Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EPm9HHFv0ulaydYQddcJYhroBgA.cer
File: EPm9HHFv0ulaydYQddcJYhroBgA.cer (raw, json)
Hash identifier: oto0UyfR79KW+6GQnbZBPaxS37yIHCRnhPiPnWsxYJI=
Subject key identifier: 10:F9:BD:1C:71:6F:D2:E9:5A:C9:D6:10:75:D7:09:62:1A:E8:06:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7758ADBBA9931F88EE03210FE221FA8A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0c/e7df1b-7abb-45fb-babe-d2af1cc3fa31/1/EPm9HHFv0ulaydYQddcJYhroBgA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0c/e7df1b-7abb-45fb-babe-d2af1cc3fa31/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 02:17:38 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 42621
IP: 77.105.64.0/18
IP: 185.138.48.0/22
IP: 2a03:9b00::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:ad:bb:a9:93:1f:88:ee:03:21:0f:e2:21:fa:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:17:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10f9bd1c716fd2e95ac9d61075d709621ae80600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:78:b9:e4:89:db:00:12:2e:dc:09:fd:26:80:
2a:46:35:9b:b5:7c:c9:d7:ea:7e:b0:c0:61:59:be:
a7:7b:ba:7e:b4:9b:45:3b:8d:c4:76:e9:6f:11:7f:
2d:3a:32:43:6a:f9:81:ce:d1:d4:f0:b1:3f:93:cc:
ba:63:8d:55:71:33:15:e6:d2:f8:14:22:65:95:e6:
38:a1:4d:81:34:2c:f5:3c:96:f3:c3:e6:fe:78:ae:
6b:e2:7d:9a:a4:79:38:93:94:4f:09:a6:14:57:6c:
df:13:0e:26:ea:bd:00:ff:d2:ef:9d:9c:5e:e4:bd:
a3:a6:49:65:a8:1b:de:a4:cd:44:62:f0:23:26:66:
ec:6c:4f:4f:22:bb:69:41:23:f5:b0:7b:2b:d9:30:
c8:58:84:69:40:30:0d:49:18:0c:7f:5f:0d:a8:b6:
d3:61:48:7f:a6:5b:d3:95:9f:e3:7f:48:39:f4:f4:
1e:fe:aa:ca:80:c8:55:d4:55:c3:d6:e0:3a:da:2a:
3e:98:2e:fa:d3:4c:a3:02:f3:be:bc:f3:05:bf:22:
80:71:8a:3c:07:05:67:00:f9:7e:2d:f6:05:27:af:
94:62:4d:13:d7:b3:ae:86:47:95:3e:07:b3:f6:f5:
f5:11:0d:c2:93:82:69:b4:f9:c1:cc:4f:a0:c3:c7:
97:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F9:BD:1C:71:6F:D2:E9:5A:C9:D6:10:75:D7:09:62:1A:E8:06:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e7df1b-7abb-45fb-babe-d2af1cc3fa31/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e7df1b-7abb-45fb-babe-d2af1cc3fa31/1/EPm9HHFv0ulaydYQddcJYhroBgA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.64.0/18
185.138.48.0/22
IPv6:
2a03:9b00::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42621
Signature Algorithm: sha256WithRSAEncryption
a3:c1:3a:b6:88:1c:f9:8d:fd:3d:32:26:38:fa:5f:e4:b6:91:
ce:23:be:06:e6:51:74:f5:c9:e5:58:14:dc:72:b1:73:f3:ec:
55:94:2d:e5:eb:7f:a3:93:99:e6:04:b8:1d:93:ca:38:1c:e6:
f7:c2:90:dc:cf:09:f5:1d:79:5a:f0:c3:00:86:a7:f0:f0:5e:
c4:f3:6e:f8:9b:5e:d3:f1:a6:ff:7e:20:bd:0b:e5:fb:88:ac:
6c:85:55:1d:be:6b:dd:8a:47:23:01:10:49:c4:eb:cc:4e:7a:
ae:cb:97:52:2d:95:3f:b5:92:b0:2a:e6:8b:64:83:85:4a:25:
2e:eb:c4:8f:f0:4c:4f:3a:4c:2e:71:13:43:02:07:bf:f8:7b:
e2:4d:4e:c5:da:be:a3:ff:0d:79:8a:08:ba:5c:91:45:42:96:
f3:74:e8:c0:a3:fc:a1:af:b2:bb:60:5b:8b:b3:19:38:b5:16:
3c:20:a5:9f:70:67:26:fc:6b:6f:4f:29:a9:33:31:d2:ed:d6:
41:49:64:27:3e:0b:b8:09:18:0f:3d:5c:ff:a3:70:00:31:cb:
c9:81:64:f4:93:8b:c6:e6:c1:f0:ac:e9:f8:f6:2a:85:7d:25:
74:7a:5e:89:8c:8d:8e:b9:1f:2e:b7:18:54:db:0b:48:52:65:
f3:fd:73:b1
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZt3WK27qZMfiO4DIQ/iIfqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGY5YmQxYzcxNmZkMmU5NWFjOWQ2MTA3NWQ3MDk2MjFhZTgwNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3i55InbABIu3An9JoAqRjWbtXzJ
1+p+sMBhWb6ne7p+tJtFO43EdulvEX8tOjJDavmBztHU8LE/k8y6Y41VcTMV5tL4
FCJlleY4oU2BNCz1PJbzw+b+eK5r4n2apHk4k5RPCaYUV2zfEw4m6r0A/9LvnZxe
5L2jpkllqBvepM1EYvAjJmbsbE9PIrtpQSP1sHsr2TDIWIRpQDANSRgMf18NqLbT
YUh/plvTlZ/jf0g59PQe/qrKgMhV1FXD1uA62io+mC7600yjAvO+vPMFvyKAcYo8
BwVnAPl+LfYFJ6+UYk0T17OuhkeVPgez9vX1EQ3Ck4JptPnBzE+gw8eXBQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFBD5vRxxb9LpWsnWEHXXCWIa6AYAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBjL2U3ZGYx
Yi03YWJiLTQ1ZmItYmFiZS1kMmFmMWNjM2ZhMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvZTdkZjFi
LTdhYmItNDVmYi1iYWJlLWQyYWYxY2MzZmEzMS8xL0VQbTlISEZ2MHVsYXlkWVFk
ZGNKWWhyb0JnQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQGTWlAAwQCuYowMA0EAgACMAcDBQAqA5sAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCmfTANBgkqhkiG9w0BAQsFAAOCAQEAo8E6
togc+Y39PTImOPpf5LaRziO+BuZRdPXJ5VgU3HKxc/PsVZQt5et/o5OZ5gS4HZPK
OBzm98KQ3M8J9R15WvDDAIan8PBexPNu+Jte0/Gm/34gvQvl+4isbIVVHb5r3YpH
IwEQScTrzE56rsuXUi2VP7WSsCrmi2SDhUolLuvEj/BMTzpMLnETQwIHv/h74k1O
xdq+o/8NeYoIulyRRUKW83TowKP8oa+yu2Bbi7MZOLUWPCCln3BnJvxrb08pqTMx
0u3WQUlkJz4LuAkYDz1c/6NwADHLyYFk9JOLxubB8Kzp+PYqhX0ldHpeiYyNjrkf
LrcYVNsLSFJl8/1zsQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:59:46 2026 by rpki-client