnffeUnonribYz6Gv
C0XeWq6ILoMwf6kDdODfOkO3/XxQyG80BiNqwaqhRzjjby0Yjh/Jj6n9/vGJfoDV
hOapx+Ty/tPdnN/ZBuUc0bZHp152r02FDcqSlqgI9v9UiwMo4ezT4QLoukYjnmpN
1dzTM4fHOdP97hQJ4Qvn3W47ROnSRlGMPNmUiCCPdg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:08:25 2026 by rpki-client