Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
File: MtRJGf3QivuaTQqHeJIwESUd1_A.cer (raw, json)
Hash identifier: RpHesBWIMK+pCnxcs80TmdXYLZLWWwxdX4aIBkGEoQs=
Subject key identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D86F192D612991F13B7C014250C8759FF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 13 Apr 2026 13:04:31 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 64.38.116.0/24
IP: 65.38.102.0 -- 65.38.105.255
IP: 65.38.123.0/24
IP: 65.79.176.0/24
IP: 66.45.17.0 -- 66.45.19.255
IP: 66.45.38.0/23
IP: 66.45.61.0/24
IP: 66.45.63.0/24
IP: 66.45.76.0/24
IP: 66.45.113.0 -- 66.45.115.255
IP: 66.179.15.0/24
IP: 66.179.36.0/23
IP: 66.179.88.0/23
IP: 66.179.99.0/24
IP: 66.179.106.0/23
IP: 66.179.141.0 -- 66.179.142.255
IP: 66.179.156.0/24
IP: 66.179.161.0/24
IP: 66.179.176.0/24
IP: 66.179.204.0/23
IP: 66.179.207.0/24
IP: 66.179.213.0/24
IP: 66.179.247.0/24
IP: 67.159.208.0/20
IP: 67.202.232.0/24
IP: 69.48.213.0/24
IP: 69.71.220.0/24
IP: 69.161.128.0/19
IP: 69.164.84.0/23
IP: 69.164.87.0 -- 69.164.89.255
IP: 69.164.96.0/24
IP: 74.205.245.0/24
IP: 108.60.0.0/20
IP: 173.209.230.0/23
IP: 173.252.145.0/24
IP: 173.252.160.0/24
IP: 173.252.166.0/24
IP: 209.46.1.0/24
IP: 209.46.39.0/24
IP: 209.46.56.0/23
IP: 216.177.153.0 -- 216.177.154.255
IP: 216.183.105.0/24
IP: 216.183.109.0/24
IP: 216.183.115.0/24
IP: 216.183.118.0/23
IP: 216.183.123.0/24
IP: 216.183.126.0/23
IP: 216.203.13.0/24
IP: 216.203.31.0/24
IP: 216.203.38.0/24
IP: 216.203.56.0/24
IP: 216.245.152.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:f1:92:d6:12:99:1f:13:b7:c0:14:25:0c:87:59:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 13 13:04:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:99:a3:41:e9:da:08:7c:cb:15:7c:2b:ff:
97:4a:30:68:3f:53:da:92:bb:c6:fa:e2:36:7c:5f:
1f:39:44:c7:da:0d:8d:3e:35:aa:b6:01:56:e0:eb:
8a:16:46:20:66:78:23:0a:5d:2e:0b:cb:63:dd:65:
7b:00:ef:6b:7e:05:ba:ed:7b:5a:04:23:13:6b:be:
68:1f:d2:66:c9:97:3a:02:74:03:b6:15:3b:2c:86:
8c:ca:a3:29:7a:38:0b:de:0f:37:aa:cd:99:ba:e4:
62:2d:bf:d5:31:06:b5:3e:7f:7c:93:66:a5:43:10:
0f:b9:bc:6d:01:3a:f3:d6:53:cf:fe:18:e7:4e:c4:
c7:c2:59:6c:96:04:7c:26:f4:ff:34:a4:b4:f8:bc:
d9:79:ad:72:ab:3c:33:93:5c:e7:7d:17:c8:b1:61:
61:6c:39:c1:7d:42:fb:19:f2:90:75:28:d5:72:ac:
2a:fa:f1:42:bb:b8:85:9b:06:d9:70:38:fa:ae:72:
4d:e4:d4:fc:7a:20:35:98:c7:e6:fe:70:9b:cd:7c:
f8:8e:48:a4:01:e8:82:32:f4:96:18:c3:bf:77:a6:
b2:7b:58:ec:af:2a:47:ad:43:84:50:ed:00:5d:d7:
5a:aa:c3:e5:e2:bd:e2:40:fb:b9:cf:ac:ff:b9:78:
9d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.38.116.0/24
65.38.102.0-65.38.105.255
65.38.123.0/24
65.79.176.0/24
66.45.17.0-66.45.19.255
66.45.38.0/23
66.45.61.0/24
66.45.63.0/24
66.45.76.0/24
66.45.113.0-66.45.115.255
66.179.15.0/24
66.179.36.0/23
66.179.88.0/23
66.179.99.0/24
66.179.106.0/23
66.179.141.0-66.179.142.255
66.179.156.0/24
66.179.161.0/24
66.179.176.0/24
66.179.204.0/23
66.179.207.0/24
66.179.213.0/24
66.179.247.0/24
67.159.208.0/20
67.202.232.0/24
69.48.213.0/24
69.71.220.0/24
69.161.128.0/19
69.164.84.0/23
69.164.87.0-69.164.89.255
69.164.96.0/24
74.205.245.0/24
108.60.0.0/20
173.209.230.0/23
