
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
File: CIRls3stTp9BOjHce35suioz25Y.cer (raw, json)
Hash identifier: BZS48aujbI/3zMVJ24Eu1dm10QbzDZxJAq46eV2CWsg=
Subject key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01997630E64FC4A1720F59FED59C9C35E268
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 23 Sep 2025 10:49:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8647
AS: 15596
IP: 45.150.149.0/24
IP: 62.3.26.0/24
IP: 91.213.173.0/24
IP: 103.216.172.0/22
IP: 188.66.24.0/22
IP: 193.108.56.0/22
IP: 193.108.102.0 -- 193.108.105.255
IP: 193.242.117.0/24
IP: 213.109.154.0/24
IP: 2a06:fc0::/29
IP: 2a06:5e80::/29
IP: 2a07:3f00::/29
IP: 2a07:e840::/29
IP: 2a09:4bc0::/29
IP: 2a09:ddc0::/29
IP: 2a11:4380::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:30:e6:4f:c4:a1:72:0f:59:fe:d5:9c:9c:35:e2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 23 10:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:8b:76:35:48:f1:9d:10:32:b4:5d:aa:46:
67:3f:97:1e:d4:c3:0b:07:0d:53:5e:6b:d0:df:d0:
6a:94:cd:38:32:09:60:4a:f6:73:32:8d:a2:cb:97:
f4:b6:5b:a9:ad:25:0b:8c:89:58:30:2c:61:d0:72:
9b:21:8f:c8:23:a5:dc:d7:f3:94:33:3e:4d:ed:74:
d1:02:eb:5a:02:dc:76:6c:64:8f:4d:a2:55:23:7a:
af:63:09:29:d0:32:54:ed:7e:de:da:c1:f8:2d:58:
86:de:fa:1f:99:3d:d2:47:1b:af:e9:74:79:80:fe:
5f:c7:9d:1a:0a:80:52:36:fa:ca:80:1a:10:b7:a4:
22:c1:e0:94:aa:64:04:10:72:98:e5:86:f5:45:c3:
8b:53:3e:d9:89:06:85:62:5d:1c:81:75:59:4e:43:
67:79:15:57:95:b5:4a:d1:dc:82:49:cd:89:bb:65:
50:ed:0e:0b:42:c6:7a:05:bd:3b:75:a0:86:e6:ab:
82:2c:20:49:2c:54:a6:f2:2f:b1:14:26:c1:2b:a4:
83:d6:a8:a8:db:f1:cd:44:a9:15:fd:67:72:e6:8c:
e8:3e:5d:df:29:0e:f2:57:a2:fe:de:cd:b9:2a:7a:
f0:92:35:7d:45:3d:bf:66:68:5d:21:ec:78:f6:d0:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
62.3.26.0/24
91.213.173.0/24
103.216.172.0/22
188.66.24.0/22
193.108.56.0/22
193.108.102.0-193.108.105.255
193.242.117.0/24
213.109.154.0/24
IPv6:
2a06:fc0::/29
2a06:5e80::/29
2a07:3f00::/29
2a07:e840::/29
2a09:4bc0::/29
2a09:ddc0::/29
2a11:4380::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8647
15596
Signature Algorithm: sha256WithRSAEncryption
07:c9:e2:d2:1f:c6:0f:50:9d:4b:25:20:45:b3:c0:40:d1:55:
e9:fc:ae:45:05:40:6b:a6:84:24:bc:cf:67:76:26:4e:b5:2c:
76:cc:5c:ce:30:ae:1e:56:be:92:20:04:db:3b:86:e2:f5:a9:
