Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIKLx914SFC4lu197ZSD218B4Fk.cer
File: CIKLx914SFC4lu197ZSD218B4Fk.cer (raw, json)
Hash identifier: XuoGDbIADpK8lGUMLbKTdrkcUEtPR3nycO4B+DSXB10=
Subject key identifier: 08:82:8B:C7:DD:78:48:50:B8:96:ED:7D:ED:94:83:DB:5F:01:E0:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0199E82B2B515A3D60D5DEB0BCFB81E30422
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/CIKLx914SFC4lu197ZSD218B4Fk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 15 Oct 2025 13:59:27 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 89.248.66.0/24
IP: 213.177.170.0/24
IP: 2a10:e6c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:2b:2b:51:5a:3d:60:d5:de:b0:bc:fb:81:e3:04:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 15 13:59:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08828bc7dd784850b896ed7ded9483db5f01e059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:c7:93:a1:b7:1b:81:c4:82:f5:df:56:33:
7f:5d:29:1e:b5:08:a6:80:95:79:cc:86:94:39:83:
a9:6d:b6:17:91:e0:51:00:90:9d:70:8d:ca:8d:ce:
cb:53:da:78:f5:c1:de:5f:77:db:73:ea:68:4a:15:
39:06:b4:d5:d3:21:f6:97:11:f9:c3:79:a1:ac:9f:
d0:c2:f9:3f:5c:a4:0a:d4:97:d4:ca:4d:16:28:dc:
5f:37:46:3c:cf:e5:2a:dc:18:06:08:81:10:39:fc:
29:8f:bc:22:67:66:93:aa:cd:02:73:a1:5e:9b:9f:
10:04:8d:b0:8a:0d:9e:81:c0:0f:fd:05:d1:15:b1:
82:15:49:3a:6d:9d:75:62:f1:f2:2f:ea:8b:6f:cd:
4b:7f:a0:7d:e4:ab:9f:9b:e4:6d:98:09:84:39:d3:
49:08:a5:3d:2e:f1:93:b8:3e:28:78:3a:9f:a6:42:
68:82:60:85:07:88:3d:b8:cb:ae:c1:d1:9f:a9:c0:
10:b7:82:3e:3a:8f:26:af:e1:83:0e:13:c5:41:0c:
1a:b9:6b:72:0b:44:13:98:c7:24:fd:2c:2f:92:c8:
01:29:c4:6d:12:b2:d7:2e:db:05:3e:6f:a2:40:9c:
81:65:28:14:ac:73:8b:eb:28:4f:77:4f:f0:af:98:
4c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:82:8B:C7:DD:78:48:50:B8:96:ED:7D:ED:94:83:DB:5F:01:E0:59
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/CIKLx914SFC4lu197ZSD218B4Fk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.66.0/24
213.177.170.0/24
IPv6:
2a10:e6c0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:62:2b:c6:a6:8b:aa:b4:35:76:e9:04:d4:fb:66:ec:39:66:
03:c1:9e:a5:8d:eb:f2:88:4c:be:3c:d4:ff:8b:b2:28:47:fe:
76:d7:ce:09:73:51:28:66:2b:9d:23:7b:e4:2d:77:b2:dc:81:
f0:7b:cb:83:7d:2b:1a:79:a2:8c:ab:f0:cb:f4:26:40:76:90:
60:0e:b2:7e:02:55:96:20:2f:e9:c0:04:52:19:ac:f6:40:d3:
90:12:11:bc:9d:4d:a6:a5:27:cd:28:be:2e:f5:81:23:13:ca:
3b:7b:68:aa:a5:20:4c:c4:6b:3c:bc:d6:a2:27:f8:bf:72:f2:
1a:5d:21:56:ad:e3:d7:7b:b1:72:21:65:f5:97:7b:0e:9c:af:
fd:75:83:91:9a:0c:5a:bb:b8:41:a6:bf:5c:4c:a1:6f:b1:a5:
28:e6:27:ba:91:d8:ea:92:07:54:51:f6:7f:43:9d:b5:67:ae:
4f:5a:e4:b0:d3:92:64:a8:6c:7d:34:74:42:50:22:e8:f8:50:
a8:97:c9:98:c6:1b:ef:d8:39:a8:a6:29:4a:7b:e5:1f:42:16:
62:f4:2c:8a:52:0c:d4:67:9e:42:0e:ee:94:4f:8f:09:70:1a:
a1:f7:1b:6f:ae:a6:83:72:3a:76:42:2d:e5:d7:70:c0:a8:22:
58:39:be:f3
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZnoKytRWj1g1d6wvPuB4wQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMDE1MTM1OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODgyOGJjN2RkNzg0ODUwYjg5NmVkN2RlZDk0ODNkYjVmMDFlMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMPHk6G3G4HEgvXfVjN/XSketQim
gJV5zIaUOYOpbbYXkeBRAJCdcI3Kjc7LU9p49cHeX3fbc+poShU5BrTV0yH2lxH5
w3mhrJ/Qwvk/XKQK1JfUyk0WKNxfN0Y8z+Uq3BgGCIEQOfwpj7wiZ2aTqs0Cc6Fe
m58QBI2wig2egcAP/QXRFbGCFUk6bZ11YvHyL+qLb81Lf6B95Kufm+RtmAmEOdNJ
CKU9LvGTuD4oeDqfpkJogmCFB4g9uMuuwdGfqcAQt4I+Oo8mr+GDDhPFQQwauWty
C0QTmMck/SwvksgBKcRtErLXLtsFPm+iQJyBZSgUrHOL6yhPd0/wr5hMEwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFAiCi8fdeEhQuJbtfe2Ug9tfAeBZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZjLzg2Njc1
NC1mMGVmLTQ5MDAtOGRkMC02YzA0MDNjOWE0NDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMvODY2NzU0
LWYwZWYtNDkwMC04ZGQwLTZjMDQwM2M5YTQ0MC8xL0NJS0x4OTE0U0ZDNGx1MTk3
WlNEMjE4QjRGay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAWfhCAwQA1bGqMA0EAgACMAcDBQAqEObAMA0G
CSqGSIb3DQEBCwUAA4IBAQBOYivGpouqtDV26QTU+2bsOWYDwZ6ljevyiEy+PNT/
i7IoR/52184Jc1EoZiudI3vkLXey3IHwe8uDfSsaeaKMq/DL9CZAdpBgDrJ+AlWW
IC/pwARSGaz2QNOQEhG8nU2mpSfNKL4u9YEjE8o7e2iqpSBMxGs8vNaiJ/i/cvIa
XSFWrePXe7FyIWX1l3sOnK/9dYORmgxau7hBpr9cTKFvsaUo5ie6kdjqkgdUUfZ/
Q521Z65PWuSw05JkqGx9NHRCUCLo+FCol8mYxhvv2DmopilKe+UfQhZi9CyKUgzU
Z55CDu6UT48JcBqh9xtvrqaDcjp2Qi3l13DAqCJYOb7z
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:21:42 2025 by rpki-client