Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BQNlyK9IgTpbq5ft41VTnxFHTcc.cer
File: BQNlyK9IgTpbq5ft41VTnxFHTcc.cer (raw, json)
Hash identifier: ULoM2bQcwT5pWlRazzgMrrAl5hczZ+pN5zINvpXpu/o=
Subject key identifier: 05:03:65:C8:AF:48:81:3A:5B:AB:97:ED:E3:55:53:9F:11:47:4D:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7BA417B66EAA1F59386955E377484DC6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/BQNlyK9IgTpbq5ft41VTnxFHTcc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 22:18:30 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 39587
IP: 147.78.236.0/22
IP: 2a0f:2980::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a4:17:b6:6e:aa:1f:59:38:69:55:e3:77:48:4d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:18:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=050365c8af48813a5bab97ede355539f11474dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9a:3f:12:bf:67:2a:e5:d4:35:dc:cf:fb:c3:
7a:15:e0:99:2c:85:84:75:a7:7b:35:8e:dc:08:9a:
eb:bd:93:01:80:96:71:1e:e4:94:0f:48:5d:87:e9:
47:04:f9:e2:6b:e6:88:48:9e:8a:b2:de:01:0a:2a:
e8:aa:88:88:08:ae:f7:1c:a8:c5:26:8e:32:e0:9f:
b3:a7:aa:0a:ff:40:d1:f4:c4:bd:bd:50:63:7a:74:
95:c8:20:5c:c7:66:a0:41:45:c5:fe:d7:55:f6:4c:
1f:db:f8:4c:e5:a5:00:a6:8e:b1:8b:24:4a:a5:53:
45:47:4d:60:0f:99:79:34:6e:51:aa:8d:44:8b:01:
19:6d:36:a8:dc:11:84:9c:a9:21:ab:b2:49:97:9d:
1e:e2:f4:cd:34:21:8d:ee:e5:e5:fb:17:46:5f:3c:
1b:ee:fc:ef:fc:72:2c:95:dc:fe:15:c5:53:32:0d:
83:16:d7:f8:49:11:d5:09:ea:9f:53:b2:d3:d4:e5:
d2:21:37:95:a7:ca:84:4a:d9:0c:ce:59:1a:e1:ff:
bc:9b:e7:64:f4:39:7e:8f:8f:87:90:9e:f5:ce:fd:
34:30:ef:c6:1d:f9:56:96:9d:71:4f:59:13:50:65:
18:e3:a8:de:80:e1:2d:78:b7:08:e3:eb:3b:44:43:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:03:65:C8:AF:48:81:3A:5B:AB:97:ED:E3:55:53:9F:11:47:4D:C7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/BQNlyK9IgTpbq5ft41VTnxFHTcc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.236.0/22
IPv6:
2a0f:2980::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39587
Signature Algorithm: sha256WithRSAEncryption
49:40:cf:1d:cb:9e:64:ed:1b:c7:82:1d:d3:23:aa:2d:23:ea:
1d:18:90:49:e4:81:9b:9c:c4:d8:26:5a:75:63:9f:26:dd:03:
aa:f4:45:48:97:e9:17:92:d8:e2:80:8b:4e:c5:81:36:9d:6a:
2e:b8:85:75:04:7e:47:7f:4b:d3:0e:c3:82:9c:ee:9f:84:73:
d0:8d:c2:41:9b:cc:71:ec:51:91:c1:50:7b:1c:bc:9e:cc:16:
f2:b2:e4:13:d2:df:69:91:46:55:fb:fb:38:78:1c:f6:89:fc:
fb:17:be:8a:1a:07:fb:ba:c0:9e:d3:f3:a5:02:6b:9f:02:b5:
69:26:ee:1f:4a:af:63:8e:f2:ad:9d:fe:f0:13:ee:cb:3a:18:
9c:ee:bf:3f:a4:15:23:e3:09:e6:51:4d:85:dd:8f:bd:b9:05:
de:3b:ab:e0:15:08:c1:99:77:22:19:8b:a1:08:6c:41:7c:a3:
66:e2:27:ad:29:5e:cb:15:52:76:44:83:f8:09:a7:e9:fc:6c:
69:2f:6e:7e:6c:4e:ee:5d:0d:0b:9a:e1:e8:44:1b:f9:52:a2:
4f:6e:73:ec:84:4d:02:dc:ca:14:71:50:6c:7d:a5:19:1b:81:
bc:06:6b:d3:ed:9c:66:2f:5c:98:98:f3:86:08:60:f7:9f:fb:
67:cb:ea:ee
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt7pBe2bqofWThpVeN3SE3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAzNjVjOGFmNDg4MTNhNWJhYjk3ZWRlMzU1NTM5ZjExNDc0ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZo/Er9nKuXUNdzP+8N6FeCZLIWE
dad7NY7cCJrrvZMBgJZxHuSUD0hdh+lHBPnia+aISJ6Kst4BCiroqoiICK73HKjF
Jo4y4J+zp6oK/0DR9MS9vVBjenSVyCBcx2agQUXF/tdV9kwf2/hM5aUApo6xiyRK
pVNFR01gD5l5NG5Rqo1EiwEZbTao3BGEnKkhq7JJl50e4vTNNCGN7uXl+xdGXzwb
7vzv/HIsldz+FcVTMg2DFtf4SRHVCeqfU7LT1OXSITeVp8qEStkMzlka4f+8m+dk
9Dl+j4+HkJ71zv00MO/GHflWlp1xT1kTUGUY46jegOEteLcI4+s7RENQmwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAUDZcivSIE6W6uX7eNVU58RR03HMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYyL2FlMWYz
YS02NWE4LTQ3OTQtOTFjOC1hNTg3OWI2OWYxMjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvYWUxZjNh
LTY1YTgtNDc5NC05MWM4LWE1ODc5YjY5ZjEyNi8xL0JRTmx5SzlJZ1RwYnE1ZnQ0
MVZUbnhGSFRjYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCk07sMA0EAgACMAcDBQMqDymAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCaozANBgkqhkiG9w0BAQsFAAOCAQEASUDPHcueZO0b
x4Id0yOqLSPqHRiQSeSBm5zE2CZadWOfJt0DqvRFSJfpF5LY4oCLTsWBNp1qLriF
dQR+R39L0w7Dgpzun4Rz0I3CQZvMcexRkcFQexy8nswW8rLkE9LfaZFGVfv7OHgc
9on8+xe+ihoH+7rAntPzpQJrnwK1aSbuH0qvY47yrZ3+8BPuyzoYnO6/P6QVI+MJ
5lFNhd2PvbkF3jur4BUIwZl3IhmLoQhsQXyjZuInrSleyxVSdkSD+Amn6fxsaS9u
fmxO7l0NC5rh6EQb+VKiT25z7IRNAtzKFHFQbH2lGRuBvAZr0+2cZi9cmJjzhghg
95/7Z8vq7g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:12:55 2026 by rpki-client