Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
File:                     CIRls3stTp9BOjHce35suioz25Y.cer (raw, json)
Hash identifier:          BZS48aujbI/3zMVJ24Eu1dm10QbzDZxJAq46eV2CWsg=
Subject key identifier:   08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01997630E64FC4A1720F59FED59C9C35E268
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 23 Sep 2025 10:49:00 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 8647
                          AS: 15596
                          IP: 45.150.149.0/24
                          IP: 62.3.26.0/24
                          IP: 91.213.173.0/24
                          IP: 103.216.172.0/22
                          IP: 188.66.24.0/22
                          IP: 193.108.56.0/22
                          IP: 193.108.102.0 -- 193.108.105.255
                          IP: 193.242.117.0/24
                          IP: 213.109.154.0/24
                          IP: 2a06:fc0::/29
                          IP: 2a06:5e80::/29
                          IP: 2a07:3f00::/29
                          IP: 2a07:e840::/29
                          IP: 2a09:4bc0::/29
                          IP: 2a09:ddc0::/29
                          IP: 2a11:4380::/29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:76:30:e6:4f:c4:a1:72:0f:59:fe:d5:9c:9c:35:e2:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Sep 23 10:49:00 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:90:8b:76:35:48:f1:9d:10:32:b4:5d:aa:46:
                    67:3f:97:1e:d4:c3:0b:07:0d:53:5e:6b:d0:df:d0:
                    6a:94:cd:38:32:09:60:4a:f6:73:32:8d:a2:cb:97:
                    f4:b6:5b:a9:ad:25:0b:8c:89:58:30:2c:61:d0:72:
                    9b:21:8f:c8:23:a5:dc:d7:f3:94:33:3e:4d:ed:74:
                    d1:02:eb:5a:02:dc:76:6c:64:8f:4d:a2:55:23:7a:
                    af:63:09:29:d0:32:54:ed:7e:de:da:c1:f8:2d:58:
                    86:de:fa:1f:99:3d:d2:47:1b:af:e9:74:79:80:fe:
                    5f:c7:9d:1a:0a:80:52:36:fa:ca:80:1a:10:b7:a4:
                    22:c1:e0:94:aa:64:04:10:72:98:e5:86:f5:45:c3:
                    8b:53:3e:d9:89:06:85:62:5d:1c:81:75:59:4e:43:
                    67:79:15:57:95:b5:4a:d1:dc:82:49:cd:89:bb:65:
                    50:ed:0e:0b:42:c6:7a:05:bd:3b:75:a0:86:e6:ab:
                    82:2c:20:49:2c:54:a6:f2:2f:b1:14:26:c1:2b:a4:
                    83:d6:a8:a8:db:f1:cd:44:a9:15:fd:67:72:e6:8c:
                    e8:3e:5d:df:29:0e:f2:57:a2:fe:de:cd:b9:2a:7a:
                    f0:92:35:7d:45:3d:bf:66:68:5d:21:ec:78:f6:d0:
                    b5:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.149.0/24
                  62.3.26.0/24
                  91.213.173.0/24
                  103.216.172.0/22
                  188.66.24.0/22
                  193.108.56.0/22
                  193.108.102.0-193.108.105.255
                  193.242.117.0/24
                  213.109.154.0/24
                IPv6:
                  2a06:fc0::/29
