Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/G9JpBH0C_otaKsnrjV_sB7GH7aE.cer
File: G9JpBH0C_otaKsnrjV_sB7GH7aE.cer (raw, json)
Hash identifier: VfLJVW4NXjUT0wqBeRTl1q0GBVsPlsse3O7555s1KrI=
Subject key identifier: 1B:D2:69:04:7D:02:FE:8B:5A:2A:C9:EB:8D:5F:EC:07:B1:87:ED:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019BDB02AD561B7AF2E85E8CCCADB66E08AA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/8c6e96-d778-49dd-9e5e-3cf2b8002031/1/G9JpBH0C_otaKsnrjV_sB7GH7aE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/8c6e96-d778-49dd-9e5e-3cf2b8002031/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 20 Jan 2026 10:45:44 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 214224
IP: 95.143.109.0/24
IP: 121.127.38.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:db:02:ad:56:1b:7a:f2:e8:5e:8c:cc:ad:b6:6e:08:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 20 10:45:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1bd269047d02fe8b5a2ac9eb8d5fec07b187eda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:95:32:d0:35:4f:6e:bd:1f:78:4a:3f:e5:
2e:9b:87:3b:38:47:d9:6a:cf:78:00:79:6e:5f:e1:
cf:7c:7d:c6:d4:16:42:23:97:e8:4a:a7:e3:87:f0:
7c:4e:6e:fd:5a:47:7e:b6:ba:af:3e:ab:1c:8a:91:
b0:ed:f8:db:16:04:e4:84:c0:d1:97:dd:40:2e:3c:
18:a1:13:c9:6d:e6:76:73:23:a4:12:0a:19:fb:9a:
e8:60:54:7d:c7:84:ed:c4:ba:1f:b8:12:1a:5f:a3:
aa:24:e7:12:ca:98:61:9e:a8:71:8c:b0:ce:69:18:
60:19:90:4f:46:c9:bb:58:ab:a7:46:35:75:63:7f:
7c:40:f0:bb:be:77:55:cd:b0:53:02:82:27:8b:36:
f9:e4:94:84:18:7a:f4:9d:30:09:cc:0f:eb:7a:14:
b9:d7:ad:ce:84:a7:69:d8:1a:69:37:47:fb:d5:50:
da:77:ee:57:b7:93:87:5f:98:84:a2:a8:69:03:6f:
6b:7f:6b:fa:a9:df:db:17:96:1a:71:ba:ae:e8:17:
d2:b9:46:32:14:02:a0:5a:27:38:63:e8:e1:a1:78:
fa:e8:13:e0:b8:e8:21:ea:c4:59:4f:68:f3:04:99:
84:2d:15:18:3a:8c:63:9f:23:0e:2e:ad:7e:0e:c5:
cf:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D2:69:04:7D:02:FE:8B:5A:2A:C9:EB:8D:5F:EC:07:B1:87:ED:A1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8c6e96-d778-49dd-9e5e-3cf2b8002031/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8c6e96-d778-49dd-9e5e-3cf2b8002031/1/G9JpBH0C_otaKsnrjV_sB7GH7aE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.109.0/24
121.127.38.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
214224
Signature Algorithm: sha256WithRSAEncryption
04:0c:e6:b2:4f:3e:61:4a:1b:4f:65:30:3a:c9:0a:f6:e6:55:
e0:0c:f0:65:7e:76:05:96:1a:92:64:53:3a:c3:fc:cd:8a:dd:
25:45:e0:b3:5d:90:25:85:07:50:97:5c:02:b6:f0:26:aa:30:
ff:65:b2:74:61:94:19:9d:c7:bf:5a:0e:17:98:dd:58:8c:d4:
13:d9:8c:78:9c:3c:f2:b9:6b:bb:e1:53:d7:9f:e4:3b:7c:2c:
8c:f8:38:3e:a0:a8:e0:69:5c:ba:df:58:2e:0f:29:fa:cc:c6:
e2:86:41:a5:6a:ad:58:0f:45:2c:ca:c6:b9:a3:0c:68:3a:e0:
86:4f:7b:52:9e:9e:07:23:44:ce:32:2b:8a:40:d1:c1:95:de:
98:c2:14:2a:bd:89:44:f0:cc:e8:a4:10:14:f4:e9:bf:12:2c:
86:aa:25:3d:bc:80:f1:00:4a:b3:a3:03:56:7f:6a:1b:e7:b0:
95:e4:94:29:fa:b9:30:7f:54:52:b5:45:20:f7:a3:72:12:34:
6b:a7:66:8b:2e:90:3b:2d:0a:df:1b:c4:88:9d:5d:1d:b2:a0:
6c:e1:67:28:25:79:d9:6d:cd:33:72:d3:5b:ea:62:89:43:30:
a4:cf:09:43:01:7d:3c:ee:bf:e4:2c:7a:9a:3b:c8:4d:7f:d2:
61:f0:6b:53
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZvbAq1WG3ry6F6MzK22bgiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTIwMTA0NTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQyNjkwNDdkMDJmZThiNWEyYWM5ZWI4ZDVmZWMwN2IxODdlZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQKVMtA1T269H3hKP+Uum4c7OEfZ
as94AHluX+HPfH3G1BZCI5foSqfjh/B8Tm79Wkd+trqvPqscipGw7fjbFgTkhMDR
l91ALjwYoRPJbeZ2cyOkEgoZ+5roYFR9x4TtxLofuBIaX6OqJOcSyphhnqhxjLDO
aRhgGZBPRsm7WKunRjV1Y398QPC7vndVzbBTAoInizb55JSEGHr0nTAJzA/rehS5
163OhKdp2BppN0f71VDad+5Xt5OHX5iEoqhpA29rf2v6qd/bF5Yacbqu6BfSuUYy
FAKgWic4Y+jhoXj66BPguOgh6sRZT2jzBJmELRUYOoxjnyMOLq1+DsXPnwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFBvSaQR9Av6LWirJ641f7Aexh+2hMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2LzhjNmU5
Ni1kNzc4LTQ5ZGQtOWU1ZS0zY2YyYjgwMDIwMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvOGM2ZTk2
LWQ3NzgtNDlkZC05ZTVlLTNjZjJiODAwMjAzMS8xL0c5SnBCSDBDX290YUtzbnJq
Vl9zQjdHSDdhRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAX49tAwQAeX8mMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwNE0DANBgkqhkiG9w0BAQsFAAOCAQEABAzmsk8+YUobT2UwOskK9uZV
4AzwZX52BZYakmRTOsP8zYrdJUXgs12QJYUHUJdcArbwJqow/2WydGGUGZ3Hv1oO
F5jdWIzUE9mMeJw88rlru+FT15/kO3wsjPg4PqCo4Glcut9YLg8p+szG4oZBpWqt
WA9FLMrGuaMMaDrghk97Up6eByNEzjIrikDRwZXemMIUKr2JRPDM6KQQFPTpvxIs
hqolPbyA8QBKs6MDVn9qG+ewleSUKfq5MH9UUrVFIPejchI0a6dmiy6QOy0K3xvE
iJ1dHbKgbOFnKCV52W3NM3LTW+piiUMwpM8JQwF9PO6/5Cx6mjvITX/SYfBrUw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:25:59 2026 by rpki-client