Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
File: MtRJGf3QivuaTQqHeJIwESUd1_A.cer (raw, json)
Hash identifier: vsQxh6TuOjLXWVkMPIE5ePhZsaxfCqVBfgCDOhQSN4o=
Subject key identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D015DB003DA824F3E0635F094456209C9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 18 Mar 2026 14:33:30 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 64.38.116.0/24
IP: 65.38.123.0/24
IP: 65.79.176.0/24
IP: 66.45.17.0/24
IP: 66.45.61.0/24
IP: 66.45.63.0/24
IP: 66.45.76.0/24
IP: 66.45.113.0/24
IP: 66.179.15.0/24
IP: 66.179.99.0/24
IP: 66.179.141.0 -- 66.179.142.255
IP: 66.179.156.0/24
IP: 66.179.176.0/24
IP: 66.179.207.0/24
IP: 66.179.213.0/24
IP: 66.179.247.0/24
IP: 67.159.208.0/20
IP: 67.202.232.0/24
IP: 69.48.213.0/24
IP: 69.161.128.0/20
IP: 69.164.87.0/24
IP: 69.164.96.0/24
IP: 74.205.245.0/24
IP: 108.60.0.0/20
IP: 173.252.145.0/24
IP: 173.252.160.0/24
IP: 173.252.166.0/24
IP: 209.46.1.0/24
IP: 209.46.39.0/24
IP: 216.183.105.0/24
IP: 216.183.109.0/24
IP: 216.183.115.0/24
IP: 216.183.123.0/24
IP: 216.203.13.0/24
IP: 216.203.31.0/24
IP: 216.203.38.0/24
IP: 216.203.56.0/24
IP: 216.245.152.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:5d:b0:03:da:82:4f:3e:06:35:f0:94:45:62:09:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 18 14:33:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:99:a3:41:e9:da:08:7c:cb:15:7c:2b:ff:
97:4a:30:68:3f:53:da:92:bb:c6:fa:e2:36:7c:5f:
1f:39:44:c7:da:0d:8d:3e:35:aa:b6:01:56:e0:eb:
8a:16:46:20:66:78:23:0a:5d:2e:0b:cb:63:dd:65:
7b:00:ef:6b:7e:05:ba:ed:7b:5a:04:23:13:6b:be:
68:1f:d2:66:c9:97:3a:02:74:03:b6:15:3b:2c:86:
8c:ca:a3:29:7a:38:0b:de:0f:37:aa:cd:99:ba:e4:
62:2d:bf:d5:31:06:b5:3e:7f:7c:93:66:a5:43:10:
0f:b9:bc:6d:01:3a:f3:d6:53:cf:fe:18:e7:4e:c4:
c7:c2:59:6c:96:04:7c:26:f4:ff:34:a4:b4:f8:bc:
d9:79:ad:72:ab:3c:33:93:5c:e7:7d:17:c8:b1:61:
61:6c:39:c1:7d:42:fb:19:f2:90:75:28:d5:72:ac:
2a:fa:f1:42:bb:b8:85:9b:06:d9:70:38:fa:ae:72:
4d:e4:d4:fc:7a:20:35:98:c7:e6:fe:70:9b:cd:7c:
f8:8e:48:a4:01:e8:82:32:f4:96:18:c3:bf:77:a6:
b2:7b:58:ec:af:2a:47:ad:43:84:50:ed:00:5d:d7:
5a:aa:c3:e5:e2:bd:e2:40:fb:b9:cf:ac:ff:b9:78:
9d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.38.116.0/24
65.38.123.0/24
65.79.176.0/24
66.45.17.0/24
66.45.61.0/24
66.45.63.0/24
66.45.76.0/24
66.45.113.0/24
66.179.15.0/24
66.179.99.0/24
66.179.141.0-66.179.142.255
66.179.156.0/24
66.179.176.0/24
66.179.207.0/24
66.179.213.0/24
66.179.247.0/24
67.159.208.0/20
67.202.232.0/24
69.48.213.0/24
69.161.128.0/20
69.164.87.0/24
69.164.96.0/24
74.205.245.0/24
108.60.0.0/20
173.252.145.0/24
173.252.160.0/24
173.252.166.0/24
209.46.1.0/24
209.46.39.0/24
216.183.105.0/24
216.183.109.0/24
216.183.115.0/24
216.183.123.0/24