173.252.145.0/24
173.252.160.0/24
173.252.166.0/24
209.46.1.0/24
209.46.39.0/24
209.46.56.0/23
216.177.153.0-216.177.154.255
216.183.105.0/24
216.183.109.0/24
216.183.115.0/24
216.183.118.0/23
216.183.123.0/24
216.183.126.0/23
216.203.13.0/24
216.203.31.0/24
216.203.38.0/24
216.203.56.0/24
216.245.152.0/24
Signature Algorithm: sha256WithRSAEncryption
52:39:e7:17:97:f8:50:bb:c2:83:9a:c3:fa:1f:74:ac:d0:eb:
ce:3d:f4:97:e9:e0:b5:97:90:9d:ce:9f:0d:6f:9f:e5:50:64:
0e:82:ea:e3:43:36:5c:28:77:45:81:d8:65:b9:d8:75:62:b2:
bd:29:77:98:bf:4a:68:51:93:80:32:c1:c7:2f:a4:1c:b2:d2:
60:88:f7:59:03:ce:40:7b:b3:3d:ef:d2:b9:51:93:dd:f3:32:
12:f6:9d:01:0d:b4:b8:1f:d5:11:ee:83:54:cc:c0:e1:38:48:
d2:0f:12:d4:e2:08:93:02:d0:24:03:5a:76:f8:20:38:d7:83:
56:c7:f7:2b:11:dd:db:77:bf:d2:de:2d:d0:c8:64:8c:9c:90:
3e:b2:0f:1d:e2:2a:8e:38:af:b5:07:e5:c5:38:c1:c8:db:43:
9e:05:9e:04:ff:32:b8:04:c3:85:ee:72:7a:f0:4d:60:91:0e:
ff:f2:9a:67:aa:1d:62:32:e9:b9:5e:d1:4d:c1:5d:f8:8a:87:
3c:0c:52:72:79:e6:1b:5e:14:20:a5:d8:e4:a8:90:4c:75:40:
ac:b2:ac:72:78:89:be:7b:cd:f5:c7:27:3b:79:18:09:3e:de:
04:6a:7c:60:32:8c:64:af:17:61:0b:00:95:a2:f6:3a:d9:28:
27:6f:f1:5e
-----BEGIN CERTIFICATE-----
MIIG5DCCBcygAwIBAgISAZ2G8ZLWEpkfE7fAFCUMh1n/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDEzMTMwNDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ0NDkxOWZkZDA4YWZiOWE0ZDBhODc3ODkyMzAxMTI1MWRkN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhWZo0Hp2gh8yxV8K/+XSjBoP1Pa
krvG+uI2fF8fOUTH2g2NPjWqtgFW4OuKFkYgZngjCl0uC8tj3WV7AO9rfgW67Xta
BCMTa75oH9JmyZc6AnQDthU7LIaMyqMpejgL3g83qs2ZuuRiLb/VMQa1Pn98k2al
QxAPubxtATrz1lPP/hjnTsTHwllslgR8JvT/NKS0+LzZea1yqzwzk1znfRfIsWFh
bDnBfUL7GfKQdSjVcqwq+vFCu7iFmwbZcDj6rnJN5NT8eiA1mMfm/nCbzXz4jkik
AeiCMvSWGMO/d6aye1jsrypHrUOEUO0AXddaqsPl4r3iQPu5z6z/uXid1wIDAQAB
o4ID8DCCA+wwHQYDVR0OBBYEFDLUSRn90Ir7mk0Kh3iSMBElHdfwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2ZkMjI5
NC1jZjM3LTRmYzktOWVkZC1hNGY3YjA4OGJjMWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvZmQyMjk0
LWNmMzctNGZjOS05ZWRkLWE0ZjdiMDg4YmMxYS8xL010UkpHZjNRaXZ1YVRRcUhl
Skl3RVNVZDFfQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBiQYIKwYB
BQUHAQcBAf8EggF4MIIBdDCCAXAEAgABMIIBaAMEAEAmdDAMAwQBQSZmAwQBQSZo
AwQAQSZ7AwQAQU+wMAwDBABCLREDBAJCLRADBAFCLSYDBABCLT0DBABCLT8DBABC
LUwwDAMEAEItcQMEAkItcAMEAEKzDwMEAUKzJAMEAUKzWAMEAEKzYwMEAUKzajAM
AwQAQrONAwQAQrOOAwQAQrOcAwQAQrOhAwQAQrOwAwQBQrPMAwQAQrPPAwQAQrPV
AwQAQrP3AwQEQ5/QAwQAQ8roAwQARTDVAwQARUfcAwQFRaGAAwQBRaRUMAwDBABF
pFcDBAFFpFgDBABFpGADBABKzfUDBARsPAADBAGt0eYDBACt/JEDBACt/KADBACt
/KYDBADRLgEDBADRLicDBAHRLjgwDAMEANixmQMEANixmgMEANi3aQMEANi3bQME
ANi3cwMEAdi3dgMEANi3ewMEAdi3fgMEANjLDQMEANjLHwMEANjLJgMEANjLOAME
ANj1mDANBgkqhkiG9w0BAQsFAAOCAQEAUjnnF5f4ULvCg5rD+h90rNDrzj30l+ng
tZeQnc6fDW+f5VBkDoLq40M2XCh3RYHYZbnYdWKyvSl3mL9KaFGTgDLBxy+kHLLS
YIj3WQPOQHuzPe/SuVGT3fMyEvadAQ20uB/VEe6DVMzA4ThI0g8S1OIIkwLQJANa
dvggONeDVsf3KxHd23e/0t4t0MhkjJyQPrIPHeIqjjivtQflxTjByNtDngWeBP8y
uATDhe5yevBNYJEO//KaZ6odYjLpuV7RTcFd+IqHPAxScnnmG14UIKXY5KiQTHVA
rLKscniJvnvN9ccnO3kYCT7eBGp8YDKMZK8XYQsAlaL2OtkoJ2/xXg==
-----END CERTIFICATE-----
Generated at Wed May 13 03:41:13 2026 by rpki-client