Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer
File: AA0P7izVZpZcoI21UGY8sgtBI0M.cer (raw, json)
Hash identifier: e5Vwh7TuLk1T3pRD5wkE8GL/9VynVPX+iO49CFor9Ec=
Subject key identifier: 00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019884C1FD69591D9D97335582D3C11B187A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 07 Aug 2025 13:39:22 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 205750
AS: 208623
AS: 214214
IP: 83.138.16.0/21
IP: 194.32.216.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:c1:fd:69:59:1d:9d:97:33:55:82:d3:c1:1b:18:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 7 13:39:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=000d0fee2cd566965ca08db550663cb20b412343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e6:91:ef:07:7c:33:47:fe:95:be:d7:96:f7:
39:fb:cf:3f:57:cd:ae:76:97:43:82:a2:75:9b:e9:
a4:a8:22:8c:6a:4e:a9:5d:45:60:80:30:e6:15:e9:
38:47:0b:63:21:f5:48:c2:4f:86:02:ee:21:80:20:
1d:d2:82:83:78:32:6d:80:8f:fe:3b:e9:58:2e:3f:
20:35:46:14:5a:4b:61:9a:72:b6:a7:6a:be:30:47:
06:e2:a7:a5:de:16:4e:8d:dd:0b:19:8d:eb:9c:4f:
74:39:c6:92:46:6a:c9:4a:69:00:3d:b4:a3:c3:63:
f1:06:20:e3:b5:af:c5:c7:36:f3:6c:ce:ef:70:c0:
2c:4f:dc:45:b7:53:10:13:c6:71:b9:9f:b6:4d:2c:
df:dd:d4:6e:d7:87:0c:51:27:08:a9:e8:86:d6:6b:
89:60:70:56:39:00:6e:e3:f2:80:15:f5:ac:f1:25:
fa:9b:90:31:9e:2c:59:35:c6:8d:3f:11:0d:8b:2e:
4a:ad:fc:7b:ed:7a:13:68:25:5e:a6:7b:ca:79:0f:
1d:08:ae:69:71:c4:71:47:7d:1c:ed:f7:80:04:c1:
0e:37:33:76:e7:da:d5:8d:3b:78:bc:5f:c8:22:98:
95:5c:71:9a:01:98:f5:78:78:d7:d7:79:66:49:5a:
91:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.16.0/21
194.32.216.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205750
208623
214214
Signature Algorithm: sha256WithRSAEncryption
a4:1d:55:25:aa:78:45:a4:f2:1a:68:12:5b:19:33:ee:90:46:
53:c5:03:5d:50:aa:4d:04:13:a6:60:37:e7:53:fe:09:a3:ca:
54:ec:e7:26:b5:32:a1:2d:41:01:14:2d:42:09:85:f9:bf:9f:
5e:13:f3:ff:ee:12:51:8c:90:86:b9:79:d5:08:5a:26:d4:18:
29:c3:8e:5c:e1:65:35:82:7b:d7:f6:20:e3:3b:12:a2:7d:91:
4f:2c:9b:0f:b5:dc:fb:d9:93:44:d2:64:da:55:cc:74:10:d2:
64:d6:e4:8d:5a:66:54:72:8e:33:1f:82:72:b2:64:f3:10:7f:
5e:e6:a2:23:bb:e3:52:63:3d:24:4c:07:6b:33:c1:24:a8:6f:
8b:db:dc:53:51:9b:3a:66:10:02:2d:0d:20:42:91:52:fb:ba:
ed:07:d3:1e:91:c5:f7:8e:c6:ef:dd:ab:4d:65:e4:1d:36:2e:
57:e9:fa:52:17:2c:dd:df:46:91:7d:29:91:ac:d8:c9:ec:e0:
a8:aa:98:b9:89:d9:2a:98:0b:d0:9f:db:00:30:f7:a8:dd:28:
a5:b9:9b:79:93:aa:ad:24:e8:95:84:85:10:2e:5a:9b:0c:6a:
6e:d1:1b:83:85:a6:66:93:2e:f0:1d:56:c8:5d:c6:6a:5c:22:
b4:ba:52:76
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZiEwf1pWR2dlzNVgtPBGxh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODA3MTMzOTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBkMGZlZTJjZDU2Njk2NWNhMDhkYjU1MDY2M2NiMjBiNDEyMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uaR7wd8M0f+lb7Xlvc5+88/V82u
dpdDgqJ1m+mkqCKMak6pXUVggDDmFek4RwtjIfVIwk+GAu4hgCAd0oKDeDJtgI/+
O+lYLj8gNUYUWkthmnK2p2q+MEcG4qel3hZOjd0LGY3rnE90OcaSRmrJSmkAPbSj
w2PxBiDjta/FxzbzbM7vcMAsT9xFt1MQE8ZxuZ+2TSzf3dRu14cMUScIqeiG1muJ
YHBWOQBu4/KAFfWs8SX6m5AxnixZNcaNPxENiy5Krfx77XoTaCVepnvKeQ8dCK5p
ccRxR30c7feABMEONzN259rVjTt4vF/IIpiVXHGaAZj1eHjX13lmSVqR2wIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFAAND+4s1WaWXKCNtVBmPLILQSNDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUyL2U2ZmUw
OS1jMjJkLTQ1YjctYTU5OS1iOTQxYmE5MjFiM2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIvZTZmZTA5
LWMyMmQtNDViNy1hNTk5LWI5NDFiYTkyMWIzZi8xL0FBMFA3aXpWWnBaY29JMjFV
R1k4c2d0QkkwTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDU4oQAwQBwiDYMCQGCCsGAQUFBwEIAQH/BBUw
E6ARMA8CAwMjtgIDAy7vAgMDRMYwDQYJKoZIhvcNAQELBQADggEBAKQdVSWqeEWk
8hpoElsZM+6QRlPFA11Qqk0EE6ZgN+dT/gmjylTs5ya1MqEtQQEULUIJhfm/n14T
8//uElGMkIa5edUIWibUGCnDjlzhZTWCe9f2IOM7EqJ9kU8smw+13PvZk0TSZNpV
zHQQ0mTW5I1aZlRyjjMfgnKyZPMQf17moiO741JjPSRMB2szwSSob4vb3FNRmzpm
EAItDSBCkVL7uu0H0x6RxfeOxu/dq01l5B02Llfp+lIXLN3fRpF9KZGs2Mns4Kiq
mLmJ2SqYC9Cf2wAw96jdKKW5m3mTqq0k6JWEhRAuWpsMam7RG4OFpmaTLvAdVshd
xmpcIrS6UnY=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:04:51 2025 by rpki-client