Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
File: KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer (raw, json)
Hash identifier: QeQ/nBL4In11MPniale9ylvduSv51M8kYKFUjmkFd+M=
Subject key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7F83CC96D5AD90ADF0FE3A56366BBC40
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 16:21:42 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 205371
IP: 185.220.112.0/22
IP: 2a0b:f640::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:83:cc:96:d5:ad:90:ad:f0:fe:3a:56:36:6b:bc:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 16:21:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:64:da:ac:b0:4c:f7:03:55:b7:c4:eb:c3:04:
41:97:47:54:aa:20:4c:cf:54:bc:99:a1:55:68:80:
47:46:54:9d:62:9f:a7:da:5b:59:fd:66:61:a5:49:
01:0e:da:2f:d1:03:cc:05:38:55:88:fb:9d:05:da:
98:9b:8d:36:22:62:43:67:9c:55:5b:93:f1:bf:ae:
53:10:c7:98:47:13:07:2d:51:8d:67:ee:f3:1c:fa:
0f:93:0e:df:f4:8b:66:51:2c:b6:88:97:7a:75:9e:
f4:74:02:b1:da:3f:70:ae:3d:66:f9:8a:98:c2:d3:
99:e1:c7:4a:04:fa:e4:4b:4a:cc:13:83:0b:4a:7e:
dd:66:7c:77:4c:42:e7:19:ad:1a:f0:47:86:39:d5:
0f:40:da:c5:dc:fd:fc:6f:12:30:bf:81:5b:55:c6:
98:fb:b4:65:f3:3e:b9:c1:2c:7d:c7:27:39:5e:69:
85:85:eb:db:97:8a:e4:50:9b:ba:34:60:73:72:7f:
4c:c2:b3:9b:dc:a1:a6:56:40:24:20:5c:29:b9:3f:
48:86:de:18:91:5f:08:b4:16:c8:97:3d:40:5b:ce:
f6:80:74:67:31:0b:b0:b6:4e:68:c9:7c:b7:e8:2d:
81:89:f3:e7:5a:76:a1:ba:cb:16:65:d6:30:f1:77:
2b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/22
IPv6:
2a0b:f640::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205371
Signature Algorithm: sha256WithRSAEncryption
19:c5:05:d0:d3:47:4a:ba:e6:a6:b7:04:3e:45:23:1f:ae:62:
c4:5a:8b:47:1e:08:ed:5c:8c:aa:60:6b:d3:0f:12:1f:12:80:
57:ea:21:7a:6b:2a:e4:41:45:6a:3e:03:e1:b9:33:04:91:6b:
27:f3:5a:f5:75:95:76:c1:89:0b:0c:85:de:da:29:7c:09:49:
11:86:92:ae:f1:a3:0e:b0:4a:90:8a:52:10:92:0b:1b:be:ab:
b1:c5:94:53:7d:60:fc:63:46:78:db:7c:0e:27:83:77:66:d7:
da:f0:0b:94:8b:5f:2f:ec:09:22:25:82:eb:3e:73:ab:59:5b:
d9:65:8a:b3:5f:47:62:74:ea:1f:db:c7:4e:48:74:69:3a:d1:
65:63:30:a0:c2:89:fb:33:ce:09:ce:61:66:cb:18:bb:66:03:
6b:41:ee:60:b0:42:79:bd:50:26:87:50:05:b3:a1:1f:56:bb:
d2:81:a1:43:41:0e:db:80:81:72:57:86:fb:5b:ca:77:2b:44:
c9:8f:f0:27:df:bd:e0:46:fb:07:1a:cd:4c:aa:b7:36:0c:ea:
06:b0:9a:57:87:57:1e:ec:ae:64:81:03:bd:d5:d0:2d:6e:0b:
62:46:2b:0e:06:95:61:1e:7e:00:3b:68:84:1e:5f:31:0f:45:
a9:be:1e:48
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt/g8yW1a2QrfD+OlY2a7xAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTYyMTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTViNmEzNGEyMTA5YmE3YzRkOTdmNzZjNzQ0NjZmMTRjMzMzM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2TarLBM9wNVt8TrwwRBl0dUqiBM
z1S8maFVaIBHRlSdYp+n2ltZ/WZhpUkBDtov0QPMBThViPudBdqYm402ImJDZ5xV
W5Pxv65TEMeYRxMHLVGNZ+7zHPoPkw7f9ItmUSy2iJd6dZ70dAKx2j9wrj1m+YqY
wtOZ4cdKBPrkS0rME4MLSn7dZnx3TELnGa0a8EeGOdUPQNrF3P38bxIwv4FbVcaY
+7Rl8z65wSx9xyc5XmmFhevbl4rkUJu6NGBzcn9MwrOb3KGmVkAkIFwpuT9Iht4Y
kV8ItBbIlz1AW872gHRnMQuwtk5oyXy36C2BifPnWnahussWZdYw8XcrLQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFClbajSiEJunxNl/dsdEZvFMMzPgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2U5YjE3
My05MmI2LTQyMTAtYThlMC1iNzk3YTQ0MDZmMzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvZTliMTcz
LTkyYjYtNDIxMC1hOGUwLWI3OTdhNDQwNmYzMC8xL0tWdHFOS0lRbTZmRTJYOTJ4
MFJtOFV3ek0tQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCudxwMA0EAgACMAcDBQMqC/ZAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMiOzANBgkqhkiG9w0BAQsFAAOCAQEAGcUF0NNHSrrm
prcEPkUjH65ixFqLRx4I7VyMqmBr0w8SHxKAV+ohemsq5EFFaj4D4bkzBJFrJ/Na
9XWVdsGJCwyF3topfAlJEYaSrvGjDrBKkIpSEJILG76rscWUU31g/GNGeNt8DieD
d2bX2vALlItfL+wJIiWC6z5zq1lb2WWKs19HYnTqH9vHTkh0aTrRZWMwoMKJ+zPO
Cc5hZssYu2YDa0HuYLBCeb1QJodQBbOhH1a70oGhQ0EO24CBcleG+1vKdytEyY/w
J9+94Eb7BxrNTKq3NgzqBrCaV4dXHuyuZIEDvdXQLW4LYkYrDgaVYR5+ADtohB5f
MQ9Fqb4eSA==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:08:37 2026 by rpki-client