Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
File: O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer (raw, json)
Hash identifier: mrkNYrzupsnX14er9NKcCr0HOnFdJlvzXxfeYCn+n6A=
Subject key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B797ED79B9AEA143505E370156148916D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 12:18:34 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 5429
AS: 29233
IP: 85.89.96.0/19
IP: 185.92.140.0/22
IP: 193.108.182.0/24
IP: 195.178.192.0/19
IP: 217.67.112.0/20
IP: 2a02:7bc0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:7e:d7:9b:9a:ea:14:35:05:e3:70:15:61:48:91:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b55e7feb907137299f5792c36395efba9b34b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:c8:bf:e7:72:30:de:5d:4e:d1:a2:99:cf:
70:c4:50:f7:c2:ca:1b:5d:ce:d1:ef:89:09:a4:90:
03:7e:03:62:b7:37:e4:1f:19:13:97:1a:2b:79:20:
0a:4a:c9:ae:f1:6f:c6:b3:23:77:29:6c:7e:39:18:
ff:0f:28:76:a8:28:a3:21:dc:e1:b1:9b:24:75:54:
df:17:47:4d:de:4b:3c:84:c4:9b:74:cb:62:5d:98:
d1:28:e5:51:86:3e:72:84:4a:0e:74:a5:e2:07:37:
b1:8c:c6:b0:f5:3b:5a:92:42:fc:46:d7:0f:67:b0:
95:f0:4c:da:05:20:08:8c:89:79:48:6c:05:c1:3d:
d9:12:31:b9:a0:2b:79:a3:d7:e7:1c:a9:11:17:5d:
4a:86:ae:ed:41:17:12:10:02:f8:51:73:94:ff:a2:
14:08:6e:28:d2:05:32:1e:2a:43:95:23:a8:f0:52:
d7:76:42:4c:09:9d:50:c1:02:74:41:79:cb:00:43:
8e:0b:69:51:fd:a9:48:c2:b0:67:af:c4:1e:27:11:
7a:7f:7f:6e:ba:af:6c:9a:65:cf:b2:3b:1f:aa:c8:
51:6b:7c:9d:52:d0:c7:9d:00:45:14:eb:f9:4e:26:
a8:a5:7d:45:e2:c7:a7:9d:1f:91:10:2c:b6:d9:f6:
25:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.89.96.0/19
185.92.140.0/22
193.108.182.0/24
195.178.192.0/19
217.67.112.0/20
IPv6:
2a02:7bc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5429
29233
Signature Algorithm: sha256WithRSAEncryption
80:77:de:30:51:6a:86:ea:98:14:b5:5c:4c:0b:c4:e9:49:f2:
9c:3c:66:71:24:6a:b5:fb:44:27:46:d2:fa:57:3e:af:dc:2e:
de:9f:6f:c9:86:a6:1f:9b:09:91:76:6a:0c:eb:53:67:af:03:
53:fe:07:17:0c:6f:c1:67:8b:75:b6:b3:18:d6:25:be:4b:19:
f7:60:1c:a1:3c:91:1a:c7:f2:3b:3b:a9:4f:06:dc:1c:e9:29:
43:f5:42:9e:13:f6:56:79:1e:88:8d:f5:cc:19:5e:13:70:57:
cb:58:4e:e0:49:cb:1f:2e:a7:8d:c9:8b:02:98:14:52:f6:90:
29:58:94:e0:f4:3d:47:c8:2e:5a:af:51:8c:42:3b:d2:24:e7:
2e:79:d7:e9:d0:c8:67:bd:27:82:a7:bc:0d:28:5f:a4:af:41:
df:de:fb:f0:72:9b:2a:c6:15:9b:14:02:5c:16:53:1c:bd:d8:
70:ae:f3:4d:5c:d3:82:d5:f8:0c:e6:3b:ba:f7:f7:3b:89:e5:
62:73:b5:93:82:bd:90:a2:bf:83:63:b6:b9:0f:a9:d1:67:cd:
8f:0e:20:b3:64:67:06:2b:b1:be:56:f1:85:8d:ea:85:78:0a:
53:65:52:93:5a:66:eb:86:92:e8:29:6f:23:ca:81:a7:f8:a1:
8b:8d:88:d5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZt5ftebmuoUNQXjcBVhSJFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTIxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU1ZTdmZWI5MDcxMzcyOTlmNTc5MmMzNjM5NWVmYmE5YjM0YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5XIv+dyMN5dTtGimc9wxFD3wsob
Xc7R74kJpJADfgNitzfkHxkTlxoreSAKSsmu8W/GsyN3KWx+ORj/Dyh2qCijIdzh
sZskdVTfF0dN3ks8hMSbdMtiXZjRKOVRhj5yhEoOdKXiBzexjMaw9TtakkL8RtcP
Z7CV8EzaBSAIjIl5SGwFwT3ZEjG5oCt5o9fnHKkRF11Khq7tQRcSEAL4UXOU/6IU
CG4o0gUyHipDlSOo8FLXdkJMCZ1QwQJ0QXnLAEOOC2lR/alIwrBnr8QeJxF6f39u
uq9smmXPsjsfqshRa3ydUtDHnQBFFOv5TiaopX1F4sennR+RECy22fYlPwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFDtV5/65BxNymfV5LDY5Xvups0tiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2LzhiNzY4
Yy0wZTBhLTRhZDMtOTEwMC1hNDQxZTI0YmUwMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYvOGI3Njhj
LTBlMGEtNGFkMy05MTAwLWE0NDFlMjRiZTAzNi8xL08xWG5fcmtIRTNLWjlYa3NO
amxlLTZtelMySS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQFVVlgAwQCuVyMAwQAwWy2AwQFw7LAAwQE2UNw
MA0EAgACMAcDBQAqAnvAMB0GCCsGAQUFBwEIAQH/BA4wDKAKMAgCAhU1AgJyMTAN
BgkqhkiG9w0BAQsFAAOCAQEAgHfeMFFqhuqYFLVcTAvE6UnynDxmcSRqtftEJ0bS
+lc+r9wu3p9vyYamH5sJkXZqDOtTZ68DU/4HFwxvwWeLdbazGNYlvksZ92AcoTyR
GsfyOzupTwbcHOkpQ/VCnhP2VnkeiI31zBleE3BXy1hO4EnLHy6njcmLApgUUvaQ
KViU4PQ9R8guWq9RjEI70iTnLnnX6dDIZ70ngqe8DShfpK9B39778HKbKsYVmxQC
XBZTHL3YcK7zTVzTgtX4DOY7uvf3O4nlYnO1k4K9kKK/g2O2uQ+p0WfNjw4gs2Rn
BiuxvlbxhY3qhXgKU2VSk1pm64aS6ClvI8qBp/ihi42I1Q==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:08:00 2026 by rpki-client