Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
File: HIivL0NlSz9FLVx07QdHElcNH94.cer (raw, json)
Hash identifier: 5K6DYDVC4FysRbNodMkQUEfY3hrk28u6Kj7O1QYOrYg=
Subject key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7A5B85BEA4E3F89A6B7D853B017FD8E6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 16:19:37 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 16205
IP: 31.210.160.0/21
IP: 81.201.144.0/20
IP: 176.52.200.0/21
IP: 178.249.24.0/21
IP: 185.75.184.0/22
IP: 217.18.176.0/20
IP: 2a00:8180::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5b:85:be:a4:e3:f8:9a:6b:7d:85:3b:01:7f:d8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:19:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:73:35:d9:ad:9e:c6:97:67:0e:48:b6:1f:
d6:d4:9b:42:fb:76:e1:e1:e7:50:50:48:54:40:94:
05:3d:a7:9f:5c:ac:65:3c:46:66:b2:02:6c:71:07:
df:24:77:c5:88:64:77:29:d6:06:e8:95:7f:4e:f7:
d3:3a:a5:d8:ae:8c:be:91:c3:d7:18:fe:20:35:47:
6e:2e:45:7d:16:7e:7a:9e:f5:d6:dc:ac:3c:5a:88:
b6:4f:96:bc:46:da:ac:0e:62:ed:ab:b8:c7:8b:de:
81:f6:5b:7d:0b:03:14:eb:1f:50:4b:b2:99:39:48:
99:3f:25:d6:39:2a:18:fc:77:17:d1:92:e6:28:06:
bf:21:af:7b:cf:25:69:1e:8c:42:11:81:53:cd:87:
e4:b6:6f:16:7d:fe:a6:20:3a:ca:ed:c2:e5:75:04:
87:28:8c:7a:7c:39:68:60:9a:f9:73:0a:f7:a6:db:
3b:58:c9:f6:90:52:59:0c:ae:d2:91:6a:ec:cf:b0:
44:ed:ea:d5:d1:3a:fc:df:55:86:1d:7a:71:12:41:
fb:b3:a5:30:df:bc:c0:c9:02:e4:74:3b:f4:87:15:
76:cd:71:c4:ac:85:bb:3d:67:b4:f1:9e:9f:21:a2:
21:18:11:06:f8:3e:ee:fc:93:6e:1e:c5:88:79:d0:
6b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.160.0/21
81.201.144.0/20
176.52.200.0/21
178.249.24.0/21
185.75.184.0/22
217.18.176.0/20
IPv6:
2a00:8180::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16205
Signature Algorithm: sha256WithRSAEncryption
64:39:48:f0:85:e0:f2:04:65:08:4d:6f:3b:3b:e1:2e:6d:14:
ac:6e:1b:4f:b9:7c:e8:0a:fd:ef:47:03:98:42:78:58:d8:b1:
ee:e9:3c:f3:1a:10:72:69:e6:1b:d6:74:79:08:fb:32:0c:c6:
65:4f:78:68:b0:e4:99:13:ea:4a:cd:bc:ec:ee:17:ef:87:e5:
37:da:34:76:ee:00:f4:e5:05:50:f3:67:5c:db:af:21:e3:27:
c4:7a:dd:53:14:b7:d9:23:16:56:ec:0e:6a:01:d7:df:fa:33:
3c:e3:08:dc:b2:84:4b:0a:d4:6b:e5:85:f6:de:c0:84:76:f3:
63:98:25:ce:fa:ad:09:fa:09:8e:d0:9b:9a:05:bb:6b:f5:e1:
58:c7:af:94:b8:a2:24:ce:2d:0d:d8:9f:54:5c:1c:f1:70:da:
52:fa:62:58:c6:6d:b5:bd:23:ac:72:99:25:35:e3:d0:35:7f:
7b:47:5e:d3:2e:61:dd:7a:60:26:87:b9:1a:fd:29:ca:57:f5:
97:58:80:5f:38:c5:ed:81:5c:33:c0:47:d1:d7:5a:fb:6b:cf:
cb:51:2d:36:40:5f:37:a9:39:0f:90:ce:3e:49:59:8a:3d:1f:
c7:d1:97:00:8b:8e:83:57:29:e2:e5:f0:cb:97:c7:81:2e:4a:
b0:33:aa:87
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZt6W4W+pOP4mmt9hTsBf9jmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTYxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg4YWYyZjQzNjU0YjNmNDUyZDVjNzRlZDA3NDcxMjU3MGQxZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWVzNdmtnsaXZw5Ith/W1JtC+3bh
4edQUEhUQJQFPaefXKxlPEZmsgJscQffJHfFiGR3KdYG6JV/TvfTOqXYroy+kcPX
GP4gNUduLkV9Fn56nvXW3Kw8Woi2T5a8RtqsDmLtq7jHi96B9lt9CwMU6x9QS7KZ
OUiZPyXWOSoY/HcX0ZLmKAa/Ia97zyVpHoxCEYFTzYfktm8Wff6mIDrK7cLldQSH
KIx6fDloYJr5cwr3pts7WMn2kFJZDK7SkWrsz7BE7erV0Tr831WGHXpxEkH7s6Uw
37zAyQLkdDv0hxV2zXHErIW7PWe08Z6fIaIhGBEG+D7u/JNuHsWIedBrfQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFByIry9DZUs/RS1cdO0HRxJXDR/eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1LzZjZmMy
Yi05YmU4LTRmZTAtYTQyNC0xOTZjYzE2NzExM2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvNmNmYzJi
LTliZTgtNGZlMC1hNDI0LTE5NmNjMTY3MTEzZS8xL0hJaXZMME5sU3o5RkxWeDA3
UWRIRWxjTkg5NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF
BwEHAQH/BD0wOzAqBAIAATAkAwQDH9KgAwQEUcmQAwQDsDTIAwQDsvkYAwQCuUu4
AwQE2RKwMA0EAgACMAcDBQAqAIGAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAj9N
MA0GCSqGSIb3DQEBCwUAA4IBAQBkOUjwheDyBGUITW87O+EubRSsbhtPuXzoCv3v
RwOYQnhY2LHu6TzzGhByaeYb1nR5CPsyDMZlT3hosOSZE+pKzbzs7hfvh+U32jR2
7gD05QVQ82dc268h4yfEet1TFLfZIxZW7A5qAdff+jM84wjcsoRLCtRr5YX23sCE
dvNjmCXO+q0J+gmO0JuaBbtr9eFYx6+UuKIkzi0N2J9UXBzxcNpS+mJYxm21vSOs
cpklNePQNX97R17TLmHdemAmh7ka/SnKV/WXWIBfOMXtgVwzwEfR11r7a8/LUS02
QF83qTkPkM4+SVmKPR/H0ZcAi46DVyni5fDLl8eBLkqwM6qH
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:20:24 2026 by rpki-client