Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BzX8jPArik43L6W8ZAlE_rwk8f4.cer
File: BzX8jPArik43L6W8ZAlE_rwk8f4.cer (raw, json)
Hash identifier: Y7ZFXM7oRzUsFP74Gd9p7+uw66k3vJtExL464AfVgBA=
Subject key identifier: 07:35:FC:8C:F0:2B:8A:4E:37:2F:A5:BC:64:09:44:FE:BC:24:F1:FE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B78A29F95C155F3EED74F20C8A624EFD5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/56/cf3b98-4941-4bbe-82b3-731e9339d6ac/1/BzX8jPArik43L6W8ZAlE_rwk8f4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/56/cf3b98-4941-4bbe-82b3-731e9339d6ac/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 08:18:02 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 42965
IP: 77.246.112.0/20
IP: 84.21.184.0/22
IP: 91.196.204.0/22
IP: 93.181.0.0/18
IP: 95.214.224.0/22
IP: 185.201.84.0/22
IP: 194.50.244.0/22
IP: 2a02:2f0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:9f:95:c1:55:f3:ee:d7:4f:20:c8:a6:24:ef:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:18:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0735fc8cf02b8a4e372fa5bc640944febc24f1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:72:31:66:b9:0a:97:1d:08:9a:8d:9e:0f:
e4:5e:38:e5:ab:a0:61:0f:4d:18:a5:17:26:48:9f:
84:60:0c:a0:82:ec:20:3c:2a:fa:e0:71:c0:8c:69:
ca:63:3b:63:40:8b:1d:27:e7:2e:6b:81:61:6b:5f:
81:9b:10:f9:8b:ff:c2:5f:6d:76:4f:f3:c5:07:44:
99:4d:fd:56:51:37:b2:99:bb:a8:01:86:b7:30:e9:
83:07:54:58:48:d8:48:16:21:84:6b:6c:d2:0e:c3:
7d:e4:04:4d:e4:13:03:f6:25:21:c1:94:63:b9:22:
70:e0:74:49:79:3f:c5:b0:c1:25:de:38:bb:06:20:
50:e1:d4:12:34:d4:6c:55:6b:81:d7:c3:64:10:8e:
00:3c:fb:92:3c:c1:10:91:47:7b:9a:d7:7a:a4:13:
3e:4a:aa:d3:1d:1d:e8:d3:41:34:ed:f2:20:e1:58:
f3:fa:d8:7d:aa:3b:0f:69:3f:da:3c:c2:9f:19:b2:
3d:4f:f1:ba:90:4d:0e:2d:9e:86:68:0c:db:b4:3f:
15:be:13:0a:7e:1d:a1:6f:99:60:6a:09:12:d1:c0:
02:3f:a7:05:7a:99:ab:e4:f7:c4:7c:00:22:50:d7:
44:d4:a3:8a:3a:e4:b5:1d:f5:fe:7d:02:46:6d:7b:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:35:FC:8C:F0:2B:8A:4E:37:2F:A5:BC:64:09:44:FE:BC:24:F1:FE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/cf3b98-4941-4bbe-82b3-731e9339d6ac/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/cf3b98-4941-4bbe-82b3-731e9339d6ac/1/BzX8jPArik43L6W8ZAlE_rwk8f4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.112.0/20
84.21.184.0/22
91.196.204.0/22
93.181.0.0/18
95.214.224.0/22
185.201.84.0/22
194.50.244.0/22
IPv6:
2a02:2f0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42965