fc:89:ce:c0:00:af:e9:c5:8c:ea:8f:d1:9f:b1:f1:1e:16:8c:
c6:0e:d9:03:20:7f:49:46:92:dc:f7:00:ab:a8:4a:5d:47:18:
4c:51:94:83:93:f7:d6:49:85:f4:07:6f:64:f7:25:c2:9d:d8:
9b:64:57:37:b2:77:3b:d4:78:a7:51:0c:a2:03:ca:a7:a4:3e:
eb:5b:a9:60:f1:55:c2:af:ff:bf:bf:20:0f:cc:9a:93:4a:d2:
9f:34:bc:c9:bd:22:1a:b4:89:25:4d:21:5c:b1:4d:d8:06:36:
4b:c5:a6:74:4e:b7:df:d7:10:61:34:a2:dd:bf:0e:07:99:af:
9f:46:e2:fa:5d:e9:76:6d:9a:a4:ab:c2:e3:1c:b5:54:6e:a7:
12:a9:4b:37:d9:78:e3:ff:e6:ae:27:9c:1b:e8:78:6d:a6:8a:
54:b1:be:e1:a5:14:1d:7f:01:de:ce:84:f5:42:ef:02:af:3a:
2c:da:65:ae:2c:b7:f7:e1:cc:f0:ef:d7:f5:7c:e6:4b:cf:69:
15:80:9b:8f
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAZl2MOZPxKFyD1n+1ZycNeJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTIzMTA0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg0NjViMzdiMmQ0ZTlmNDEzYTMxZGM3YjdlNmNiYTJhMzNkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJCLdjVI8Z0QMrRdqkZnP5ce1MML
Bw1TXmvQ39BqlM04MglgSvZzMo2iy5f0tluprSULjIlYMCxh0HKbIY/II6Xc1/OU
Mz5N7XTRAutaAtx2bGSPTaJVI3qvYwkp0DJU7X7e2sH4LViG3vofmT3SRxuv6XR5
gP5fx50aCoBSNvrKgBoQt6QiweCUqmQEEHKY5Yb1RcOLUz7ZiQaFYl0cgXVZTkNn
eRVXlbVK0dyCSc2Ju2VQ7Q4LQsZ6Bb07daCG5quCLCBJLFSm8i+xFCbBK6SD1qio
2/HNRKkV/Wdy5ozoPl3fKQ7yV6L+3s25KnrwkjV9RT2/ZmhdIex49tC11QIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFAiEZbN7LU6fQTox3Ht+bLoqM9uWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzNlMmIx
OC01NWM5LTQxODAtOGM2ZS0yYzcwODZmZGVkOTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvM2UyYjE4
LTU1YzktNDE4MC04YzZlLTJjNzA4NmZkZWQ5My8xL0NJUmxzM3N0VHA5Qk9qSGNl
MzVzdWlvejI1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF
BQcBBwEB/wSBgTB/MEQEAgABMD4DBAAtlpUDBAA+AxoDBABb1a0DBAJn2KwDBAK8
QhgDBALBbDgwDAMEAcFsZgMEAcFsaAMEAMHydQMEANVtmjA3BAIAAjAxAwUDKgYP
wAMFAyoGXoADBQMqBz8AAwUDKgfoQAMFAyoJS8ADBQMqCd3AAwUDKhFDgDAdBggr
BgEFBQcBCAEB/wQOMAygCjAIAgIhxwICPOwwDQYJKoZIhvcNAQELBQADggEBAAfJ
4tIfxg9QnUslIEWzwEDRVen8rkUFQGumhCS8z2d2Jk61LHbMXM4wrh5WvpIgBNs7
huL1qfyJzsAAr+nFjOqP0Z+x8R4WjMYO2QMgf0lGktz3AKuoSl1HGExRlIOT99ZJ
hfQHb2T3JcKd2JtkVzeydzvUeKdRDKIDyqekPutbqWDxVcKv/7+/IA/MmpNK0p80
vMm9Ihq0iSVNIVyxTdgGNkvFpnROt9/XEGE0ot2/DgeZr59G4vpd6XZtmqSrwuMc
tVRupxKpSzfZeOP/5q4nnBvoeG2milSxvuGlFB1/Ad7OhPVC7wKvOizaZa4st/fh
zPDv1/V85kvPaRWAm48=
-----END CERTIFICATE-----
Generated at Sun Oct 19 12:44:10 2025 by rpki-client