Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
File: DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer (raw, json)
Hash identifier: w9z3W2KGIJbnSTh95XAVfxCXXJvdHTAkCR/vGET+rb4=
Subject key identifier: 0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0199C8F8BAA4EC6D28BBC5386B1958CD3790
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 09 Oct 2025 12:36:07 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8680
IP: 37.72.152.0/21
IP: 46.102.107.0/24
IP: 62.68.160.0/19
IP: 77.81.75.0/24
IP: 78.111.192.0/20
IP: 84.247.1.0/24
IP: 85.204.71.0/24
IP: 85.204.135.0/24
IP: 85.204.144.0/24
IP: 85.204.192.0/24
IP: 86.104.12.0/24
IP: 86.104.64.0/24
IP: 86.105.10.0/23
IP: 88.81.128.0/19
IP: 89.32.207.0/24
IP: 89.33.15.0/24
IP: 89.35.82.0/23
IP: 89.37.59.0/24
IP: 89.40.64.0/24
IP: 89.42.115.0/24
IP: 89.42.174.0/23
IP: 89.42.179.0/24
IP: 89.43.49.0/24
IP: 89.43.172.0/23
IP: 89.44.107.0/24
IP: 89.47.248.0/24
IP: 89.47.253.0/24
IP: 91.190.160.0/21
IP: 92.114.55.0/24
IP: 93.114.188.0/23
IP: 93.187.144.0/21
IP: 146.247.48.0/20
IP: 185.3.100.0/22
IP: 188.214.59.0/24
IP: 188.241.17.0/24
IP: 212.30.0.0/19
IP: 217.19.128.0/20
IP: 2a02:7380::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:f8:ba:a4:ec:6d:28:bb:c5:38:6b:19:58:cd:37:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 9 12:36:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:29:ef:a7:33:ce:fa:14:19:6d:93:ad:17:28:
ec:26:d7:8b:b3:7d:97:eb:2a:a5:c6:e7:b8:10:72:
fa:05:49:5e:1f:4e:39:fc:57:ff:97:05:27:92:32:
8c:5f:0a:32:4f:02:12:4b:5b:ed:b5:a1:83:18:76:
d6:2f:70:5a:ec:5f:db:72:17:f2:66:2f:81:cc:4e:
94:cd:13:05:f0:cc:8d:fe:ce:f0:02:e2:a7:2b:41:
43:a1:34:bc:65:7e:2a:61:a7:88:18:01:56:a6:b4:
66:d8:e7:fa:08:41:14:da:ed:fa:89:3b:30:a3:38:
ab:ee:3b:78:9e:66:cf:32:f4:26:d7:12:df:39:18:
ff:69:af:64:dc:34:d3:d7:f4:3e:77:0e:ac:7c:7f:
4f:19:f6:1d:e8:df:26:a7:2c:75:a9:49:06:f4:37:
2c:b3:63:d2:38:cb:29:2b:dc:0e:13:66:c0:98:6b:
8e:fe:7f:d4:f9:48:46:18:1a:71:2c:13:aa:77:55:
fd:6d:91:ed:e6:fd:a9:73:6c:ae:02:36:22:7d:71:
53:ae:1b:8f:e9:c1:a9:16:e3:4e:f3:9b:fd:98:07:
30:ed:69:02:05:cf:b7:24:94:77:48:63:fe:8f:e0:
6c:fe:8e:61:2e:90:f3:5d:c0:98:81:5e:10:58:7f:
82:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.152.0/21
46.102.107.0/24
62.68.160.0/19
77.81.75.0/24
78.111.192.0/20
84.247.1.0/24
85.204.71.0/24
85.204.135.0/24
85.204.144.0/24
85.204.192.0/24
86.104.12.0/24
86.104.64.0/24
86.105.10.0/23
88.81.128.0/19
89.32.207.0/24
89.33.15.0/24
89.35.82.0/23
89.37.59.0/24
89.40.64.0/24
89.42.115.0/24
89.42.174.0/23
89.42.179.0/24
89.43.49.0/24
89.43.172.0/23
89.44.107.0/24
89.47.248.0/24
89.47.253.0/24
91.190.160.0/21
92.114.55.0/24
93.114.188.0/23
93.187.144.0/21
146.247.48.0/20
185.3.100.0/22
188.214.59.0/24
188.241.17.0/24
212.30.0.0/19
217.19.128.0/20
IPv6:
