Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JA_Q0ziG2DnFzJAQOhhuE6NIrVA.cer
File: JA_Q0ziG2DnFzJAQOhhuE6NIrVA.cer (raw, json)
Hash identifier: WdCKWfzKU2uFAsSeY5bD66VZ2sGKaOVPrMBr2jC/F3A=
Subject key identifier: 24:0F:D0:D3:38:86:D8:39:C5:CC:90:10:3A:18:6E:13:A3:48:AD:50
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7F15D50492F9EB17E5D7A258C1EBE8A5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/33/958a59-f80d-4d58-9d43-f26bff8b4994/1/JA_Q0ziG2DnFzJAQOhhuE6NIrVA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/33/958a59-f80d-4d58-9d43-f26bff8b4994/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 14:21:35 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 8553
IP: 81.95.52.0/23
IP: 195.10.224.0/19
IP: 2a00:ce0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:15:d5:04:92:f9:eb:17:e5:d7:a2:58:c1:eb:e8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:21:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=240fd0d33886d839c5cc90103a186e13a348ad50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2d:9c:c6:4a:86:cb:7d:47:c2:1e:9e:50:d2:
72:6f:ed:86:f0:0c:f6:b3:a3:a2:74:99:db:5f:c5:
fa:a4:94:c3:0e:30:90:0b:33:09:57:cb:05:45:c9:
d5:4d:03:e2:ab:ac:14:d3:b7:cb:d6:86:90:07:c2:
c1:06:82:fe:32:14:b7:99:77:d0:d3:dc:16:23:84:
5a:98:0d:e7:1d:c5:03:af:51:ca:af:e1:3c:7f:56:
b2:25:88:de:72:81:f1:58:23:68:d4:89:64:04:03:
ff:2f:fd:91:1f:fc:32:ab:69:79:32:62:5c:78:b1:
39:34:e7:26:37:fb:ba:c4:d7:20:9c:07:ab:58:7a:
cd:1b:a1:59:b8:6f:27:bc:8f:db:44:60:28:9c:e9:
f6:98:16:82:a4:0d:f5:ab:d2:a2:82:79:59:25:ba:
89:7e:0c:bc:9f:40:50:fb:b3:34:75:56:b2:4c:71:
98:1f:bf:42:10:26:56:ff:29:37:b5:a4:d9:c7:c7:
f4:97:e4:0a:4a:b3:ee:a1:7f:15:67:32:48:90:c2:
8d:28:ee:8e:50:b8:33:12:32:63:b9:9e:cb:7a:8f:
33:97:cb:c6:3b:e1:b7:6b:85:c7:d9:20:9d:cb:78:
e7:ce:38:d3:de:06:e3:5e:c6:96:e0:19:7d:50:a4:
87:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0F:D0:D3:38:86:D8:39:C5:CC:90:10:3A:18:6E:13:A3:48:AD:50
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/958a59-f80d-4d58-9d43-f26bff8b4994/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/958a59-f80d-4d58-9d43-f26bff8b4994/1/JA_Q0ziG2DnFzJAQOhhuE6NIrVA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.52.0/23
195.10.224.0/19
IPv6:
2a00:ce0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8553
Signature Algorithm: sha256WithRSAEncryption
06:81:47:7b:13:77:56:96:a7:a5:a7:62:b4:75:6f:a7:b4:c5:
80:db:2e:e2:da:ca:4a:78:26:cd:8f:cd:58:11:84:5e:19:c0:
6e:17:97:5d:2b:06:a3:b1:0c:51:06:7e:f5:17:6a:99:75:00:
a4:91:2b:5b:b5:c9:8c:77:0a:3c:1c:4b:74:06:73:6e:4c:7f:
3c:0f:74:a2:1e:3d:b8:41:2d:53:1a:76:09:e0:fa:35:4a:36:
af:6a:ff:c1:ce:4d:22:48:8b:ef:b0:19:23:46:e6:48:e6:56:
26:b8:23:d6:13:47:98:0b:81:97:d5:30:ac:66:b1:98:64:d3:
ce:6b:d0:b4:e5:68:1a:c5:16:c3:cc:ae:42:d3:a0:58:fc:93:
87:fe:86:f1:bb:5c:81:64:07:3f:ed:da:70:51:34:00:60:02:
d4:6b:71:2d:52:77:d3:22:0f:5a:4b:f9:a3:31:33:d4:1d:cb:
ab:8c:2e:5d:5b:3b:5e:6b:8a:5a:45:ff:b5:b5:9d:82:45:e0:
03:84:80:e7:9e:de:f5:de:e6:38:e4:b6:e7:3c:01:ae:1b:21:
03:d2:fb:b1:9f:77:34:df:a5:d3:33:b9:51:4f:66:a1:c1:bf:
87:77:05:53:a4:ac:38:c1:c8:20:9e:ba:bb:2b:48:3a:24:a1:
a5:2d:8a:e7
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZt/FdUEkvnrF+XXoljB6+ilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTQyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBmZDBkMzM4ODZkODM5YzVjYzkwMTAzYTE4NmUxM2EzNDhhZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy2cxkqGy31Hwh6eUNJyb+2G8Az2
s6OidJnbX8X6pJTDDjCQCzMJV8sFRcnVTQPiq6wU07fL1oaQB8LBBoL+MhS3mXfQ
09wWI4RamA3nHcUDr1HKr+E8f1ayJYjecoHxWCNo1IlkBAP/L/2RH/wyq2l5MmJc
eLE5NOcmN/u6xNcgnAerWHrNG6FZuG8nvI/bRGAonOn2mBaCpA31q9KignlZJbqJ
fgy8n0BQ+7M0dVayTHGYH79CECZW/yk3taTZx8f0l+QKSrPuoX8VZzJIkMKNKO6O
ULgzEjJjuZ7Leo8zl8vGO+G3a4XH2SCdy3jnzjjT3gbjXsaW4Bl9UKSHRQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFCQP0NM4htg5xcyQEDoYbhOjSK1QMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzLzk1OGE1
OS1mODBkLTRkNTgtOWQ0My1mMjZiZmY4YjQ5OTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvOTU4YTU5
LWY4MGQtNGQ1OC05ZDQzLWYyNmJmZjhiNDk5NC8xL0pBX1EwemlHMkRuRnpKQVFP
aGh1RTZOSXJWQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBUV80AwQFwwrgMA0EAgACMAcDBQAqAAzgMBkG
CCsGAQUFBwEIAQH/BAowCKAGMAQCAiFpMA0GCSqGSIb3DQEBCwUAA4IBAQAGgUd7
E3dWlqelp2K0dW+ntMWA2y7i2spKeCbNj81YEYReGcBuF5ddKwajsQxRBn71F2qZ
dQCkkStbtcmMdwo8HEt0BnNuTH88D3SiHj24QS1TGnYJ4Po1Sjavav/Bzk0iSIvv
sBkjRuZI5lYmuCPWE0eYC4GX1TCsZrGYZNPOa9C05WgaxRbDzK5C06BY/JOH/obx
u1yBZAc/7dpwUTQAYALUa3EtUnfTIg9aS/mjMTPUHcurjC5dWztea4paRf+1tZ2C
ReADhIDnnt713uY45LbnPAGuGyED0vuxn3c036XTM7lRT2ahwb+HdwVTpKw4wcgg
nrq7K0g6JKGlLYrn
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:50:28 2026 by rpki-client