Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OEGrqj51xG2YtvqGeNNP7yrDhbA.cer
File: OEGrqj51xG2YtvqGeNNP7yrDhbA.cer (raw, json)
Hash identifier: JXBtGUPN7PfEcnglB/zLLDSRccPY2V5zONGYPwUfMUk=
Subject key identifier: 38:41:AB:AA:3E:75:C4:6D:98:B6:FA:86:78:D3:4F:EF:2A:C3:85:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7E3832CC51E7AD9CF862921ECE95E95F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/53/1129de-bf43-4967-8c04-f22610e63c92/1/OEGrqj51xG2YtvqGeNNP7yrDhbA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/53/1129de-bf43-4967-8c04-f22610e63c92/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 10:19:30 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 35175
IP: 85.194.208.0 -- 85.194.219.255
IP: 185.117.220.0/22
IP: 2a06:8680::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:32:cc:51:e7:ad:9c:f8:62:92:1e:ce:95:e9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:19:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3841abaa3e75c46d98b6fa8678d34fef2ac385b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:04:a7:79:09:62:33:cf:69:55:8d:0d:1a:bf:
2a:f4:c8:f8:70:3a:fc:49:07:04:9f:fe:2b:35:58:
ce:b3:72:fd:8b:ab:89:a3:ab:a5:83:d7:22:dc:0e:
df:c2:90:97:f0:cd:ef:85:03:9d:0b:8c:37:2d:a9:
20:3f:52:4b:2a:4f:9e:e6:f9:19:95:a8:f1:bc:00:
f4:0d:a3:f1:ca:0d:cc:71:d0:1a:34:e4:b0:34:87:
62:47:5e:c6:db:bb:fb:5f:8d:a2:2c:a8:7c:8a:63:
a7:d2:99:91:e6:09:a1:5d:5c:39:d4:5a:7b:e5:f2:
18:2d:c5:be:0a:6c:56:53:ff:9b:9e:4d:d2:93:21:
6f:06:c2:e3:41:aa:39:22:e8:99:d0:d2:71:3e:c7:
e4:7e:12:93:2b:ad:13:a4:d5:0b:f3:1b:9f:74:b0:
54:ea:f3:d7:fd:c7:a1:1c:de:b2:7d:1d:55:5c:0e:
14:a4:1a:fa:b7:a6:44:d2:8b:b4:0b:1d:40:a2:80:
04:53:59:f2:cc:96:09:12:b2:37:f3:87:c7:da:27:
cf:55:a8:21:f3:9e:2f:d2:b6:8a:b4:43:7e:6e:09:
88:1e:84:05:84:f3:93:82:fb:d1:d9:2e:e0:5e:b8:
95:44:7e:da:b9:85:a4:c5:69:2f:94:eb:41:da:77:
5d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:41:AB:AA:3E:75:C4:6D:98:B6:FA:86:78:D3:4F:EF:2A:C3:85:B0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1129de-bf43-4967-8c04-f22610e63c92/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1129de-bf43-4967-8c04-f22610e63c92/1/OEGrqj51xG2YtvqGeNNP7yrDhbA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.208.0-85.194.219.255
185.117.220.0/22
IPv6:
2a06:8680::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35175
Signature Algorithm: sha256WithRSAEncryption
70:d8:30:cf:88:ee:4d:cc:48:a6:d8:f2:b9:7b:32:88:a3:7e:
03:77:d8:af:e3:b6:16:7b:9b:35:d4:8c:9e:10:64:c3:e1:00:
0f:eb:9b:6c:55:f4:39:0b:c5:a9:23:cb:fb:a9:5a:84:d8:5e:
3e:ac:0e:83:48:96:bc:40:98:94:3b:f4:87:de:cb:d9:e8:03:
fc:e7:ba:62:2c:7c:f8:16:e9:6e:51:1b:17:a6:fd:b8:2f:c3:
3c:be:49:ac:0e:e5:f2:1c:f3:bc:7f:6b:a4:74:35:67:4a:d5:
d5:7b:7a:1d:07:ef:ea:fb:dd:26:27:09:33:cb:13:0a:39:fe:
d0:eb:45:fa:b4:2d:0a:dd:7a:55:8f:8c:86:bc:2c:2e:7b:a0:
91:20:d0:27:95:4e:54:ff:e8:fa:7a:74:81:77:bf:60:f2:bd:
20:38:1f:29:ee:7c:69:a9:e2:9a:73:cf:98:37:0d:e7:ee:ba:
33:de:1d:ba:2f:91:c2:67:b1:7a:55:03:c4:b0:10:dc:bf:ed:
6b:86:15:9e:e0:a3:3b:48:85:89:6b:d4:87:48:ea:b7:79:44:
ff:47:40:40:e0:66:9a:45:90:96:4b:55:20:f3:d3:46:f4:9c:
11:a0:ee:bd:16:9f:a8:c7:46:d3:29:95:9d:13:59:41:92:36:
ce:68:01:a9
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZt+ODLMUeetnPhikh7OlelfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTAxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQxYWJhYTNlNzVjNDZkOThiNmZhODY3OGQzNGZlZjJhYzM4NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgSneQliM89pVY0NGr8q9Mj4cDr8
SQcEn/4rNVjOs3L9i6uJo6ulg9ci3A7fwpCX8M3vhQOdC4w3LakgP1JLKk+e5vkZ
lajxvAD0DaPxyg3McdAaNOSwNIdiR17G27v7X42iLKh8imOn0pmR5gmhXVw51Fp7
5fIYLcW+CmxWU/+bnk3SkyFvBsLjQao5IuiZ0NJxPsfkfhKTK60TpNUL8xufdLBU
6vPX/cehHN6yfR1VXA4UpBr6t6ZE0ou0Cx1AooAEU1nyzJYJErI384fH2ifPVagh
854v0raKtEN+bgmIHoQFhPOTgvvR2S7gXriVRH7auYWkxWkvlOtB2nddqQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFDhBq6o+dcRtmLb6hnjTT+8qw4WwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzLzExMjlk
ZS1iZjQzLTQ5NjctOGMwNC1mMjI2MTBlNjNjOTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvMTEyOWRl
LWJmNDMtNDk2Ny04YzA0LWYyMjYxMGU2M2M5Mi8xL09FR3JxajUxeEcyWXR2cUdl
Tk5QN3lyRGhiQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUF
BwEHAQH/BC0wKzAaBAIAATAUMAwDBARVwtADBAJVwtgDBAK5ddwwDQQCAAIwBwMF
AyoGhoAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAIlnMA0GCSqGSIb3DQEBCwUA
A4IBAQBw2DDPiO5NzEim2PK5ezKIo34Dd9iv47YWe5s11IyeEGTD4QAP65tsVfQ5
C8WpI8v7qVqE2F4+rA6DSJa8QJiUO/SH3svZ6AP857piLHz4FuluURsXpv24L8M8
vkmsDuXyHPO8f2ukdDVnStXVe3odB+/q+90mJwkzyxMKOf7Q60X6tC0K3XpVj4yG
vCwue6CRINAnlU5U/+j6enSBd79g8r0gOB8p7nxpqeKac8+YNw3n7roz3h26L5HC
Z7F6VQPEsBDcv+1rhhWe4KM7SIWJa9SHSOq3eUT/R0BA4GaaRZCWS1Ug89NG9JwR
oO69Fp+ox0bTKZWdE1lBkjbOaAGp
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:20:41 2026 by rpki-client