Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer
File: AA0P7izVZpZcoI21UGY8sgtBI0M.cer (raw, json)
Hash identifier: QMUoSkmuXID9GQfOsnNQ80FTEAmTUFLn+Kw0Yh1OE+A=
Subject key identifier: 00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7F1572D4C49390E6F88AE67AA5AA08D5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 14:21:10 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 205750
AS: 208623
AS: 214214
IP: 83.138.16.0/21
IP: 194.32.216.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:15:72:d4:c4:93:90:e6:f8:8a:e6:7a:a5:aa:08:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:21:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=000d0fee2cd566965ca08db550663cb20b412343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e6:91:ef:07:7c:33:47:fe:95:be:d7:96:f7:
39:fb:cf:3f:57:cd:ae:76:97:43:82:a2:75:9b:e9:
a4:a8:22:8c:6a:4e:a9:5d:45:60:80:30:e6:15:e9:
38:47:0b:63:21:f5:48:c2:4f:86:02:ee:21:80:20:
1d:d2:82:83:78:32:6d:80:8f:fe:3b:e9:58:2e:3f:
20:35:46:14:5a:4b:61:9a:72:b6:a7:6a:be:30:47:
06:e2:a7:a5:de:16:4e:8d:dd:0b:19:8d:eb:9c:4f:
74:39:c6:92:46:6a:c9:4a:69:00:3d:b4:a3:c3:63:
f1:06:20:e3:b5:af:c5:c7:36:f3:6c:ce:ef:70:c0:
2c:4f:dc:45:b7:53:10:13:c6:71:b9:9f:b6:4d:2c:
df:dd:d4:6e:d7:87:0c:51:27:08:a9:e8:86:d6:6b:
89:60:70:56:39:00:6e:e3:f2:80:15:f5:ac:f1:25:
fa:9b:90:31:9e:2c:59:35:c6:8d:3f:11:0d:8b:2e:
4a:ad:fc:7b:ed:7a:13:68:25:5e:a6:7b:ca:79:0f:
1d:08:ae:69:71:c4:71:47:7d:1c:ed:f7:80:04:c1:
0e:37:33:76:e7:da:d5:8d:3b:78:bc:5f:c8:22:98:
95:5c:71:9a:01:98:f5:78:78:d7:d7:79:66:49:5a:
91:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.16.0/21
194.32.216.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205750
208623
214214
Signature Algorithm: sha256WithRSAEncryption
a4:e3:1f:fc:98:72:a8:36:34:65:2b:c8:93:8d:55:12:bc:a9:
2b:86:6b:33:a4:a6:8c:98:44:cf:af:49:b2:cf:b9:2e:23:ac:
80:ca:b4:2b:45:3a:3d:88:f3:61:01:75:bb:b7:90:2c:3c:23:
5d:00:f8:14:0f:8e:1e:b3:8f:47:6a:a9:01:62:aa:f3:23:17:
d7:65:69:08:ec:6a:78:a3:44:1a:e9:26:89:78:26:f4:d8:b3:
e0:ca:3c:82:5a:50:c6:90:72:40:70:ff:ae:38:b1:7e:24:85:
0d:80:13:89:93:40:d8:d6:4f:f3:11:2d:a9:a8:c4:a5:5d:1d:
92:b0:1d:c8:5d:b5:ae:b1:2e:d4:1c:eb:db:03:72:2e:92:65:
a4:42:01:10:ab:06:c3:6c:19:b8:77:1c:98:2b:20:c1:74:67:
93:7a:ff:ac:5e:82:f9:16:5e:42:57:be:22:41:97:da:50:99:
3b:35:73:e1:29:d0:f4:15:b6:7d:1c:6c:19:2e:b2:e0:1a:fc:
10:a8:bb:da:7f:8a:22:31:41:16:2c:c8:53:55:bb:5c:22:89:
fc:f8:47:9a:10:9b:f0:76:bd:16:26:e6:01:67:c9:dd:37:88:
53:87:35:7c:07:fc:2e:8a:41:5b:de:8c:24:4b:0c:35:28:db:
dd:73:cc:60
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZt/FXLUxJOQ5viK5nqlqgjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTQyMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBkMGZlZTJjZDU2Njk2NWNhMDhkYjU1MDY2M2NiMjBiNDEyMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uaR7wd8M0f+lb7Xlvc5+88/V82u
dpdDgqJ1m+mkqCKMak6pXUVggDDmFek4RwtjIfVIwk+GAu4hgCAd0oKDeDJtgI/+
O+lYLj8gNUYUWkthmnK2p2q+MEcG4qel3hZOjd0LGY3rnE90OcaSRmrJSmkAPbSj
w2PxBiDjta/FxzbzbM7vcMAsT9xFt1MQE8ZxuZ+2TSzf3dRu14cMUScIqeiG1muJ
YHBWOQBu4/KAFfWs8SX6m5AxnixZNcaNPxENiy5Krfx77XoTaCVepnvKeQ8dCK5p
ccRxR30c7feABMEONzN259rVjTt4vF/IIpiVXHGaAZj1eHjX13lmSVqR2wIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFAAND+4s1WaWXKCNtVBmPLILQSNDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUyL2U2ZmUw
OS1jMjJkLTQ1YjctYTU5OS1iOTQxYmE5MjFiM2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIvZTZmZTA5
LWMyMmQtNDViNy1hNTk5LWI5NDFiYTkyMWIzZi8xL0FBMFA3aXpWWnBaY29JMjFV
R1k4c2d0QkkwTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDU4oQAwQBwiDYMCQGCCsGAQUFBwEIAQH/BBUw
E6ARMA8CAwMjtgIDAy7vAgMDRMYwDQYJKoZIhvcNAQELBQADggEBAKTjH/yYcqg2
NGUryJONVRK8qSuGazOkpoyYRM+vSbLPuS4jrIDKtCtFOj2I82EBdbu3kCw8I10A
+BQPjh6zj0dqqQFiqvMjF9dlaQjsanijRBrpJol4JvTYs+DKPIJaUMaQckBw/644
sX4khQ2AE4mTQNjWT/MRLamoxKVdHZKwHchdta6xLtQc69sDci6SZaRCARCrBsNs
Gbh3HJgrIMF0Z5N6/6xegvkWXkJXviJBl9pQmTs1c+Ep0PQVtn0cbBkusuAa/BCo
u9p/iiIxQRYsyFNVu1wiifz4R5oQm/B2vRYm5gFnyd03iFOHNXwH/C6KQVvejCRL
DDUo291zzGA=
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:48:22 2026 by rpki-client