Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
File: KY2bT7TP4nih65-iA1oInEwlaFg.cer (raw, json)
Hash identifier: tiGqPe5jYwmPgrRHrxAuq8MFbMztmXRLQTo3DwdpKVA=
Subject key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B79ECDCD1CBBB2EFE334FEA362A4DBC24
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 14:18:44 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 12643
IP: 146.140.0.0/16
IP: 2001:67c:134::/48
IP: 2001:67c:34c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ec:dc:d1:cb:bb:2e:fe:33:4f:ea:36:2a:4d:bc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:18:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c8:a1:bd:c9:6f:c5:51:3e:54:fb:08:cc:3f:
29:48:19:fe:17:87:3b:99:21:b4:57:ac:5e:72:72:
d8:a4:76:ca:fa:73:db:65:60:67:a9:3c:9a:91:65:
43:dd:6c:4f:12:1a:e2:93:f3:0d:5a:4d:bc:22:65:
7e:c7:b9:9d:3c:f6:ba:ce:b4:c0:10:4a:ff:e7:1c:
d6:2a:09:7e:ac:9f:55:90:d5:19:a2:36:fe:42:dc:
9e:a3:ac:ad:dc:c2:24:c7:72:ce:00:99:87:17:37:
10:2f:d4:88:3b:2c:44:08:9b:a3:4e:24:03:6c:5e:
f8:2c:df:61:ef:51:85:30:3b:19:fa:c0:ce:33:b2:
8b:2d:67:df:f2:cc:08:64:9a:d5:cd:11:c0:4f:17:
dc:19:c9:24:bf:3b:1b:70:59:a2:5e:b9:4b:77:ea:
96:6c:62:72:b2:b6:52:ea:d9:f9:61:a1:10:df:e5:
d7:36:a9:bf:80:ac:16:8a:83:08:10:c6:16:8b:e7:
f8:dd:f3:0f:0a:ed:5b:a5:8a:d4:68:3a:12:0f:b5:
9f:19:5f:23:30:02:37:98:62:ea:31:e7:ea:ae:5b:
4c:ff:82:f1:3e:7f:4b:cd:bd:be:6e:d7:93:98:3d:
2c:03:50:80:c3:1c:4c:18:02:c2:2a:cc:cc:f3:15:
de:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.140.0.0/16
IPv6:
2001:67c:134::/48
2001:67c:34c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12643
Signature Algorithm: sha256WithRSAEncryption
59:5f:ab:e9:66:c7:f3:15:11:28:76:b9:78:72:96:3a:84:59:
93:d0:d3:e8:51:4f:b6:25:cf:83:0a:be:92:ef:d6:39:66:f7:
d3:37:b9:fc:c6:1a:bb:2a:7c:c1:80:f5:a4:2e:2a:80:a1:b5:
a5:dc:e0:a9:c1:ea:50:17:08:6e:95:a9:b1:f7:b7:5c:40:d4:
ed:8a:da:cf:9f:8f:4e:d1:16:b9:61:6c:76:24:86:2a:0d:4a:
6e:e1:29:90:94:96:f9:d8:11:69:9e:7f:7f:b3:2f:76:96:de:
af:a0:f8:2f:b5:a9:6f:c7:8d:9d:c6:ea:93:87:13:02:4e:d2:
92:1f:35:13:08:cd:1b:67:4a:57:86:05:4e:98:43:6a:35:1c:
0a:72:54:a6:71:ee:86:30:60:02:a6:26:06:19:a1:c7:6c:20:
e8:2c:ed:f1:60:fd:4d:b8:e1:da:ed:21:15:7e:c5:d5:91:29:
90:b3:cf:79:40:61:25:ce:fa:0f:ba:81:5b:d5:f3:24:55:1c:
ae:3c:a8:bd:9a:41:9c:57:4f:b2:72:74:53:2f:f4:9f:3a:dd:
69:8e:a5:49:97:5b:42:fb:85:4a:ef:8d:21:a0:9a:dc:4f:2e:
c1:11:97:1c:60:34:c0:99:bf:68:66:85:d1:e4:dc:fc:5f:44:
a3:c6:49:f7
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZt57NzRy7su/jNP6jYqTbwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTQxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOThkOWI0ZmI0Y2ZlMjc4YTFlYjlmYTIwMzVhMDg5YzRjMjU2ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMihvclvxVE+VPsIzD8pSBn+F4c7
mSG0V6xecnLYpHbK+nPbZWBnqTyakWVD3WxPEhrik/MNWk28ImV+x7mdPPa6zrTA
EEr/5xzWKgl+rJ9VkNUZojb+Qtyeo6yt3MIkx3LOAJmHFzcQL9SIOyxECJujTiQD
bF74LN9h71GFMDsZ+sDOM7KLLWff8swIZJrVzRHATxfcGckkvzsbcFmiXrlLd+qW
bGJysrZS6tn5YaEQ3+XXNqm/gKwWioMIEMYWi+f43fMPCu1bpYrUaDoSD7WfGV8j
MAI3mGLqMefqrltM/4LxPn9Lzb2+bteTmD0sA1CAwxxMGALCKszM8xXeBwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFCmNm0+0z+J4oeufogNaCJxMJWhYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5LzczNzcw
My1jOGMxLTQ2ODItYmIwMi1kODAwYmRkNjg2ZTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvNzM3NzAz
LWM4YzEtNDY4Mi1iYjAyLWQ4MDBiZGQ2ODZlMy8xL0tZMmJUN1RQNG5paDY1LWlB
MW9JbkV3bGFGZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzALBAIAATAFAwMAkowwGAQCAAIwEgMHACABBnwBNAMHACABBnwD
TDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgIxYzANBgkqhkiG9w0BAQsFAAOCAQEA
WV+r6WbH8xURKHa5eHKWOoRZk9DT6FFPtiXPgwq+ku/WOWb30ze5/MYauyp8wYD1
pC4qgKG1pdzgqcHqUBcIbpWpsfe3XEDU7Yraz5+PTtEWuWFsdiSGKg1KbuEpkJSW
+dgRaZ5/f7Mvdpber6D4L7Wpb8eNncbqk4cTAk7Skh81EwjNG2dKV4YFTphDajUc
CnJUpnHuhjBgAqYmBhmhx2wg6Czt8WD9Tbjh2u0hFX7F1ZEpkLPPeUBhJc76D7qB
W9XzJFUcrjyovZpBnFdPsnJ0Uy/0nzrdaY6lSZdbQvuFSu+NIaCa3E8uwRGXHGA0
wJm/aGaF0eTc/F9Eo8ZJ9w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:33:20 2026 by rpki-client