Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
File: NztHo87nmYKtsXA0HQICYCczICM.cer (raw, json)
Hash identifier: wf5lLSOA0jx1MiTApE8/JZOSbPogrsFe5hnp84OwfHE=
Subject key identifier: 37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7F807694EB9698B5F8EE8F8CA2324C82
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 16:18:04 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 59503
AS: 61167
AS: 200568
IP: 5.159.16.0/21
IP: 2a03:45e0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:80:76:94:eb:96:98:b5:f8:ee:8f:8c:a2:32:4c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 16:18:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=373b47a3cee79982adb170341d02026027332023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:2c:c8:39:db:4d:a8:bc:69:bb:b3:39:b1:
03:b0:02:c5:69:12:05:ab:85:33:61:c7:a9:7e:04:
79:50:bf:4a:59:17:f1:0a:d6:65:e5:8f:5e:e1:3a:
78:de:b2:59:10:a8:6f:e0:06:82:13:ab:1c:21:62:
6b:b8:ce:9d:d3:b2:4b:70:21:b3:4e:20:0d:d4:f1:
5c:35:53:48:69:0e:19:49:c3:f9:b1:fd:27:ad:55:
1f:77:7d:77:5a:67:7d:d5:fd:ec:d8:6b:e7:10:bc:
a5:90:38:71:0f:be:9f:4f:de:36:58:75:dd:67:37:
18:4c:6f:e5:02:ad:f1:63:e3:49:f2:77:f7:8c:d2:
a6:5b:5b:bf:c5:d8:8d:35:d5:28:ae:3e:ff:57:4c:
81:8c:d7:69:3f:ed:7c:41:0d:46:e1:2a:2d:8f:30:
1c:15:43:3d:c5:73:85:42:ed:35:c8:91:86:e2:4e:
b9:36:f3:38:06:c0:29:05:94:78:49:f1:54:4c:90:
53:47:a3:f8:31:c7:65:5f:6a:7f:fa:a5:72:a6:a4:
43:46:7c:60:2e:52:97:bd:d7:84:53:23:2d:d8:70:
12:50:c6:75:d5:e3:bd:a1:92:da:e1:64:ba:e2:f3:
b6:ec:5b:ec:52:6b:75:71:49:0a:5c:49:db:31:36:
57:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.16.0/21
IPv6:
2a03:45e0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59503
61167
200568
Signature Algorithm: sha256WithRSAEncryption
41:a2:37:0a:5d:f4:35:9b:a6:98:3f:0f:2e:b9:01:9d:b2:fe:
97:f7:46:38:ea:bd:ef:24:2d:83:b9:51:8a:44:09:a7:cb:3e:
3e:27:8c:55:cf:cf:e4:8f:1f:ce:36:f6:47:75:4b:ec:53:74:
09:ca:90:bb:2b:88:7b:40:69:7a:94:7d:fe:4d:a5:6c:ba:9a:
4e:f6:27:b3:d6:8d:1a:41:e9:92:a1:b5:18:25:03:3f:58:04:
a7:fa:7b:d9:26:be:e0:21:c6:94:e8:1d:73:ee:d2:12:bc:72:
67:ab:16:3d:31:23:04:13:29:3d:39:67:10:c7:3a:3e:b7:0f:
44:1d:a0:2b:8c:56:1e:96:05:1d:f1:8c:5f:cb:80:5a:69:c9:
2e:29:30:ba:20:8e:04:64:83:fd:6d:bc:a3:d1:88:d1:65:f3:
aa:88:c6:eb:50:d8:63:ab:92:62:29:14:cc:4f:31:a9:8f:d9:
32:ea:8a:7f:4c:dd:c9:d9:d4:b3:59:51:68:6b:70:15:e0:d6:
f3:8f:e4:f0:c3:dc:f8:97:99:f6:18:d7:cb:44:cb:4a:6c:d1:
06:e9:97:2b:f8:55:26:1d:7d:b8:b5:40:ba:38:b7:27:b4:4b:
ca:92:29:db:e0:e8:74:9f:74:ee:5a:64:7a:a5:7d:0b:61:b0:
50:5c:0e:84
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZt/gHaU65aYtfjuj4yiMkyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTYxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNiNDdhM2NlZTc5OTgyYWRiMTcwMzQxZDAyMDI2MDI3MzMyMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneYsyDnbTai8abuzObEDsALFaRIF
q4UzYcepfgR5UL9KWRfxCtZl5Y9e4Tp43rJZEKhv4AaCE6scIWJruM6d07JLcCGz
TiAN1PFcNVNIaQ4ZScP5sf0nrVUfd313Wmd91f3s2GvnELylkDhxD76fT942WHXd
ZzcYTG/lAq3xY+NJ8nf3jNKmW1u/xdiNNdUorj7/V0yBjNdpP+18QQ1G4SotjzAc
FUM9xXOFQu01yJGG4k65NvM4BsApBZR4SfFUTJBTR6P4McdlX2p/+qVypqRDRnxg
LlKXvdeEUyMt2HASUMZ11eO9oZLa4WS64vO27FvsUmt1cUkKXEnbMTZXgwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFDc7R6PO55mCrbFwNB0CAmAnMyAjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0LzdjMmEx
NS1hYzRkLTQ2NGEtYTc3ZS0zMmY5YTI4MmY1NmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvN2MyYTE1
LWFjNGQtNDY0YS1hNzdlLTMyZjlhMjgyZjU2Yy8xL056dEhvODdubVlLdHNYQTBI
UUlDWUNjeklDTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDBZ8QMA0EAgACMAcDBQAqA0XgMCQGCCsGAQUF
BwEIAQH/BBUwE6ARMA8CAwDobwIDAO7vAgMDD3gwDQYJKoZIhvcNAQELBQADggEB
AEGiNwpd9DWbppg/Dy65AZ2y/pf3Rjjqve8kLYO5UYpECafLPj4njFXPz+SPH842
9kd1S+xTdAnKkLsriHtAaXqUff5NpWy6mk72J7PWjRpB6ZKhtRglAz9YBKf6e9km
vuAhxpToHXPu0hK8cmerFj0xIwQTKT05ZxDHOj63D0QdoCuMVh6WBR3xjF/LgFpp
yS4pMLogjgRkg/1tvKPRiNFl86qIxutQ2GOrkmIpFMxPMamP2TLqin9M3cnZ1LNZ
UWhrcBXg1vOP5PDD3PiXmfYY18tEy0ps0Qbplyv4VSYdfbi1QLo4tye0S8qSKdvg
6HSfdO5aZHqlfQthsFBcDoQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:18:55 2026 by rpki-client