Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
File: HpUuiDc295y9nFZHBL88NmIbjso.cer (raw, json)
Hash identifier: 7CQeT7VAsbl4qAZpNZBz+pI2Bslvesy2eHzDXRAs+hs=
Subject key identifier: 1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7EA663163819984CAF6EBF58466474A3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/HpUuiDc295y9nFZHBL88NmIbjso.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 12:19:52 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 3250
IP: 185.14.156.0/22
IP: 185.124.132.0/22
IP: 2a03:b240::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a6:63:16:38:19:98:4c:af:6e:bf:58:46:64:74:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:19:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:89:39:ed:4a:87:97:83:16:91:01:d6:94:81:
fc:0b:66:d9:47:5b:a1:76:5a:5e:1a:e4:a2:c2:1f:
e8:a2:ca:f0:aa:d8:c8:d4:94:7f:99:0f:cd:43:04:
c8:1e:a8:a8:12:99:a9:36:f9:7a:c9:ce:4b:86:49:
4b:7b:20:fd:4b:77:88:62:0f:4e:9c:a8:8b:a1:ae:
1e:d2:9d:d0:5d:39:49:7f:4b:d3:00:b1:80:b1:5e:
56:a7:f4:cb:99:47:00:69:b6:39:50:c7:fd:02:07:
dc:45:81:fc:6d:b6:e3:fb:77:dd:9e:6c:08:e0:15:
ef:cf:8c:ea:c9:07:42:ac:db:0e:2f:d5:44:1e:ff:
6f:bf:fc:90:a9:b6:12:5d:0c:df:cf:b4:41:90:1f:
ec:9f:f4:2d:d4:73:da:b3:a0:b7:15:00:a1:bc:58:
ce:ec:2b:4e:ce:ab:ce:f9:41:ef:c3:00:57:da:0e:
fb:e4:ca:69:2e:1e:69:ec:00:a4:f5:10:26:e6:e9:
fc:6e:41:06:e7:03:7a:86:9d:e0:f1:51:bf:92:53:
6f:b0:de:13:29:f9:5f:78:8b:a5:89:03:c9:fd:c7:
b0:c2:38:79:43:b2:f2:28:4b:cf:5e:45:ed:2c:94:
84:0e:de:50:ee:37:8c:1d:6d:76:d2:86:52:23:6b:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/HpUuiDc295y9nFZHBL88NmIbjso.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.156.0/22
185.124.132.0/22
IPv6:
2a03:b240::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3250
Signature Algorithm: sha256WithRSAEncryption
21:14:cd:f8:fa:50:15:6d:68:2d:48:cd:51:c4:54:c0:74:70:
4f:05:f3:79:27:ca:a7:91:80:36:54:74:e6:c9:f1:93:47:2b:
e2:34:fc:8b:d0:1e:f1:4c:89:be:c8:0b:bc:5a:45:7a:d8:1f:
e1:a7:f3:9b:41:ac:a0:9b:0e:14:38:2e:89:fd:41:18:53:95:
41:d2:e3:63:9d:70:a4:9d:15:20:62:0f:56:e7:ad:79:24:26:
61:5c:eb:fa:a7:cc:61:f6:f9:df:2a:2c:ef:2c:bd:de:60:9c:
20:75:d4:46:b8:a0:c3:b7:c2:85:84:75:f6:d8:1f:65:59:18:
a7:33:d5:68:de:7e:87:cd:6d:40:39:1d:dc:c2:49:46:6e:0b:
39:1c:69:16:ec:24:90:b1:21:90:1b:0b:1d:2f:87:fa:97:85:
13:c9:b2:4e:0d:22:cf:2a:67:8f:71:31:09:ac:8f:5f:d2:ed:
fe:95:42:2b:2b:88:50:bc:d8:09:10:33:60:d9:36:4f:1d:f6:
97:df:d5:9c:02:04:00:5e:16:e8:f1:ad:a1:0b:ab:ec:c4:21:
63:fe:74:2c:10:60:04:b8:37:08:3a:20:88:38:3d:b2:77:a2:
51:29:f9:74:22:ca:05:0f:26:d4:bb:fe:b4:be:71:30:7f:52:
96:d1:d8:37
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZt+pmMWOBmYTK9uv1hGZHSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTIxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTk1MmU4ODM3MzZmNzljYmQ5YzU2NDcwNGJmM2MzNjYyMWI4ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIk57UqHl4MWkQHWlIH8C2bZR1uh
dlpeGuSiwh/oosrwqtjI1JR/mQ/NQwTIHqioEpmpNvl6yc5LhklLeyD9S3eIYg9O
nKiLoa4e0p3QXTlJf0vTALGAsV5Wp/TLmUcAabY5UMf9AgfcRYH8bbbj+3fdnmwI
4BXvz4zqyQdCrNsOL9VEHv9vv/yQqbYSXQzfz7RBkB/sn/Qt1HPas6C3FQChvFjO
7CtOzqvO+UHvwwBX2g775MppLh5p7ACk9RAm5un8bkEG5wN6hp3g8VG/klNvsN4T
KflfeIuliQPJ/cewwjh5Q7LyKEvPXkXtLJSEDt5Q7jeMHW120oZSI2uMswIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFB6VLog3NvecvZxWRwS/PDZiG47KMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkL2IxNDBh
ZS1jMDQ3LTRmZjYtODY0Zi0zNTYwMzU2NTcxYTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvYjE0MGFl
LWMwNDctNGZmNi04NjRmLTM1NjAzNTY1NzFhNy8xL0hwVXVpRGMyOTV5OW5GWkhC
TDg4Tm1JYmpzby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuQ6cAwQCuXyEMA0EAgACMAcDBQMqA7JAMBkG
CCsGAQUFBwEIAQH/BAowCKAGMAQCAgyyMA0GCSqGSIb3DQEBCwUAA4IBAQAhFM34
+lAVbWgtSM1RxFTAdHBPBfN5J8qnkYA2VHTmyfGTRyviNPyL0B7xTIm+yAu8WkV6
2B/hp/ObQaygmw4UOC6J/UEYU5VB0uNjnXCknRUgYg9W5615JCZhXOv6p8xh9vnf
KizvLL3eYJwgddRGuKDDt8KFhHX22B9lWRinM9Vo3n6HzW1AOR3cwklGbgs5HGkW
7CSQsSGQGwsdL4f6l4UTybJODSLPKmePcTEJrI9f0u3+lUIrK4hQvNgJEDNg2TZP
HfaX39WcAgQAXhbo8a2hC6vsxCFj/nQsEGAEuDcIOiCIOD2yd6JRKfl0IsoFDybU
u/60vnEwf1KW0dg3
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:19:24 2026 by rpki-client