                  2a06:5e80::/29
                  2a07:3f00::/29
                  2a07:e840::/29
                  2a09:4bc0::/29
                  2a09:ddc0::/29
                  2a11:4380::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  8647
                  15596

    Signature Algorithm: sha256WithRSAEncryption
         07:c9:e2:d2:1f:c6:0f:50:9d:4b:25:20:45:b3:c0:40:d1:55:
         e9:fc:ae:45:05:40:6b:a6:84:24:bc:cf:67:76:26:4e:b5:2c:
         76:cc:5c:ce:30:ae:1e:56:be:92:20:04:db:3b:86:e2:f5:a9:
         fc:89:ce:c0:00:af:e9:c5:8c:ea:8f:d1:9f:b1:f1:1e:16:8c:
         c6:0e:d9:03:20:7f:49:46:92:dc:f7:00:ab:a8:4a:5d:47:18:
         4c:51:94:83:93:f7:d6:49:85:f4:07:6f:64:f7:25:c2:9d:d8:
         9b:64:57:37:b2:77:3b:d4:78:a7:51:0c:a2:03:ca:a7:a4:3e:
         eb:5b:a9:60:f1:55:c2:af:ff:bf:bf:20:0f:cc:9a:93:4a:d2:
         9f:34:bc:c9:bd:22:1a:b4:89:25:4d:21:5c:b1:4d:d8:06:36:
         4b:c5:a6:74:4e:b7:df:d7:10:61:34:a2:dd:bf:0e:07:99:af:
         9f:46:e2:fa:5d:e9:76:6d:9a:a4:ab:c2:e3:1c:b5:54:6e:a7:
         12:a9:4b:37:d9:78:e3:ff:e6:ae:27:9c:1b:e8:78:6d:a6:8a:
         54:b1:be:e1:a5:14:1d:7f:01:de:ce:84:f5:42:ef:02:af:3a:
         2c:da:65:ae:2c:b7:f7:e1:cc:f0:ef:d7:f5:7c:e6:4b:cf:69:
         15:80:9b:8f
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAZl2MOZPxKFyD1n+1ZycNeJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTIzMTA0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg0NjViMzdiMmQ0ZTlmNDEzYTMxZGM3YjdlNmNiYTJhMzNkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJCLdjVI8Z0QMrRdqkZnP5ce1MML
Bw1TXmvQ39BqlM04MglgSvZzMo2iy5f0tluprSULjIlYMCxh0HKbIY/II6Xc1/OU
Mz5N7XTRAutaAtx2bGSPTaJVI3qvYwkp0DJU7X7e2sH4LViG3vofmT3SRxuv6XR5
gP5fx50aCoBSNvrKgBoQt6QiweCUqmQEEHKY5Yb1RcOLUz7ZiQaFYl0cgXVZTkNn
eRVXlbVK0dyCSc2Ju2VQ7Q4LQsZ6Bb07daCG5quCLCBJLFSm8i+xFCbBK6SD1qio
2/HNRKkV/Wdy5ozoPl3fKQ7yV6L+3s25KnrwkjV9RT2/ZmhdIex49tC11QIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFAiEZbN7LU6fQTox3Ht+bLoqM9uWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzNlMmIx
OC01NWM5LTQxODAtOGM2ZS0yYzcwODZmZGVkOTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvM2UyYjE4
LTU1YzktNDE4MC04YzZlLTJjNzA4NmZkZWQ5My8xL0NJUmxzM3N0VHA5Qk9qSGNl
MzVzdWlvejI1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF
BQcBBwEB/wSBgTB/MEQEAgABMD4DBAAtlpUDBAA+AxoDBABb1a0DBAJn2KwDBAK8
QhgDBALBbDgwDAMEAcFsZgMEAcFsaAMEAMHydQMEANVtmjA3BAIAAjAxAwUDKgYP
wAMFAyoGXoADBQMqBz8AAwUDKgfoQAMFAyoJS8ADBQMqCd3AAwUDKhFDgDAdBggr
BgEFBQcBCAEB/wQOMAygCjAIAgIhxwICPOwwDQYJKoZIhvcNAQELBQADggEBAAfJ
4tIfxg9QnUslIEWzwEDRVen8rkUFQGumhCS8z2d2Jk61LHbMXM4wrh5WvpIgBNs7
huL1qfyJzsAAr+nFjOqP0Z+x8R4WjMYO2QMgf0lGktz3AKuoSl1HGExRlIOT99ZJ
hfQHb2T3JcKd2JtkVzeydzvUeKdRDKIDyqekPutbqWDxVcKv/7+/IA/MmpNK0p80
vMm9Ihq0iSVNIVyxTdgGNkvFpnROt9/XEGE0ot2/DgeZr59G4vpd6XZtmqSrwuMc
tVRupxKpSzfZeOP/5q4nnBvoeG2milSxvuGlFB1/Ad7OhPVC7wKvOizaZa4st/fh
zPDv1/V85kvPaRWAm48=
-----END CERTIFICATE-----
Generated at Sun Oct 19 12:44:10 2025 by rpki-client