Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
File: FjB9KfVUPyHqMAm5Uj_nG48Taco.cer (raw, json)
Hash identifier: ExBuVFLXSNJjl98HS98v3y1siEJiL2ylADPVmWT1khg=
Subject key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D06088E5F4A10342BCE80C6E0852D6F85
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 19 Mar 2026 12:18:37 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 5089
AS: 5462
AS: 13076
AS: 42987
AS: 43629
AS: 50534
AS: 62016
IP: 62.3.192.0/18
IP: 62.30.0.0/15
IP: 62.252.0.0/14
IP: 77.96.0.0/13
IP: 80.0.0.0/13
IP: 80.192.0.0/14
IP: 80.235.128.0/17
IP: 80.255.192.0/19
IP: 81.6.192.0/18
IP: 81.96.0.0/12
IP: 81.170.0.0/17
IP: 82.0.0.0 -- 82.20.255.255
IP: 82.28.0.0/16
IP: 82.30.0.0 -- 82.37.255.255
IP: 82.42.0.0 -- 82.45.255.255
IP: 82.133.0.0/17
IP: 84.19.104.0 -- 84.19.127.255
IP: 86.0.0.0/11
IP: 91.146.112.0/21
IP: 92.10.0.0 -- 92.15.255.255
IP: 92.232.0.0 -- 92.234.255.255
IP: 92.236.0.0/14
IP: 94.173.0.0 -- 94.175.255.255
IP: 185.112.212.0/22
IP: 185.173.116.0/22
IP: 185.228.252.0/22
IP: 193.38.64.0/18
IP: 193.39.32.0 -- 193.39.65.255
IP: 193.193.96.0/19
IP: 194.117.128.0/19
IP: 194.145.148.0/23
IP: 194.168.0.0/16
IP: 195.182.160.0/19
IP: 195.188.0.0/16
IP: 212.24.64.0/19
IP: 212.43.160.0/19
IP: 212.250.0.0/16
IP: 213.48.0.0/16
IP: 213.81.0.0/17
IP: 213.104.0.0/14
IP: 213.147.224.0/19
IP: 213.148.32.0/19
IP: 213.208.64.0/18
IP: 217.8.0.0/19
IP: 217.68.128.0/20
IP: 217.137.0.0/16
IP: 2a02:8800::/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:08:8e:5f:4a:10:34:2b:ce:80:c6:e0:85:2d:6f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 19 12:18:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7c:de:15:df:0f:da:bf:75:92:eb:58:79:d8:
d7:57:da:73:8b:ff:e5:4e:52:ce:63:04:49:b1:6e:
42:ef:04:27:23:86:a8:f0:8c:92:b6:ef:ad:3d:67:
13:13:66:a8:5a:7d:3a:15:3a:17:03:c6:88:a7:09:
76:88:4e:19:8b:c1:9f:9d:c4:11:22:7a:ba:00:29:
1f:6d:26:6f:84:72:16:15:68:a4:24:84:5b:04:18:
f7:99:6c:56:bd:eb:a4:e8:3c:05:3a:71:23:a6:b3:
84:01:d7:de:8a:22:2b:71:03:37:d7:df:78:3f:4a:
c3:b0:48:6f:cd:34:f8:41:71:ca:1b:58:87:c7:36:
8f:f9:64:d4:93:1b:1e:b1:bc:1a:31:31:53:40:6d:
0d:5e:61:19:a2:fd:1b:6e:dd:5f:0f:8f:e0:ee:b0:
84:a8:40:35:25:54:74:af:fc:54:5c:4a:3b:5b:8e:
04:76:31:11:6c:41:b3:cd:b0:40:44:40:cb:b7:49:
32:f7:f8:82:35:7a:eb:5e:71:cb:79:c0:11:8f:07:
26:5a:6c:c8:71:dc:b6:40:46:d1:39:56:35:a1:cc:
03:5c:61:0f:04:bb:4a:d2:ee:e7:a4:7e:98:96:4c:
a9:c0:cd:4c:1e:53:d6:83:07:68:a6:c9:24:87:d6:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
62.30.0.0/15
62.252.0.0/14
77.96.0.0/13
80.0.0.0/13
80.192.0.0/14
80.235.128.0/17
80.255.192.0/19
81.6.192.0/18
81.96.0.0/12
81.170.0.0/17
82.0.0.0-82.20.255.255
82.28.0.0/16
82.30.0.0-82.37.255.255
82.42.0.0-82.45.255.255
82.133.0.0/17
84.19.104.0-84.19.127.255
86.0.0.0/11
91.146.112.0/21
92.10.0.0-92.15.255.255
92.232.0.0-92.234.255.255
92.236.0.0/14
94.173.0.0-94.175.255.255
185.112.212.0/22
185.173.116.0/22
185.228.252.0/22
193.38.64.0/18
193.39.32.0-193.39.65.255
193.193.96.0/19
194.117.128.0/19
194.145.148.0/23
194.168.0.0/16
195.182.160.0/19