2a02:7380::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8680
Signature Algorithm: sha256WithRSAEncryption
15:d6:03:2d:2b:b9:27:0f:fb:ce:43:fd:a1:55:13:f7:4f:10:
47:14:38:df:54:a2:ac:83:95:45:d0:fc:8b:3e:b9:f8:75:4a:
64:a9:ca:84:9c:87:3c:62:df:e6:7b:0a:2c:b9:d2:2f:9a:18:
7c:5a:aa:f3:fc:fb:92:85:d1:74:37:dd:61:83:2e:64:45:cf:
b3:0d:99:a2:f8:43:e8:a8:0e:e7:38:20:81:4f:51:b9:09:80:
56:9c:f4:1c:bc:96:cd:fe:03:76:27:c0:30:11:f4:97:f6:75:
cd:02:cc:cf:a3:5e:1a:08:f6:42:bb:b3:ec:d8:da:04:1f:1d:
2c:ba:d3:93:a5:56:17:2d:b5:42:8d:83:d0:5f:2b:7c:16:02:
de:85:82:f8:9a:74:26:4c:e3:85:27:df:1b:d0:c6:9c:96:64:
99:98:c0:42:a7:60:48:01:6c:70:b1:6c:f1:e5:86:f5:3f:b4:
48:89:a6:36:c2:67:e2:bf:2e:34:44:18:2e:ff:8b:83:0a:c4:
a4:95:b6:6a:72:24:c6:b3:1e:04:fb:9b:1f:c1:53:fc:3b:67:
97:10:1c:b6:99:a8:ef:67:8b:3c:94:29:08:34:1f:b1:49:e0:
39:8b:c8:7d:0a:d2:bd:e4:33:41:26:f5:c2:56:3c:a2:dc:5c:
03:25:92:09
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgISAZnI+Lqk7G0ou8U4axlYzTeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMDA5MTIzNjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzI2MjViZGZmYTk0MzdkYzJiOTZkOGFlMDIzMTAwYmM4OGU2ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCnvpzPO+hQZbZOtFyjsJteLs32X
6yqlxue4EHL6BUleH045/Ff/lwUnkjKMXwoyTwISS1vttaGDGHbWL3Ba7F/bchfy
Zi+BzE6UzRMF8MyN/s7wAuKnK0FDoTS8ZX4qYaeIGAFWprRm2Of6CEEU2u36iTsw
ozir7jt4nmbPMvQm1xLfORj/aa9k3DTT1/Q+dw6sfH9PGfYd6N8mpyx1qUkG9Dcs
s2PSOMspK9wOE2bAmGuO/n/U+UhGGBpxLBOqd1X9bZHt5v2pc2yuAjYifXFTrhuP
6cGpFuNO85v9mAcw7WkCBc+3JJR3SGP+j+Bs/o5hLpDzXcCYgV4QWH+CAwIDAQAB
o4IDjDCCA4gwHQYDVR0OBBYEFAwmJb3/qUN9wrltiuAjEAvIjm/jMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzljNzhi
OS1kYTM5LTQ1MGYtYmI5Ni0wNzgwNGFmZjQ5MGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvOWM3OGI5
LWRhMzktNDUwZi1iYjk2LTA3ODA0YWZmNDkwZi8xL0RDWWx2Zi1wUTMzQ3VXMks0
Q01RQzhpT2ItTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBCgYIKwYB
BQUHAQcBAf8EgfowgfcwgeUEAgABMIHeAwQDJUiYAwQALmZrAwQFPkSgAwQATVFL
AwQETm/AAwQAVPcBAwQAVcxHAwQAVcyHAwQAVcyQAwQAVczAAwQAVmgMAwQAVmhA
AwQBVmkKAwQFWFGAAwQAWSDPAwQAWSEPAwQBWSNSAwQAWSU7AwQAWShAAwQAWSpz
AwQBWSquAwQAWSqzAwQAWSsxAwQBWSusAwQAWSxrAwQAWS/4AwQAWS/9AwQDW76g
AwQAXHI3AwQBXXK8AwQDXbuQAwQEkvcwAwQCuQNkAwQAvNY7AwQAvPERAwQF1B4A
AwQE2ROAMA0EAgACMAcDBQAqAnOAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAiHo
MA0GCSqGSIb3DQEBCwUAA4IBAQAV1gMtK7knD/vOQ/2hVRP3TxBHFDjfVKKsg5VF
0PyLPrn4dUpkqcqEnIc8Yt/mewosudIvmhh8Wqrz/PuShdF0N91hgy5kRc+zDZmi
+EPoqA7nOCCBT1G5CYBWnPQcvJbN/gN2J8AwEfSX9nXNAszPo14aCPZCu7Ps2NoE
Hx0sutOTpVYXLbVCjYPQXyt8FgLehYL4mnQmTOOFJ98b0MaclmSZmMBCp2BIAWxw
sWzx5Yb1P7RIiaY2wmfivy40RBgu/4uDCsSklbZqciTGsx4E+5sfwVP8O2eXEBy2
majvZ4s8lCkINB+xSeA5i8h9CtK95DNBJvXCVjyi3FwDJZIJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 12:58:00 2025 by rpki-client