Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
File: KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer (raw, json)
Hash identifier: r1Jhss60vLPnfTJYxWnq0NuKxoaArV0flLc/mA5HSTE=
Subject key identifier: 28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7D5B9308E1A17BEEB8DD9617E077B346
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 06:18:32 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 52221
IP: 188.92.26.0/24
IP: 2a07:7ac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5b:93:08:e1:a1:7b:ee:b8:dd:96:17:e0:77:b3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:18:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2858d2f131715cbaf3cdd920645924f53508e067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ad:ea:d5:df:de:69:e2:09:e7:1d:59:b0:cc:
16:6b:24:c3:ad:c2:65:03:47:91:92:c9:f4:a2:62:
f8:32:3d:c9:af:7d:76:90:89:db:7f:2e:1a:ba:8f:
5c:de:00:ca:49:ef:43:19:da:b9:c3:84:24:1b:9d:
17:47:b5:e5:c4:26:fa:1c:95:a1:6e:a3:2a:6e:38:
15:52:d7:9d:2c:35:47:d6:d1:e3:68:8c:df:ce:47:
fd:b7:e5:50:64:fd:12:d1:40:06:8e:9e:69:6e:26:
c4:11:7c:12:4e:e3:6a:c6:01:f1:c0:89:04:1b:1f:
65:e4:5d:0a:1b:69:65:17:b1:3c:70:68:c5:5a:9c:
07:fb:6d:1b:bc:cb:be:90:7c:d4:30:57:a2:2e:5b:
ff:95:6f:02:b1:48:c8:41:cc:52:19:43:4e:72:a2:
03:19:bc:4c:65:c4:81:75:09:e3:54:c3:1e:46:67:
5c:fa:5d:59:71:3a:29:9b:77:1e:a8:f8:82:1a:4f:
86:b5:ae:b5:97:3d:25:2f:d4:58:60:9a:84:42:b9:
39:0b:f2:c5:a5:4c:62:41:0c:8d:22:e3:a0:29:57:
47:92:0a:5a:6f:bf:47:f9:ca:a4:60:00:da:36:5f:
71:9f:dd:7e:e8:86:5a:aa:8f:f7:82:74:91:26:8a:
f8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.26.0/24
IPv6:
2a07:7ac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
52221
Signature Algorithm: sha256WithRSAEncryption
10:8c:af:84:0d:0a:17:89:02:7e:5f:14:99:40:9b:b3:94:f2:
c5:e2:9e:77:55:fd:2b:81:c0:69:a5:77:34:d4:e2:47:fe:42:
d8:5a:69:15:54:32:a8:e1:55:23:2e:99:e1:17:a9:18:28:5a:
6c:6b:6b:da:f5:4f:16:95:62:dd:2c:42:10:06:c2:f2:7b:40:
f3:a6:06:41:37:1a:4b:9a:77:e0:b0:55:20:86:86:40:f2:c0:
b4:bf:63:80:82:c3:ac:8e:db:a7:ca:d6:6a:7d:d2:97:ee:02:
ff:3f:00:53:b4:7c:17:89:31:33:d7:46:dc:3f:de:ca:ac:65:
55:69:0d:59:d3:ed:7f:e1:79:5a:05:1f:f2:96:a7:2d:5e:a1:
17:72:d9:06:e3:53:9a:a1:51:70:81:d6:db:37:5f:f8:f8:77:
81:38:a9:f9:0a:91:ac:dc:75:2b:6d:c0:8c:70:9b:b2:ed:8a:
9e:20:eb:4d:fb:87:a0:45:3c:23:4d:90:37:f4:de:07:7f:01:
61:42:6d:8b:bc:f6:5f:a8:f3:b5:68:55:41:82:3f:00:5a:8d:
97:a8:e9:e6:df:7a:62:f6:b6:c2:5e:8d:e8:5c:40:00:df:5a:
c4:b6:6d:94:16:97:1f:49:12:41:4f:29:d0:10:0c:0b:22:cb:
58:c8:71:08
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt9W5MI4aF77rjdlhfgd7NGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDYxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU4ZDJmMTMxNzE1Y2JhZjNjZGQ5MjA2NDU5MjRmNTM1MDhlMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj63q1d/eaeIJ5x1ZsMwWayTDrcJl
A0eRksn0omL4Mj3Jr312kInbfy4auo9c3gDKSe9DGdq5w4QkG50XR7XlxCb6HJWh
bqMqbjgVUtedLDVH1tHjaIzfzkf9t+VQZP0S0UAGjp5pbibEEXwSTuNqxgHxwIkE
Gx9l5F0KG2llF7E8cGjFWpwH+20bvMu+kHzUMFeiLlv/lW8CsUjIQcxSGUNOcqID
GbxMZcSBdQnjVMMeRmdc+l1ZcTopm3ceqPiCGk+Gta61lz0lL9RYYJqEQrk5C/LF
pUxiQQyNIuOgKVdHkgpab79H+cqkYADaNl9xn91+6IZaqo/3gnSRJor4WwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFChY0vExcVy6883ZIGRZJPU1COBnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyLzc1ZGJj
NC1hZTIyLTQ5NzEtOWVmNS1hM2YzNTViZWVlZGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvNzVkYmM0
LWFlMjItNDk3MS05ZWY1LWEzZjM1NWJlZWVkZC8xL0tGalM4VEZ4WExyenpka2da
RmtrOVRVSTRHYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAvFwaMA0EAgACMAcDBQMqB3rAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDL/TANBgkqhkiG9w0BAQsFAAOCAQEAEIyvhA0KF4kC
fl8UmUCbs5TyxeKed1X9K4HAaaV3NNTiR/5C2FppFVQyqOFVIy6Z4RepGChabGtr
2vVPFpVi3SxCEAbC8ntA86YGQTcaS5p34LBVIIaGQPLAtL9jgILDrI7bp8rWan3S
l+4C/z8AU7R8F4kxM9dG3D/eyqxlVWkNWdPtf+F5WgUf8panLV6hF3LZBuNTmqFR
cIHW2zdf+Ph3gTip+QqRrNx1K23AjHCbsu2KniDrTfuHoEU8I02QN/TeB38BYUJt
i7z2X6jztWhVQYI/AFqNl6jp5t96Yva2wl6N6FxAAN9axLZtlBaXH0kSQU8p0BAM
CyLLWMhxCA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:59:25 2026 by rpki-client