Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
File: CIRls3stTp9BOjHce35suioz25Y.cer (raw, json)
Hash identifier: uaiQA+91IW7M8b1KWHo+6tpyCRQqdgXgUfU+9YLDa4E=
Subject key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019768FB6C09CFEA51C09719BFD56DF505A6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 13 Jun 2025 11:09:57 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8647
AS: 15596
IP: 45.150.149.0/24
IP: 62.3.26.0/24
IP: 91.213.173.0/24
IP: 103.216.172.0/22
IP: 109.122.32.0/21
IP: 188.66.24.0/22
IP: 193.108.56.0/22
IP: 193.108.102.0 -- 193.108.105.255
IP: 193.242.117.0/24
IP: 213.109.154.0/24
IP: 2a06:fc0::/29
IP: 2a06:5e80::/29
IP: 2a07:3f00::/29
IP: 2a07:e840::/29
IP: 2a09:4bc0::/29
IP: 2a09:ddc0::/29
IP: 2a11:4380::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:fb:6c:09:cf:ea:51:c0:97:19:bf:d5:6d:f5:05:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 13 11:09:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:8b:76:35:48:f1:9d:10:32:b4:5d:aa:46:
67:3f:97:1e:d4:c3:0b:07:0d:53:5e:6b:d0:df:d0:
6a:94:cd:38:32:09:60:4a:f6:73:32:8d:a2:cb:97:
f4:b6:5b:a9:ad:25:0b:8c:89:58:30:2c:61:d0:72:
9b:21:8f:c8:23:a5:dc:d7:f3:94:33:3e:4d:ed:74:
d1:02:eb:5a:02:dc:76:6c:64:8f:4d:a2:55:23:7a:
af:63:09:29:d0:32:54:ed:7e:de:da:c1:f8:2d:58:
86:de:fa:1f:99:3d:d2:47:1b:af:e9:74:79:80:fe:
5f:c7:9d:1a:0a:80:52:36:fa:ca:80:1a:10:b7:a4:
22:c1:e0:94:aa:64:04:10:72:98:e5:86:f5:45:c3:
8b:53:3e:d9:89:06:85:62:5d:1c:81:75:59:4e:43:
67:79:15:57:95:b5:4a:d1:dc:82:49:cd:89:bb:65:
50:ed:0e:0b:42:c6:7a:05:bd:3b:75:a0:86:e6:ab:
82:2c:20:49:2c:54:a6:f2:2f:b1:14:26:c1:2b:a4:
83:d6:a8:a8:db:f1:cd:44:a9:15:fd:67:72:e6:8c:
e8:3e:5d:df:29:0e:f2:57:a2:fe:de:cd:b9:2a:7a:
f0:92:35:7d:45:3d:bf:66:68:5d:21:ec:78:f6:d0:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
62.3.26.0/24
91.213.173.0/24
103.216.172.0/22
109.122.32.0/21
188.66.24.0/22
193.108.56.0/22
193.108.102.0-193.108.105.255
193.242.117.0/24
213.109.154.0/24
IPv6:
2a06:fc0::/29
2a06:5e80::/29
2a07:3f00::/29
2a07:e840::/29
2a09:4bc0::/29
2a09:ddc0::/29
2a11:4380::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8647
15596
Signature Algorithm: sha256WithRSAEncryption
4d:ce:12:67:69:9d:91:83:7b:9c:77:2b:31:98:ae:2f:71:b5:
1b:5a:e5:1b:e3:48:82:c0:30:29:15:c9:34:2c:14:07:61:bf:
d6:dc:5f:4d:d8:bc:81:d4:d1:30:f1:5f:f9:b0:b9:ca:18:4a:
2a:45:9c:fa:2f:66:a4:e0:d1:79:f3:b1:01:f4:2d:2a:0a:b3:
0d:84:36:51:eb:c1:86:6e:1c:4c:d5:42:dd:3a:66:14:bc:2d:
eb:ce:35:80:1a:44:fa:fd:ed:41:4f:4b:91:e7:97:93:5e:28:
55:72:75:6b:3d:ac:dd:3c:6c:3d:69:32:5c:de:54:c4:72:c2:
68:6d:60:fc:66:34:d9:b8:dd:03:c9:ed:90:e4:1a:3b:be:fa:
c0:5c:83:72:f0:e2:93:d7:6e:00:43:19:12:ab:5c:bf:b1:c2:
7d:bb:60:e4:37:88:28:a5:4b:39:9c:94:89:28:16:8a:c4:6c:
80:c2:6f:10:1c:58:8c:10:e0:ae:5d:3b:f8:99:3f:15:b3:9c:
da:71:15:97:2d:00:0e:48:7b:df:2c:48:c7:9d:c6:ee:bf:90:
4b:07:62:fd:78:07:93:a8:78:c8:da:16:52:68:a1:9b:71:19:
cb:12:a9:a2:b6:99:de:14:04:14:c0:39:fe:3b:a8:f1:b3:a6:
41:d2:05:f1
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZdo+2wJz+pRwJcZv9Vt9QWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjEzMTEwOTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg0NjViMzdiMmQ0ZTlmNDEzYTMxZGM3YjdlNmNiYTJhMzNkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJCLdjVI8Z0QMrRdqkZnP5ce1MML
Bw1TXmvQ39BqlM04MglgSvZzMo2iy5f0tluprSULjIlYMCxh0HKbIY/II6Xc1/OU
Mz5N7XTRAutaAtx2bGSPTaJVI3qvYwkp0DJU7X7e2sH4LViG3vofmT3SRxuv6XR5
gP5fx50aCoBSNvrKgBoQt6QiweCUqmQEEHKY5Yb1RcOLUz7ZiQaFYl0cgXVZTkNn
eRVXlbVK0dyCSc2Ju2VQ7Q4LQsZ6Bb07daCG5quCLCBJLFSm8i+xFCbBK6SD1qio
2/HNRKkV/Wdy5ozoPl3fKQ7yV6L+3s25KnrwkjV9RT2/ZmhdIex49tC11QIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFAiEZbN7LU6fQTox3Ht+bLoqM9uWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzNlMmIx
OC01NWM5LTQxODAtOGM2ZS0yYzcwODZmZGVkOTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvM2UyYjE4
LTU1YzktNDE4MC04YzZlLTJjNzA4NmZkZWQ5My8xL0NJUmxzM3N0VHA5Qk9qSGNl
MzVzdWlvejI1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGYBggrBgEF
BQcBBwEB/wSBiDCBhTBKBAIAATBEAwQALZaVAwQAPgMaAwQAW9WtAwQCZ9isAwQD
bXogAwQCvEIYAwQCwWw4MAwDBAHBbGYDBAHBbGgDBADB8nUDBADVbZowNwQCAAIw
MQMFAyoGD8ADBQMqBl6AAwUDKgc/AAMFAyoH6EADBQMqCUvAAwUDKgndwAMFAyoR
Q4AwHQYIKwYBBQUHAQgBAf8EDjAMoAowCAICIccCAjzsMA0GCSqGSIb3DQEBCwUA
A4IBAQBNzhJnaZ2Rg3ucdysxmK4vcbUbWuUb40iCwDApFck0LBQHYb/W3F9N2LyB
1NEw8V/5sLnKGEoqRZz6L2ak4NF587EB9C0qCrMNhDZR68GGbhxM1ULdOmYUvC3r
zjWAGkT6/e1BT0uR55eTXihVcnVrPazdPGw9aTJc3lTEcsJobWD8ZjTZuN0Dye2Q
5Bo7vvrAXINy8OKT124AQxkSq1y/scJ9u2DkN4gopUs5nJSJKBaKxGyAwm8QHFiM
EOCuXTv4mT8Vs5zacRWXLQAOSHvfLEjHncbuv5BLB2L9eAeTqHjI2hZSaKGbcRnL
EqmitpneFAQUwDn+O6jxs6ZB0gXx
-----END CERTIFICATE-----
Generated at Sat Jun 28 15:17:07 2025 by rpki-client