Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/I2BxBZVcdkqBP9lSSn5BuUDFaDI.cer
File: I2BxBZVcdkqBP9lSSn5BuUDFaDI.cer (raw, json)
Hash identifier: Uvwmla+FuYkAojxrYZ83IWWq+ll26MRzCENf+WU2r8I=
Subject key identifier: 23:60:71:05:95:5C:76:4A:81:3F:D9:52:4A:7E:41:B9:40:C5:68:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7F80B66A90DF3637912831E01E2F2075
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ae/2a2969-d5de-4ee0-9399-48470f69d79d/1/I2BxBZVcdkqBP9lSSn5BuUDFaDI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ae/2a2969-d5de-4ee0-9399-48470f69d79d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 16:18:20 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 51041
AS: 59516
IP: 81.161.116.0/22
IP: 89.22.216.0/21
IP: 2001:67c:2b78::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:80:b6:6a:90:df:36:37:91:28:31:e0:1e:2f:20:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 16:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=23607105955c764a813fd9524a7e41b940c56832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:9c:a0:59:24:fd:99:30:12:73:a9:a0:6c:
91:8b:79:5f:fb:9e:a8:b1:13:5d:51:66:e5:7d:85:
bf:17:6a:8f:07:f3:72:0c:d8:83:2e:7d:56:81:99:
4f:b8:f0:ef:3b:5a:f3:fb:c5:7f:b9:4f:c9:83:10:
3a:31:c2:e6:87:c4:f4:d6:62:67:82:01:a2:34:4e:
47:27:60:ea:6e:21:b5:8d:ad:e7:a7:ef:dc:b0:16:
4d:75:d0:82:bc:b7:ff:56:68:f0:3c:a0:4b:43:c4:
cc:24:14:69:ed:0c:59:f8:65:9c:3e:c4:e8:9f:23:
d1:9f:a9:e1:b9:ac:9b:72:63:01:b2:2a:49:6c:25:
42:65:85:3a:40:8b:b5:b9:26:bf:e5:3b:da:55:65:
95:e3:dc:4d:ac:28:ad:2d:43:82:46:7e:f0:70:8f:
3e:99:0a:39:ee:11:c6:3c:24:1e:5d:95:cf:f4:19:
48:37:7f:d2:cc:23:49:7d:6a:19:be:6b:51:c2:a6:
93:8f:2e:b0:59:4c:af:e7:d9:06:32:39:75:7c:f9:
80:0f:e9:39:5c:d0:40:ef:16:5b:13:23:78:4d:5f:
58:04:cf:b9:2b:b7:e9:4e:18:9c:82:fc:48:a8:4b:
a3:aa:dc:08:11:11:86:d6:52:ba:84:e4:37:c6:8f:
eb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:60:71:05:95:5C:76:4A:81:3F:D9:52:4A:7E:41:B9:40:C5:68:32
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2a2969-d5de-4ee0-9399-48470f69d79d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2a2969-d5de-4ee0-9399-48470f69d79d/1/I2BxBZVcdkqBP9lSSn5BuUDFaDI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.116.0/22
89.22.216.0/21
IPv6:
2001:67c:2b78::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
51041
59516
Signature Algorithm: sha256WithRSAEncryption
25:63:9f:e9:ce:8b:10:63:a9:ad:24:c8:5b:a4:28:55:95:1c:
75:9b:c9:80:ca:7f:5a:d6:6d:28:b5:41:8f:94:1c:60:57:95:
54:3d:92:1b:15:ed:e8:af:ab:0e:fa:4f:9c:13:1d:ef:67:d5:
78:ef:0c:1a:38:03:9b:03:99:27:c8:08:6d:11:0b:36:38:67:
20:f8:0c:2c:f4:51:dd:4d:d3:a5:9e:7a:03:1c:11:e3:6f:a3:
3e:2e:1d:87:ec:9e:0c:4b:e9:31:23:f4:69:7b:f5:16:09:c7:
20:a8:db:09:5b:61:90:e0:32:f5:ae:bb:1c:2d:1a:a2:21:fd:
71:35:61:d6:c2:c6:73:8b:d2:e3:d1:9b:21:90:8e:73:06:5a:
67:51:62:5a:fd:5d:9f:f1:f7:36:7f:48:69:70:15:d7:88:16:
37:1c:6b:bd:23:9d:1a:1d:64:32:9b:8f:a4:39:bd:81:43:1c:
e5:8b:5a:c6:fc:3c:2e:1c:d1:fb:3a:fd:bc:4e:3d:b4:1f:00:
c5:06:54:36:ec:a3:dd:8b:d8:4b:3d:32:70:ea:ef:98:ff:b5:
bd:dc:c1:f6:70:38:b8:12:bc:46:f0:bd:31:58:7f:f6:92:ea:
b6:e8:bf:28:fc:2b:39:03:62:93:81:b8:07:16:9e:fb:48:a2:
f3:b4:df:8e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZt/gLZqkN82N5EoMeAeLyB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTYxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzYwNzEwNTk1NWM3NjRhODEzZmQ5NTI0YTdlNDFiOTQwYzU2ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVucoFkk/ZkwEnOpoGyRi3lf+56o
sRNdUWblfYW/F2qPB/NyDNiDLn1WgZlPuPDvO1rz+8V/uU/JgxA6McLmh8T01mJn
ggGiNE5HJ2DqbiG1ja3np+/csBZNddCCvLf/VmjwPKBLQ8TMJBRp7QxZ+GWcPsTo
nyPRn6nhuaybcmMBsipJbCVCZYU6QIu1uSa/5TvaVWWV49xNrCitLUOCRn7wcI8+
mQo57hHGPCQeXZXP9BlIN3/SzCNJfWoZvmtRwqaTjy6wWUyv59kGMjl1fPmAD+k5
XNBA7xZbEyN4TV9YBM+5K7fpThicgvxIqEujqtwIERGG1lK6hOQ3xo/rNQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFCNgcQWVXHZKgT/ZUkp+QblAxWgyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FlLzJhMjk2
OS1kNWRlLTRlZTAtOTM5OS00ODQ3MGY2OWQ3OWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUvMmEyOTY5
LWQ1ZGUtNGVlMC05Mzk5LTQ4NDcwZjY5ZDc5ZC8xL0kyQnhCWlZjZGtxQlA5bFNT
bjVCdVVERmFESS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQCUaF0AwQDWRbYMA8EAgACMAkDBwAgAQZ8K3gw
HwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAMdhAgMA6HwwDQYJKoZIhvcNAQELBQAD
ggEBACVjn+nOixBjqa0kyFukKFWVHHWbyYDKf1rWbSi1QY+UHGBXlVQ9khsV7eiv
qw76T5wTHe9n1XjvDBo4A5sDmSfICG0RCzY4ZyD4DCz0Ud1N06WeegMcEeNvoz4u
HYfsngxL6TEj9Gl79RYJxyCo2wlbYZDgMvWuuxwtGqIh/XE1YdbCxnOL0uPRmyGQ
jnMGWmdRYlr9XZ/x9zZ/SGlwFdeIFjcca70jnRodZDKbj6Q5vYFDHOWLWsb8PC4c
0fs6/bxOPbQfAMUGVDbso92L2Es9MnDq75j/tb3cwfZwOLgSvEbwvTFYf/aS6rbo
vyj8KzkDYpOBuAcWnvtIovO0344=
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:56:59 2026 by rpki-client