Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
File: CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer (raw, json)
Hash identifier: nzYfbKY+AnWd4217ylxTv+AbY333B0WUfrOd2x34rKk=
Subject key identifier: 08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7E38FD1AF34F06A33AD25BD941260D43
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 10:20:22 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 56766
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:fd:1a:f3:4f:06:a3:3a:d2:5b:d9:41:26:0d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:20:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:01:4d:4a:df:cf:4f:bb:0f:78:19:ff:3c:e2:
9b:a8:02:b3:b2:42:5b:41:4d:a8:a1:7a:87:e0:87:
95:14:65:77:f0:c3:12:ca:85:f7:6a:c1:65:22:36:
77:e3:94:5a:24:51:69:17:67:3d:d0:1c:bd:6a:ff:
12:65:e4:c5:ee:ba:99:bd:be:ac:3f:7c:8b:8b:3a:
9b:13:bd:93:ad:6f:1c:2a:da:30:33:36:33:45:87:
d8:4b:6a:07:f6:90:d6:72:88:2a:6a:27:8a:9c:41:
73:16:cd:c7:24:43:3d:e7:7c:30:83:bd:8d:d7:0c:
3e:1a:5a:d7:9e:d1:71:0e:5b:73:32:68:38:2e:cd:
70:6b:b3:87:72:33:5f:0c:5d:67:73:75:f9:15:39:
9b:46:f7:73:b9:71:13:2e:d1:63:3b:92:5c:9d:e2:
62:f6:29:7f:84:75:7c:34:a8:e4:9d:27:a9:31:a2:
16:52:0d:43:22:64:8d:83:e7:00:16:30:fb:4f:9a:
cb:a6:4c:31:2d:ed:5c:c2:d8:9b:27:5a:f8:3a:c6:
08:bc:77:ff:37:a5:1f:59:db:29:2e:a6:3f:ca:0e:
76:4a:32:2b:d5:f7:07:91:27:49:fe:d3:35:00:a5:
f4:ab:d5:77:0d:6f:86:0f:f7:4b:dc:81:e2:44:7e:
6c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56766
Signature Algorithm: sha256WithRSAEncryption
46:d3:ac:d6:0a:7e:0c:3a:73:b6:c1:52:58:42:aa:f0:36:55:
42:50:a2:af:a6:c1:52:2d:6e:80:e7:65:aa:c9:7d:75:35:86:
c3:a1:90:08:38:c8:21:9d:18:84:0d:f1:bd:55:74:46:00:c0:
f2:47:30:b3:88:21:21:96:59:ef:bc:02:af:6a:aa:8d:0d:98:
da:30:50:ba:75:b2:3d:6b:e1:7b:60:72:b5:76:cf:cf:b8:c1:
4d:1d:a9:f9:99:85:31:c9:c4:71:de:53:dc:00:6b:38:c2:44:
27:55:34:99:c9:dc:7a:53:ab:69:1a:49:f3:8a:4d:45:f2:41:
3f:48:59:c4:f6:7e:6e:fc:4b:82:55:a1:34:c4:a3:49:8c:a9:
42:0a:e3:8c:62:33:33:d1:54:e4:6c:07:db:45:2f:99:bc:49:
d2:61:2d:10:3c:7e:5b:9f:18:14:b3:a9:a8:ab:89:4f:31:9c:
de:67:34:87:89:91:1b:c3:32:0e:29:ad:b0:3e:7d:f6:c3:f6:
13:a9:76:ac:35:db:8f:e0:1c:33:60:52:bf:03:fa:54:a4:6c:
56:95:92:ca:79:81:e6:b3:1b:b2:03:13:98:54:5a:5b:fb:27:
ea:a0:06:a0:3c:81:4a:42:89:2f:e0:45:9c:3c:37:22:07:b1:
2b:0d:0b:ff
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt+OP0a808GozrSW9lBJg1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTAyMDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQyN2ZkYzkwZjgwZjgwOTcyYzEyNWJkNDFlZGIwYWU4MzM0YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gFNSt/PT7sPeBn/POKbqAKzskJb
QU2ooXqH4IeVFGV38MMSyoX3asFlIjZ345RaJFFpF2c90By9av8SZeTF7rqZvb6s
P3yLizqbE72TrW8cKtowMzYzRYfYS2oH9pDWcogqaieKnEFzFs3HJEM953wwg72N
1ww+GlrXntFxDltzMmg4Ls1wa7OHcjNfDF1nc3X5FTmbRvdzuXETLtFjO5JcneJi
9il/hHV8NKjknSepMaIWUg1DImSNg+cAFjD7T5rLpkwxLe1cwtibJ1r4OsYIvHf/
N6UfWdspLqY/yg52SjIr1fcHkSdJ/tM1AKX0q9V3DW+GD/dL3IHiRH5slQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAjSf9yQ+A+AlywSW9Qe2wroM0qgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzY2MmRi
ZS01OTM3LTQ2ZmEtOGQ5Ni05MTA1NDExNTVmZWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvNjYyZGJl
LTU5MzctNDZmYS04ZDk2LTkxMDU0MTE1NWZlZi8xL0NOSl8zSkQ0RDRDWExCSmIx
QjdiQ3VnelNxQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDdvjANBgkqhkiG9w0BAQsFAAOCAQEARtOs1gp+DDpz
tsFSWEKq8DZVQlCir6bBUi1ugOdlqsl9dTWGw6GQCDjIIZ0YhA3xvVV0RgDA8kcw
s4ghIZZZ77wCr2qqjQ2Y2jBQunWyPWvhe2BytXbPz7jBTR2p+ZmFMcnEcd5T3ABr
OMJEJ1U0mcncelOraRpJ84pNRfJBP0hZxPZ+bvxLglWhNMSjSYypQgrjjGIzM9FU
5GwH20UvmbxJ0mEtEDx+W58YFLOpqKuJTzGc3mc0h4mRG8MyDimtsD599sP2E6l2
rDXbj+AcM2BSvwP6VKRsVpWSynmB5rMbsgMTmFRaW/sn6qAGoDyBSkKJL+BFnDw3
IgexKw0L/w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:49:26 2026 by rpki-client