Signature Algorithm: sha256WithRSAEncryption
10:a1:31:87:ea:3d:4d:6c:9b:e7:78:42:25:53:0e:dd:92:a3:
b8:ad:76:33:27:71:66:16:6c:00:86:31:81:5f:26:66:6d:85:
46:7c:60:4c:b8:fd:a9:6b:93:54:d8:34:fe:88:8d:fa:e4:29:
9f:be:ea:05:fb:69:7c:52:cd:f3:5a:a3:89:d8:57:f6:7b:95:
d3:8d:c8:6d:99:25:a6:7c:ba:47:b5:7a:1d:83:92:b4:55:42:
1b:bb:e5:f6:a9:1b:85:c2:9b:de:cc:4a:59:c5:a1:48:6f:53:
7d:02:67:58:f6:0a:6c:3d:4e:ae:00:0d:09:3d:49:8e:2f:b1:
ca:dc:b4:f1:ec:20:03:e7:82:34:10:78:cb:97:b6:c4:6f:96:
19:b6:06:8f:e3:55:a3:29:41:37:38:7a:5f:62:16:a5:90:8f:
3e:a3:71:14:8f:c5:e5:41:dc:51:38:6d:16:94:e7:e4:9f:57:
70:a5:c3:71:ac:30:4d:99:bb:09:3c:d0:87:14:52:1d:24:95:
7d:c5:58:34:ee:d3:7e:4a:5a:1f:e4:e6:c0:16:13:b5:b7:fb:
1f:84:9a:ea:33:44:ca:97:e1:94:fe:54:33:e3:10:5b:26:47:
21:1a:f4:18:a6:53:ef:a6:37:bc:33:ba:f7:0b:0f:35:e2:1d:
04:e4:f8:d9
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZt4op+VwVXz7tdPIMimJO/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDgxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM1ZmM4Y2YwMmI4YTRlMzcyZmE1YmM2NDA5NDRmZWJjMjRmMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyxyMWa5CpcdCJqNng/kXjjlq6Bh
D00YpRcmSJ+EYAygguwgPCr64HHAjGnKYztjQIsdJ+cua4Fha1+BmxD5i//CX212
T/PFB0SZTf1WUTeymbuoAYa3MOmDB1RYSNhIFiGEa2zSDsN95ARN5BMD9iUhwZRj
uSJw4HRJeT/FsMEl3ji7BiBQ4dQSNNRsVWuB18NkEI4APPuSPMEQkUd7mtd6pBM+
SqrTHR3o00E07fIg4Vjz+th9qjsPaT/aPMKfGbI9T/G6kE0OLZ6GaAzbtD8VvhMK
fh2hb5lgagkS0cACP6cFepmr5PfEfAAiUNdE1KOKOuS1HfX+fQJGbXvq1QIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFAc1/IzwK4pONy+lvGQJRP68JPH+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU2L2NmM2I5
OC00OTQxLTRiYmUtODJiMy03MzFlOTMzOWQ2YWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYvY2YzYjk4
LTQ5NDEtNGJiZS04MmIzLTczMWU5MzM5ZDZhYy8xL0J6WDhqUEFyaWs0M0w2Vzha
QWxFX3J3azhmNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUF
BwEHAQH/BEMwQTAwBAIAATAqAwQETfZwAwQCVBW4AwQCW8TMAwQGXbUAAwQCX9bg
AwQCuclUAwQCwjL0MA0EAgACMAcDBQMqAgLwMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwCn1TANBgkqhkiG9w0BAQsFAAOCAQEAEKExh+o9TWyb53hCJVMO3ZKjuK12
MydxZhZsAIYxgV8mZm2FRnxgTLj9qWuTVNg0/oiN+uQpn77qBftpfFLN81qjidhX
9nuV043IbZklpny6R7V6HYOStFVCG7vl9qkbhcKb3sxKWcWhSG9TfQJnWPYKbD1O
rgANCT1Jji+xyty08ewgA+eCNBB4y5e2xG+WGbYGj+NVoylBNzh6X2IWpZCPPqNx
FI/F5UHcUThtFpTn5J9XcKXDcawwTZm7CTzQhxRSHSSVfcVYNO7TfkpaH+TmwBYT
tbf7H4Sa6jNEypfhlP5UM+MQWyZHIRr0GKZT76Y3vDO69wsPNeIdBOT42Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:09:17 2026 by rpki-client