Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KwTVVXY_uqCU3KepPaqnj9QAhVQ.cer
File: KwTVVXY_uqCU3KepPaqnj9QAhVQ.cer (raw, json)
Hash identifier: d2ccwuWov2CYtPEh6bC812+5uubK4xcDssJiJBTNZTY=
Subject key identifier: 2B:04:D5:55:76:3F:BA:A0:94:DC:A7:A9:3D:AA:A7:8F:D4:00:85:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7DCAD329D48BEEE0EEB493701E060BAB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/KwTVVXY_uqCU3KepPaqnj9QAhVQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 08:20:02 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 198656
IP: 194.36.20.0/24
IP: 2001:67c:734::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:ca:d3:29:d4:8b:ee:e0:ee:b4:93:70:1e:06:0b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 08:20:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2b04d555763fbaa094dca7a93daaa78fd4008554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:58:90:d9:b5:9a:ab:a6:84:c1:c5:e2:ca:
75:ba:60:26:6c:ee:a2:a7:81:e1:91:31:85:1b:da:
3c:d4:20:cb:66:86:84:cc:39:0b:60:a1:6b:cd:48:
e0:2c:82:5f:ed:79:e0:fc:86:4a:48:0c:cb:02:8f:
60:18:71:aa:8c:15:17:40:a2:5a:95:80:56:fd:c5:
4f:7e:97:48:63:26:35:9d:10:1a:24:0b:91:e7:91:
f0:06:0a:d2:52:8a:76:78:a5:97:5b:a2:0b:f7:bf:
26:13:81:10:00:ea:c1:bd:a9:a0:ed:99:12:77:73:
f0:e1:e1:25:ce:5e:25:98:cb:f1:f0:68:7b:d3:9c:
2b:3a:02:8c:9e:a7:9c:57:c1:a9:29:40:d1:65:8c:
39:c6:3e:61:ff:b7:6f:03:33:53:65:bd:94:5f:f7:
eb:dc:17:ad:d3:b1:0d:c0:88:e6:65:74:4d:9e:1e:
b0:2e:f0:db:69:c7:ac:2b:23:10:55:df:03:ac:54:
29:dd:b5:94:6c:58:a3:44:f3:bb:13:c6:cd:ee:8e:
ce:b8:9e:79:ff:cf:c9:45:d9:d0:7c:e2:6c:96:42:
1a:66:64:8d:74:f3:e4:98:d0:3b:74:a7:7f:59:98:
d4:9c:36:7c:13:4f:89:8e:ef:e6:17:91:07:c2:f0:
be:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:04:D5:55:76:3F:BA:A0:94:DC:A7:A9:3D:AA:A7:8F:D4:00:85:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/KwTVVXY_uqCU3KepPaqnj9QAhVQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.20.0/24
IPv6:
2001:67c:734::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198656
Signature Algorithm: sha256WithRSAEncryption
49:b0:1d:ba:e2:19:0b:f5:a4:c6:31:12:43:a8:52:25:e1:00:
28:2a:d2:62:c7:9c:3a:8b:e1:70:d3:76:fa:11:10:ba:81:72:
32:13:4f:38:89:cd:39:fd:d0:99:64:ad:6b:01:09:9f:65:26:
a8:3f:a0:2c:49:0e:7c:c5:7f:d0:a1:6b:cf:64:1e:7a:63:5a:
64:75:b3:62:63:5a:1e:87:06:c2:f0:7d:53:5e:35:6f:2b:4d:
ba:c8:b1:95:ba:fd:bc:04:6a:9d:e0:bc:69:b8:11:fb:0b:8f:
f7:80:4c:9c:ba:96:59:c1:72:51:24:bc:2d:65:d2:a7:6b:ae:
79:56:73:12:78:3a:9f:af:ac:44:ae:5d:8c:d7:ff:cb:a2:33:
ed:4d:4b:15:b2:1d:8d:49:f5:d4:32:1b:ab:0a:64:e9:8c:5e:
d7:e0:5e:e4:f6:a2:83:af:df:f3:22:4e:86:58:12:8b:12:49:
f4:0c:47:32:8a:ea:35:f6:ae:0b:1c:33:5e:d3:2c:13:4e:e5:
e9:5f:03:c8:20:6c:bc:96:04:a2:69:df:95:42:44:33:0e:d4:
10:48:d6:f1:35:c4:4b:49:8d:14:ed:7e:2c:7f:e7:21:73:a3:
9f:f3:bf:2d:05:07:a7:3c:d1:46:b6:72:cb:df:85:36:5e:ee:
7e:22:b9:3f
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZt9ytMp1Ivu4O60k3AeBgurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDgyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjA0ZDU1NTc2M2ZiYWEwOTRkY2E3YTkzZGFhYTc4ZmQ0MDA4NTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+hYkNm1mqumhMHF4sp1umAmbO6i
p4HhkTGFG9o81CDLZoaEzDkLYKFrzUjgLIJf7Xng/IZKSAzLAo9gGHGqjBUXQKJa
lYBW/cVPfpdIYyY1nRAaJAuR55HwBgrSUop2eKWXW6IL978mE4EQAOrBvamg7ZkS
d3Pw4eElzl4lmMvx8Gh705wrOgKMnqecV8GpKUDRZYw5xj5h/7dvAzNTZb2UX/fr
3Bet07ENwIjmZXRNnh6wLvDbacesKyMQVd8DrFQp3bWUbFijRPO7E8bN7o7OuJ55
/8/JRdnQfOJslkIaZmSNdPPkmNA7dKd/WZjUnDZ8E0+Jju/mF5EHwvC+1wIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFCsE1VV2P7qglNynqT2qp4/UAIVUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3L2QwYTNk
Yy03ZDlhLTQzNzUtYjJmZC1jNzU0MmY4OGU3OTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvZDBhM2Rj
LTdkOWEtNDM3NS1iMmZkLWM3NTQyZjg4ZTc5Ny8xL0t3VFZWWFlfdXFDVTNLZXBQ
YXFuajlRQWhWUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAwiQUMA8EAgACMAkDBwAgAQZ8BzQwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAwgAMA0GCSqGSIb3DQEBCwUAA4IBAQBJsB264hkL
9aTGMRJDqFIl4QAoKtJix5w6i+Fw03b6ERC6gXIyE084ic05/dCZZK1rAQmfZSao
P6AsSQ58xX/QoWvPZB56Y1pkdbNiY1oehwbC8H1TXjVvK026yLGVuv28BGqd4Lxp
uBH7C4/3gEycupZZwXJRJLwtZdKna655VnMSeDqfr6xErl2M1//LojPtTUsVsh2N
SfXUMhurCmTpjF7X4F7k9qKDr9/zIk6GWBKLEkn0DEcyiuo19q4LHDNe0ywTTuXp
XwPIIGy8lgSiad+VQkQzDtQQSNbxNcRLSY0U7X4sf+chc6Of878tBQenPNFGtnLL
34U2Xu5+Irk/
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:25:40 2026 by rpki-client