216.203.13.0/24
216.203.31.0/24
216.203.38.0/24
216.203.56.0/24
216.245.152.0/24
Signature Algorithm: sha256WithRSAEncryption
04:eb:36:71:7e:2e:7a:69:a7:06:93:f9:81:e0:3b:e7:13:52:
ed:5f:30:48:70:a7:72:7a:84:ee:eb:0e:90:ec:40:ca:58:d9:
40:79:72:83:08:dd:6b:db:61:98:d8:fe:1e:a7:e3:3b:f5:13:
b5:71:78:16:ad:76:10:17:f9:a5:89:91:f6:d6:e9:08:ac:fb:
5c:bd:b4:f6:98:90:f2:0a:f9:a2:24:e5:ea:cb:29:e4:0e:fa:
07:85:1a:b0:be:c1:ae:6c:5d:7f:79:27:55:4d:de:22:39:a8:
2c:ae:65:18:74:2e:f0:cb:e6:c0:f5:99:8a:7a:1e:c7:f7:3d:
28:5b:06:7e:f9:dd:c6:38:bf:a9:c1:89:a9:6f:55:c5:5e:ca:
eb:c2:0b:01:b7:f3:b4:3c:59:e6:77:7e:87:dd:38:d2:8a:a4:
ed:aa:75:84:43:ec:7c:8e:7a:24:ca:46:75:05:fe:69:76:a4:
e3:49:82:51:bf:0b:28:98:c1:b7:8b:ca:b1:df:48:d3:1b:14:
4b:e2:4c:7f:b7:ad:27:ff:96:01:19:45:af:3f:ed:d3:4a:af:
69:3e:4f:04:3c:77:f3:4d:3b:10:12:95:ff:c8:26:47:bd:75:
c4:0c:a2:ec:e1:17:c8:8b:c6:c5:2f:dc:75:fa:b4:50:0b:d8:
ad:90:d6:ed
-----BEGIN CERTIFICATE-----
MIIGZDCCBUygAwIBAgISAZ0BXbAD2oJPPgY18JRFYgnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzE4MTQzMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ0NDkxOWZkZDA4YWZiOWE0ZDBhODc3ODkyMzAxMTI1MWRkN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhWZo0Hp2gh8yxV8K/+XSjBoP1Pa
krvG+uI2fF8fOUTH2g2NPjWqtgFW4OuKFkYgZngjCl0uC8tj3WV7AO9rfgW67Xta
BCMTa75oH9JmyZc6AnQDthU7LIaMyqMpejgL3g83qs2ZuuRiLb/VMQa1Pn98k2al
QxAPubxtATrz1lPP/hjnTsTHwllslgR8JvT/NKS0+LzZea1yqzwzk1znfRfIsWFh
bDnBfUL7GfKQdSjVcqwq+vFCu7iFmwbZcDj6rnJN5NT8eiA1mMfm/nCbzXz4jkik
AeiCMvSWGMO/d6aye1jsrypHrUOEUO0AXddaqsPl4r3iQPu5z6z/uXid1wIDAQAB
o4IDcDCCA2wwHQYDVR0OBBYEFDLUSRn90Ir7mk0Kh3iSMBElHdfwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2ZkMjI5
NC1jZjM3LTRmYzktOWVkZC1hNGY3YjA4OGJjMWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvZmQyMjk0
LWNmMzctNGZjOS05ZWRkLWE0ZjdiMDg4YmMxYS8xL010UkpHZjNRaXZ1YVRRcUhl
Skl3RVNVZDFfQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBCQYIKwYB
BQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQAQCZ0AwQAQSZ7AwQAQU+wAwQAQi0R
AwQAQi09AwQAQi0/AwQAQi1MAwQAQi1xAwQAQrMPAwQAQrNjMAwDBABCs40DBABC
s44DBABCs5wDBABCs7ADBABCs88DBABCs9UDBABCs/cDBARDn9ADBABDyugDBABF
MNUDBARFoYADBABFpFcDBABFpGADBABKzfUDBARsPAADBACt/JEDBACt/KADBACt
/KYDBADRLgEDBADRLicDBADYt2kDBADYt20DBADYt3MDBADYt3sDBADYyw0DBADY
yx8DBADYyyYDBADYyzgDBADY9ZgwDQYJKoZIhvcNAQELBQADggEBAATrNnF+Lnpp
pwaT+YHgO+cTUu1fMEhwp3J6hO7rDpDsQMpY2UB5coMI3WvbYZjY/h6n4zv1E7Vx
eBatdhAX+aWJkfbW6Qis+1y9tPaYkPIK+aIk5erLKeQO+geFGrC+wa5sXX95J1VN
3iI5qCyuZRh0LvDL5sD1mYp6Hsf3PShbBn753cY4v6nBialvVcVeyuvCCwG387Q8
WeZ3fofdONKKpO2qdYRD7HyOeiTKRnUF/ml2pONJglG/CyiYwbeLyrHfSNMbFEvi
TH+3rSf/lgEZRa8/7dNKr2k+TwQ8d/NNOxASlf/IJke9dcQMouzhF8iLxsUv3HX6
tFAL2K2Q1u0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:27:00 2026 by rpki-client