Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CzAFeBftL9lZWEYyD9uBTJ_EShM.cer
File: CzAFeBftL9lZWEYyD9uBTJ_EShM.cer (raw, json)
Hash identifier: O2ObwNTLx/bZimgHmonoyKj6PCg4/VSuoA+w6z/zTjg=
Subject key identifier: 0B:30:05:78:17:ED:2F:D9:59:58:46:32:0F:DB:81:4C:9F:C4:4A:13
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0199330487E22E520C376C678F0D84B9E3A3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 10 Sep 2025 09:45:58 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 205183
IP: 130.43.168.0/24
IP: 2a0c:d780::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:04:87:e2:2e:52:0c:37:6c:67:8f:0d:84:b9:e3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 10 09:45:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b30057817ed2fd9595846320fdb814c9fc44a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:60:83:3f:23:dd:ea:bb:c3:92:a6:d5:e1:31:
43:55:f0:37:d7:89:00:05:0d:40:2d:0c:1b:fc:01:
78:8a:d3:9d:8d:e0:32:76:88:ca:a5:0a:c3:22:f5:
16:a2:60:04:cc:ea:bf:40:6c:e2:03:fc:ae:56:a6:
7c:d4:5f:1d:20:20:1e:f4:77:08:11:71:30:9d:a9:
76:97:54:15:41:5f:86:e1:63:be:db:e4:dd:31:ab:
20:90:de:f1:4f:9c:32:70:2d:2c:7c:e9:37:e9:52:
72:ec:41:9a:02:f1:06:16:51:c5:e0:83:5d:c3:a0:
c6:99:ed:a6:99:d1:6e:a8:57:28:30:57:7c:bc:15:
72:d1:cb:64:e8:66:3c:d6:25:3d:37:20:2a:11:bc:
fc:b4:5d:a0:c8:27:79:2c:a2:8f:e9:b5:01:98:f1:
0c:a9:32:09:34:7a:e7:06:69:6e:e2:40:84:c6:ef:
32:e6:53:19:f4:b0:ea:41:df:fb:a9:a6:15:00:b9:
94:8b:00:36:87:a9:df:85:4a:1d:af:2f:96:1d:b0:
b8:77:38:b0:c9:87:d6:e8:78:47:9b:08:59:b9:6b:
f7:c6:d1:9d:6b:48:6c:6f:8f:7e:d3:ca:db:47:38:
c8:5a:b2:53:f6:b1:86:91:4c:30:ea:b5:41:b0:79:
67:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:30:05:78:17:ED:2F:D9:59:58:46:32:0F:DB:81:4C:9F:C4:4A:13
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.43.168.0/24
IPv6:
2a0c:d780::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205183
Signature Algorithm: sha256WithRSAEncryption
02:32:72:9d:05:98:9a:4d:03:2f:d8:65:95:81:9b:6a:10:06:
11:d7:a4:a8:49:3a:5f:36:a6:a6:60:ef:32:24:59:ce:4d:3e:
d3:eb:5a:0e:e9:22:7e:54:fd:03:9a:66:9a:ad:3f:75:49:73:
f5:8c:c1:bc:a6:f0:c3:6a:55:39:c0:52:55:f2:62:d2:83:84:
90:88:2e:4e:86:10:36:94:a7:3b:ed:6b:5e:94:08:f6:2b:96:
23:2a:ad:33:34:0b:a3:61:8d:e1:23:5e:2c:7e:d8:a0:43:49:
14:65:24:19:ff:95:ba:dc:e7:23:a8:94:e6:06:79:97:bb:86:
c5:1d:e5:f5:44:89:14:3a:f0:c8:42:53:63:56:f8:fe:9f:d3:
de:98:6b:83:6b:ac:3b:3d:43:01:16:c3:0c:8f:a2:99:01:9c:
27:6c:9a:d5:a0:1f:c2:cc:05:19:a1:87:c2:fb:9c:87:bc:3c:
1f:80:9b:25:da:b0:2f:ba:32:20:6f:c2:a1:a5:15:9e:9e:a3:
02:9c:c8:67:aa:f6:cb:9b:fc:02:a1:65:ff:b3:81:52:a0:52:
c9:64:6f:81:db:a9:41:16:58:a0:af:13:e4:06:3c:1a:9e:4e:
0a:27:cd:b0:3a:c2:10:2a:4a:48:97:dc:8a:27:73:88:4b:93:
ad:67:c2:40
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZkzBIfiLlIMN2xnjw2EueOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTEwMDk0NTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjMwMDU3ODE3ZWQyZmQ5NTk1ODQ2MzIwZmRiODE0YzlmYzQ0YTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGCDPyPd6rvDkqbV4TFDVfA314kA
BQ1ALQwb/AF4itOdjeAydojKpQrDIvUWomAEzOq/QGziA/yuVqZ81F8dICAe9HcI
EXEwnal2l1QVQV+G4WO+2+TdMasgkN7xT5wycC0sfOk36VJy7EGaAvEGFlHF4INd
w6DGme2mmdFuqFcoMFd8vBVy0ctk6GY81iU9NyAqEbz8tF2gyCd5LKKP6bUBmPEM
qTIJNHrnBmlu4kCExu8y5lMZ9LDqQd/7qaYVALmUiwA2h6nfhUodry+WHbC4dziw
yYfW6HhHmwhZuWv3xtGda0hsb49+08rbRzjIWrJT9rGGkUww6rVBsHlnpwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAswBXgX7S/ZWVhGMg/bgUyfxEoTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlLzBmMDg3
Yi03MjUzLTQ2MWUtOTAyMS05YTkxMjE5ZjA2ZTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMGYwODdi
LTcyNTMtNDYxZS05MDIxLTlhOTEyMTlmMDZlMS8xL0N6QUZlQmZ0TDlsWldFWXlE
OXVCVEpfRVNoTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAgiuoMA0EAgACMAcDBQMqDNeAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMhfzANBgkqhkiG9w0BAQsFAAOCAQEAAjJynQWYmk0D
L9hllYGbahAGEdekqEk6XzampmDvMiRZzk0+0+taDukiflT9A5pmmq0/dUlz9YzB
vKbww2pVOcBSVfJi0oOEkIguToYQNpSnO+1rXpQI9iuWIyqtMzQLo2GN4SNeLH7Y
oENJFGUkGf+VutznI6iU5gZ5l7uGxR3l9USJFDrwyEJTY1b4/p/T3phrg2usOz1D
ARbDDI+imQGcJ2ya1aAfwswFGaGHwvuch7w8H4CbJdqwL7oyIG/CoaUVnp6jApzI
Z6r2y5v8AqFl/7OBUqBSyWRvgdupQRZYoK8T5AY8Gp5OCifNsDrCECpKSJfciidz
iEuTrWfCQA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:29:04 2025 by rpki-client