Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer
File: NbA-yF0IYHprHd8f553GUcz-Pzc.cer (raw, json)
Hash identifier: Oik9Iik9o3GBeEuZlmteJWBkSmRwKtbd31ImDZw+y48=
Subject key identifier: 35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B76EAABCD0100E78A2B10FD6D12FF84CB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 00:17:29 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 44134
IP: 79.142.224.0/20
IP: 217.71.0.0/20
IP: 2a02:2190::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:76:ea:ab:cd:01:00:e7:8a:2b:10:fd:6d:12:ff:84:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:17:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=35b03ec85d08607a6b1ddf1fe79dc651ccfe3f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c3:79:6a:ed:7a:ad:3b:c0:5e:32:b9:39:72:
fb:d6:01:65:b6:50:6c:a0:22:56:bf:ad:21:ed:51:
ed:90:dd:12:27:5b:21:07:d2:f7:e8:05:0f:8d:66:
f0:55:56:0d:61:23:18:b0:d1:df:5a:21:74:05:c7:
94:ee:01:6a:dc:b8:8e:e2:3c:4a:e7:8a:43:19:84:
8c:bb:76:c3:21:1a:a5:00:19:28:56:a2:be:e6:e7:
83:8f:a2:7c:2d:4e:74:2b:69:74:16:dc:75:20:91:
65:79:37:64:9c:e6:ef:9a:9b:38:86:d8:70:bd:07:
96:d4:4a:4b:bc:5f:c9:85:bf:f8:31:5f:be:63:d8:
b1:68:29:cf:e9:8f:ee:e4:72:6b:ab:f5:a1:4b:ec:
e3:4a:50:d1:e0:87:9e:b1:65:04:44:e6:d7:e4:5b:
22:7d:98:2d:39:5a:76:ce:13:c5:a4:bd:c3:04:e7:
d9:a5:df:6b:b8:2b:b1:8a:f5:17:26:12:40:1c:99:
39:78:43:b3:b3:e9:aa:c5:d3:79:3e:91:b9:18:89:
25:68:0f:d5:ae:d8:c0:b9:73:ee:9a:c3:44:81:c8:
9d:d3:e3:69:c2:e0:88:27:ee:f1:82:3e:de:fe:5a:
2a:55:08:9a:94:2d:df:0c:0c:cf:00:2d:73:94:87:
00:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.224.0/20
217.71.0.0/20
IPv6:
2a02:2190::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44134
Signature Algorithm: sha256WithRSAEncryption
36:eb:ac:60:a6:e0:0b:92:58:5c:6b:12:a9:ac:17:9e:80:1c:
8c:eb:f3:82:34:03:68:35:0e:f9:02:79:89:37:5a:88:ef:d9:
f9:09:4a:c9:f8:66:7e:b6:88:13:a5:c5:24:7c:55:fc:bd:92:
ec:da:c0:c9:1b:24:21:cc:73:b6:31:c9:a2:c5:c7:37:ad:b1:
84:ab:38:28:ad:3f:3d:63:64:dc:30:c9:df:5f:e4:33:d7:ac:
d3:a0:6e:83:13:1f:ef:35:58:6f:3e:06:16:1c:2f:1c:46:03:
0c:5f:8c:e4:fc:ad:bb:2b:ec:0b:1e:94:b0:5e:36:d1:44:e8:
ad:ff:05:cf:01:23:63:bd:1a:62:e4:bd:18:f7:20:77:80:f7:
9c:57:d2:b1:74:f6:4d:d0:4c:5f:49:f0:29:4e:d1:2d:55:94:
98:86:6b:28:99:02:3f:ad:21:54:67:a1:26:f7:f1:08:8f:36:
ce:ae:9e:f4:de:77:cb:53:d4:90:f7:1c:72:89:fc:de:e2:e8:
16:bc:e7:06:10:54:ed:62:fc:e7:5e:48:2e:77:36:1b:14:ba:
10:dd:74:37:df:2d:2d:ce:14:49:68:8b:dd:85:d3:05:02:cd:
c9:52:7b:ea:e8:b8:4f:78:48:48:44:31:4f:ce:54:27:89:a3:
64:e3:8d:ea
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZt26qvNAQDniisQ/W0S/4TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIwM2VjODVkMDg2MDdhNmIxZGRmMWZlNzlkYzY1MWNjZmUzZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMN5au16rTvAXjK5OXL71gFltlBs
oCJWv60h7VHtkN0SJ1shB9L36AUPjWbwVVYNYSMYsNHfWiF0BceU7gFq3LiO4jxK
54pDGYSMu3bDIRqlABkoVqK+5ueDj6J8LU50K2l0Ftx1IJFleTdknObvmps4hthw
vQeW1EpLvF/Jhb/4MV++Y9ixaCnP6Y/u5HJrq/WhS+zjSlDR4IeesWUERObX5Fsi
fZgtOVp2zhPFpL3DBOfZpd9ruCuxivUXJhJAHJk5eEOzs+mqxdN5PpG5GIklaA/V
rtjAuXPumsNEgcid0+NpwuCIJ+7xgj7e/loqVQialC3fDAzPAC1zlIcAjwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDWwPshdCGB6ax3fH+edxlHM/j83MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1L2NjNGZl
OS1lNDhjLTQyZGEtOTdlYS1hYjU3Y2FiYzE4ZjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvY2M0ZmU5
LWU0OGMtNDJkYS05N2VhLWFiNTdjYWJjMThmNy8xL05iQS15RjBJWUhwckhkOGY1
NTNHVWN6LVB6Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQET47gAwQE2UcAMA0EAgACMAcDBQMqAiGQMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCsZjANBgkqhkiG9w0BAQsFAAOCAQEANuus
YKbgC5JYXGsSqawXnoAcjOvzgjQDaDUO+QJ5iTdaiO/Z+QlKyfhmfraIE6XFJHxV
/L2S7NrAyRskIcxztjHJosXHN62xhKs4KK0/PWNk3DDJ31/kM9es06BugxMf7zVY
bz4GFhwvHEYDDF+M5PytuyvsCx6UsF420UTorf8FzwEjY70aYuS9GPcgd4D3nFfS
sXT2TdBMX0nwKU7RLVWUmIZrKJkCP60hVGehJvfxCI82zq6e9N53y1PUkPcccon8
3uLoFrznBhBU7WL8515ILnc2GxS6EN10N98tLc4USWiL3YXTBQLNyVJ76ui4T3hI
SEQxT85UJ4mjZOON6g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:37:50 2026 by rpki-client