Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BumhMJ-7nOBrxOFYvAs1LuTIhEw.cer
File: BumhMJ-7nOBrxOFYvAs1LuTIhEw.cer (raw, json)
Hash identifier: vPKqFVCZYTWjuQwvU2DT+VIQ2AdCvSAZBDoPumlXA/U=
Subject key identifier: 06:E9:A1:30:9F:BB:9C:E0:6B:C4:E1:58:BC:0B:35:2E:E4:C8:84:4C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DB99545B1930349E8B94AFB25DC07C18B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/49ee5b-2c63-41c8-b253-91fe4bc65382/1/BumhMJ-7nOBrxOFYvAs1LuTIhEw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/49ee5b-2c63-41c8-b253-91fe4bc65382/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 23 Apr 2026 09:04:20 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 199645
IP: 185.2.16.0/22
IP: 2a02:c100::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b9:95:45:b1:93:03:49:e8:b9:4a:fb:25:dc:07:c1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 23 09:04:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06e9a1309fbb9ce06bc4e158bc0b352ee4c8844c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f0:a1:2f:a3:85:77:db:da:a4:63:7b:c0:cb:
0a:5b:7f:4c:60:6d:4f:4e:94:45:6e:0b:cc:38:92:
fe:8e:18:87:4c:4a:3c:c3:f8:bf:33:b6:9c:50:5a:
76:d3:24:82:55:0d:9e:b3:93:b5:77:d9:32:65:3e:
4b:d0:b9:7a:79:e4:03:bb:c9:72:75:2c:59:b9:96:
68:5c:33:a9:0f:4d:c3:19:a1:db:17:76:10:c1:ee:
fc:a7:c7:5b:5d:3c:5f:01:38:03:01:eb:44:65:d3:
ec:46:0f:69:52:e6:47:e5:e1:66:39:aa:a0:c4:59:
5c:b2:f3:f9:ac:58:a5:12:c8:6c:aa:7e:a2:08:29:
da:96:27:88:99:5f:5b:16:8a:2e:75:41:93:16:cc:
34:78:24:61:47:23:cd:45:cf:57:83:4b:26:b8:20:
a9:1d:8d:56:b6:a2:7f:28:8b:50:36:a6:16:31:57:
a8:7a:cd:e9:69:cd:03:4a:cb:0d:f1:bc:65:07:f6:
74:37:a9:7a:7a:cd:27:79:23:86:d2:8e:6b:5f:a4:
9e:dc:7d:86:2e:9c:29:c8:75:30:84:4b:10:ce:75:
70:f4:47:12:bf:9f:12:81:8e:fb:a6:19:63:d8:81:
61:fe:ea:2f:c0:61:19:95:19:66:10:90:23:c2:2b:
84:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E9:A1:30:9F:BB:9C:E0:6B:C4:E1:58:BC:0B:35:2E:E4:C8:84:4C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/49ee5b-2c63-41c8-b253-91fe4bc65382/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/49ee5b-2c63-41c8-b253-91fe4bc65382/1/BumhMJ-7nOBrxOFYvAs1LuTIhEw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.16.0/22
IPv6:
2a02:c100::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
199645
Signature Algorithm: sha256WithRSAEncryption
55:40:eb:ca:54:b9:c8:63:10:49:dd:97:bf:17:10:56:ed:45:
e1:f4:ed:fe:b9:47:53:36:9b:e3:82:36:28:be:2b:a5:85:71:
25:7c:90:db:9b:14:d5:4d:cf:cb:9b:3a:db:3a:8d:c4:60:1b:
9a:b7:a2:31:93:2c:9c:86:a8:b0:7b:4e:e5:32:5c:1a:6a:b3:
75:31:9b:48:ef:cd:a6:c9:7f:f8:0b:4a:c4:11:08:57:1f:dc:
c0:ce:89:00:86:09:eb:8e:e4:5a:ba:93:44:6d:ef:f1:c8:56:
81:31:c6:70:0d:d4:91:6b:e8:0f:0d:fa:49:0f:7b:82:21:2f:
bd:a7:e8:8a:38:8e:4e:71:c8:b2:f6:f8:11:c8:49:e3:84:49:
56:5c:4a:39:d1:06:ae:f5:75:71:99:66:23:09:94:8c:f2:ff:
97:79:63:47:8b:63:91:e0:35:be:96:aa:cc:a1:82:77:f4:1e:
e0:5e:13:39:39:7e:f4:4d:0d:36:4b:e8:4a:83:6e:54:8a:6d:
6b:2f:88:d8:88:48:68:03:6f:2f:6a:24:ef:53:8b:93:2d:f5:
a3:09:1f:cd:70:f1:7c:4f:ee:9d:a6:49:7e:63:ba:70:17:25:
7c:86:54:e5:72:ad:9c:53:b2:59:06:6f:35:a3:85:45:a0:bc:
b6:86:01:a4
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZ25lUWxkwNJ6LlK+yXcB8GLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDIzMDkwNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmU5YTEzMDlmYmI5Y2UwNmJjNGUxNThiYzBiMzUyZWU0Yzg4NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/ChL6OFd9vapGN7wMsKW39MYG1P
TpRFbgvMOJL+jhiHTEo8w/i/M7acUFp20ySCVQ2es5O1d9kyZT5L0Ll6eeQDu8ly
dSxZuZZoXDOpD03DGaHbF3YQwe78p8dbXTxfATgDAetEZdPsRg9pUuZH5eFmOaqg
xFlcsvP5rFilEshsqn6iCCnalieImV9bFooudUGTFsw0eCRhRyPNRc9Xg0smuCCp
HY1WtqJ/KItQNqYWMVeoes3pac0DSssN8bxlB/Z0N6l6es0neSOG0o5rX6Se3H2G
LpwpyHUwhEsQznVw9EcSv58SgY77phlj2IFh/uovwGEZlRlmEJAjwiuE4wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAbpoTCfu5zga8ThWLwLNS7kyIRMMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzQ5ZWU1
Yi0yYzYzLTQxYzgtYjI1My05MWZlNGJjNjUzODIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvNDllZTVi
LTJjNjMtNDFjOC1iMjUzLTkxZmU0YmM2NTM4Mi8xL0J1bWhNSi03bk9CcnhPRll2
QXMxTHVUSWhFdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuQIQMA0EAgACMAcDBQMqAsEAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwML3TANBgkqhkiG9w0BAQsFAAOCAQEAVUDrylS5yGMQ
Sd2XvxcQVu1F4fTt/rlHUzab44I2KL4rpYVxJXyQ25sU1U3Py5s62zqNxGAbmrei
MZMsnIaosHtO5TJcGmqzdTGbSO/Npsl/+AtKxBEIVx/cwM6JAIYJ647kWrqTRG3v
8chWgTHGcA3UkWvoDw36SQ97giEvvafoijiOTnHIsvb4EchJ44RJVlxKOdEGrvV1
cZlmIwmUjPL/l3ljR4tjkeA1vpaqzKGCd/Qe4F4TOTl+9E0NNkvoSoNuVIptay+I
2IhIaANvL2ok71OLky31owkfzXDxfE/unaZJfmO6cBclfIZU5XKtnFOyWQZvNaOF
RaC8toYBpA==
-----END CERTIFICATE-----
Generated at Tue May 12 20:59:31 2026 by rpki-client