195.188.0.0/16
212.24.64.0/19
212.43.160.0/19
212.250.0.0/16
213.48.0.0/16
213.81.0.0/17
213.104.0.0/14
213.147.224.0/19
213.148.32.0/19
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
217.137.0.0/16
IPv6:
2a02:8800::/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5089
5462
13076
42987
43629
50534
62016
Signature Algorithm: sha256WithRSAEncryption
87:78:b1:c0:5a:1e:95:40:1c:8e:24:c0:65:85:fb:da:03:b4:
e6:33:b5:ad:19:54:fc:63:0f:94:61:68:01:fa:0e:e4:fb:1a:
84:7d:54:6d:9d:67:97:af:a7:3c:95:89:60:14:73:9b:b0:ce:
c3:07:c3:e9:3e:06:94:d2:f1:c1:1c:d4:9f:cd:5f:a7:34:24:
42:ff:d7:bf:99:6f:02:96:0f:e2:7b:07:b6:d4:18:f4:d4:dd:
ed:52:53:48:25:f6:52:40:66:70:55:55:e0:89:03:78:80:d9:
c5:77:55:4b:89:a2:24:fb:61:6b:47:cf:f8:72:f6:52:b0:b3:
ce:16:5a:4d:27:32:c4:99:76:55:8d:e1:9b:3a:96:c0:14:ef:
27:57:cb:6f:0c:71:86:49:02:42:f4:7c:16:c3:67:1b:9c:94:
20:a8:e3:2a:e4:22:b3:ab:72:0d:53:7b:ec:71:86:68:d5:83:
c4:06:b7:e4:23:0b:7a:47:ff:3d:fb:f2:b0:e9:d8:be:b8:52:
99:64:97:24:23:4e:4f:62:64:71:e0:c3:8e:14:0b:70:e6:c3:
45:f6:f2:a5:d1:4c:10:f6:8b:25:62:50:51:b9:dd:27:94:cc:
30:7d:7c:b5:d2:70:0c:60:ed:ab:9d:4a:74:b8:c5:1e:39:99:
ee:b6:7e:a1
-----BEGIN CERTIFICATE-----
MIIG+TCCBeGgAwIBAgISAZ0GCI5fShA0K86AxuCFLW+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzE5MTIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33zeFd8P2r91kutYedjXV9pzi//l
TlLOYwRJsW5C7wQnI4ao8IyStu+tPWcTE2aoWn06FToXA8aIpwl2iE4Zi8GfncQR
Inq6ACkfbSZvhHIWFWikJIRbBBj3mWxWveuk6DwFOnEjprOEAdfeiiIrcQM31994
P0rDsEhvzTT4QXHKG1iHxzaP+WTUkxsesbwaMTFTQG0NXmEZov0bbt1fD4/g7rCE
qEA1JVR0r/xUXEo7W44EdjERbEGzzbBAREDLt0ky9/iCNXrrXnHLecARjwcmWmzI
cdy2QEbROVY1ocwDXGEPBLtK0u7npH6YlkypwM1MHlPWgwdopskkh9ZvWQIDAQAB
o4IEBTCCBAEwHQYDVR0OBBYEFBYwfSn1VD8h6jAJuVI/5xuPE2nKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2JmNWU3
MC02NjY1LTQ5ZGUtYjljZi00Y2ZlNDBmMDdhNmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvYmY1ZTcw
LTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlIcU1BbTVV
al9uRzQ4VGFjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBZwYIKwYB
BQUHAQcBAf8EggFWMIIBUjCCAUAEAgABMIIBOAMEBj4DwAMDAT4eAwMCPvwDAwNN
YAMDA1AAAwMCUMADBAdQ64ADBAVQ/8ADBAZRBsADAwRRYAMEB1GqADAJAwIBUgMD
AFIUAwMAUhwwCgMDAVIeAwMBUiQwCgMDAVIqAwMBUiwDBAdShQAwDAMEA1QTaAME
B1QTAAMDBVYAAwQDW5JwMAoDAwFcCgMDBFwAMAoDAwNc6AMDAFzqAwMCXOwwCgMD
AF6tAwMEXqADBAK5cNQDBAK5rXQDBAK55PwDBAbBJkAwDAMEBcEnIAMEAcEnQAME
BcHBYAMEBcJ1gAMEAcKRlAMDAMKoAwQFw7agAwMAw7wDBAXUGEADBAXUK6ADAwDU
+gMDANUwAwQH1VEAAwMC1WgDBAXVk+ADBAXVlCADBAbV0EADBAXZCAADBATZRIAD
AwDZiTAMBAIAAjAGAwQAKgKIMDUGCCsGAQUFBwEIAQH/BCYwJKAiMCACAhPhAgIV
VgICMxQCAwCn6wIDAKptAgMAxWYCAwDyQDANBgkqhkiG9w0BAQsFAAOCAQEAh3ix
wFoelUAcjiTAZYX72gO05jO1rRlU/GMPlGFoAfoO5PsahH1UbZ1nl6+nPJWJYBRz
m7DOwwfD6T4GlNLxwRzUn81fpzQkQv/Xv5lvApYP4nsHttQY9NTd7VJTSCX2UkBm
cFVV4IkDeIDZxXdVS4miJPtha0fP+HL2UrCzzhZaTScyxJl2VY3hmzqWwBTvJ1fL
bwxxhkkCQvR8FsNnG5yUIKjjKuQis6tyDVN77HGGaNWDxAa35CMLekf/PfvysOnY
vrhSmWSXJCNOT2JkceDDjhQLcObDRfbypdFMEPaLJWJQUbndJ5TMMH18tdJwDGDt
q51KdLjFHjmZ7rZ+oQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:03:25 2026 by rpki-client