Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MIVZam3hzL6mZbRWxNLM0JZJmx8.cer
File: MIVZam3hzL6mZbRWxNLM0JZJmx8.cer (raw, json)
Hash identifier: lmMgatdwx/exytR1+CXSqFuHcbTo+WU114S5Dz1i+Dk=
Subject key identifier: 30:85:59:6A:6D:E1:CC:BE:A6:65:B4:56:C4:D2:CC:D0:96:49:9B:1F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7D5AC307EBB8348AFED62612E7043CEB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/0f65fe-262f-474d-8cb6-8ccb674a3875/1/MIVZam3hzL6mZbRWxNLM0JZJmx8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/0f65fe-262f-474d-8cb6-8ccb674a3875/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 06:17:38 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 85.12.64.0 -- 85.12.111.255
IP: 85.12.120.0/22
IP: 85.12.127.0/24
IP: 2a0f:bdc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5a:c3:07:eb:b8:34:8a:fe:d6:26:12:e7:04:3c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:17:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3085596a6de1ccbea665b456c4d2ccd096499b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:08:fd:8a:ec:d2:74:f4:65:2c:51:73:c6:45:
e8:bf:0f:db:3d:c9:66:f4:14:79:1e:da:ea:fa:f9:
8a:ac:34:35:6e:30:df:93:71:f0:a7:57:39:bd:b0:
d0:c8:33:18:03:99:37:a3:77:7f:85:32:b9:eb:42:
4f:c2:76:c8:14:c8:c8:53:76:fc:12:f8:7a:dd:aa:
47:d3:87:e5:40:d8:a6:16:42:a7:ad:f3:61:2f:13:
b8:33:0c:08:1f:25:05:11:ca:c4:a1:32:84:da:35:
14:00:86:6b:8f:0e:1f:0e:7d:36:6a:68:5c:b1:f6:
f2:a8:97:2d:4e:78:32:5e:bb:9d:b3:a8:1b:27:e7:
b8:09:3b:28:54:34:ce:5d:f3:79:49:2c:bd:23:47:
9a:76:21:0a:f7:10:8c:61:b5:57:9c:d0:81:73:ea:
6a:83:e1:a9:65:c4:48:5d:a0:b5:88:7e:2e:c3:33:
8b:c4:e5:85:05:10:6e:17:d6:3b:da:19:65:18:fe:
7a:0b:80:df:ed:14:10:af:fb:23:c0:3a:54:84:92:
1d:fc:7a:7a:54:8f:76:64:59:99:f9:8d:bd:42:5f:
9d:23:25:ae:bd:cb:92:48:9e:7c:13:8a:87:7a:64:
d7:a9:aa:14:20:34:6b:4e:89:1c:81:37:9e:86:22:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:85:59:6A:6D:E1:CC:BE:A6:65:B4:56:C4:D2:CC:D0:96:49:9B:1F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0f65fe-262f-474d-8cb6-8ccb674a3875/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0f65fe-262f-474d-8cb6-8ccb674a3875/1/MIVZam3hzL6mZbRWxNLM0JZJmx8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.64.0-85.12.111.255
85.12.120.0/22
85.12.127.0/24
IPv6:
2a0f:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
03:b5:45:c2:d1:b5:7b:e0:7b:d4:24:e7:e5:04:b9:a9:29:78:
af:d1:95:bd:41:71:53:5e:15:4c:28:59:eb:e9:34:6d:47:76:
c4:33:24:f7:72:18:37:34:3d:ea:d2:80:17:07:2c:1e:4d:07:
de:1e:05:8a:dc:0b:09:63:69:be:35:6c:6f:4c:14:e9:61:75:
04:fe:bd:67:2a:ff:50:2d:35:0f:47:43:45:05:5c:ce:21:6e:
ba:96:11:f3:5d:91:4d:e0:06:90:02:a7:78:a8:5c:8f:60:64:
1c:47:73:a5:38:06:54:d9:c2:b2:73:a7:57:04:f8:b0:4d:05:
79:fe:47:bf:dd:d9:5b:73:1b:35:98:9b:ae:68:d7:3c:2f:ce:
36:1d:16:e4:d0:8b:92:6a:64:03:96:38:33:78:63:51:54:ea:
95:73:4c:b9:bc:e4:dd:aa:df:34:d6:f8:0e:c5:c1:af:e0:33:
a4:57:73:cf:55:b2:11:f9:36:d2:2c:fa:14:ae:f5:61:2f:d1:
e7:03:29:d7:b3:eb:80:24:8d:b0:1b:d5:89:46:75:18:14:b9:
9c:13:dd:32:db:49:b4:df:a3:37:ec:7d:e6:3d:61:cf:88:aa:
56:40:0b:96:86:5b:1c:f1:c9:c6:8e:d3:17:72:55:6a:ef:d7:
bf:ef:33:95
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZt9WsMH67g0iv7WJhLnBDzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDYxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDg1NTk2YTZkZTFjY2JlYTY2NWI0NTZjNGQyY2NkMDk2NDk5YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Aj9iuzSdPRlLFFzxkXovw/bPclm
9BR5Htrq+vmKrDQ1bjDfk3Hwp1c5vbDQyDMYA5k3o3d/hTK560JPwnbIFMjIU3b8
Evh63apH04flQNimFkKnrfNhLxO4MwwIHyUFEcrEoTKE2jUUAIZrjw4fDn02amhc
sfbyqJctTngyXruds6gbJ+e4CTsoVDTOXfN5SSy9I0eadiEK9xCMYbVXnNCBc+pq
g+GpZcRIXaC1iH4uwzOLxOWFBRBuF9Y72hllGP56C4Df7RQQr/sjwDpUhJId/Hp6
VI92ZFmZ+Y29Ql+dIyWuvcuSSJ58E4qHemTXqaoUIDRrTokcgTeehiKjEQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFDCFWWpt4cy+pmW0VsTSzNCWSZsfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjLzBmNjVm
ZS0yNjJmLTQ3NGQtOGNiNi04Y2NiNjc0YTM4NzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvMGY2NWZl
LTI2MmYtNDc0ZC04Y2I2LThjY2I2NzRhMzg3NS8xL01JVlphbTNoekw2bVpiUld4
TkxNMEpaSm14OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEIGCCsGAQUF
BwEHAQH/BDMwMTAgBAIAATAaMAwDBAZVDEADBARVDGADBAJVDHgDBABVDH8wDQQC
AAIwBwMFAyoPvcAwDQYJKoZIhvcNAQELBQADggEBAAO1RcLRtXvge9Qk5+UEuakp
eK/Rlb1BcVNeFUwoWevpNG1HdsQzJPdyGDc0PerSgBcHLB5NB94eBYrcCwljab41
bG9MFOlhdQT+vWcq/1AtNQ9HQ0UFXM4hbrqWEfNdkU3gBpACp3ioXI9gZBxHc6U4
BlTZwrJzp1cE+LBNBXn+R7/d2VtzGzWYm65o1zwvzjYdFuTQi5JqZAOWODN4Y1FU
6pVzTLm85N2q3zTW+A7Fwa/gM6RXc89VshH5NtIs+hSu9WEv0ecDKdez64AkjbAb
1YlGdRgUuZwT3TLbSbTfozfsfeY9Yc+IqlZAC5aGWxzxycaO0xdyVWrv17/vM5U=
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:26:10 2026 by rpki-client