Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
File: OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer (raw, json)
Hash identifier: kirDWyr48jC2aGfnfV3Hln5iwfNuujRxZscz1gZ/ZRM=
Subject key identifier: 38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7AC80CDA48D9756C2830491FD4A8AC1D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 18:18:09 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 209301
IP: 5.253.48.0/22
IP: 2a09:52c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c8:0c:da:48:d9:75:6c:28:30:49:1f:d4:a8:ac:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:18:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:4b:4f:f6:06:8d:9d:de:41:e0:2f:e0:a5:
f1:b3:25:d7:b6:d7:8b:5d:c1:76:50:1f:2a:bb:82:
b4:59:7c:8f:c7:4c:ba:63:63:c3:65:8e:21:b4:49:
a5:ac:2c:72:a2:54:82:aa:45:ab:8a:41:b2:02:1f:
4c:e5:90:63:a8:8c:eb:83:33:2f:dc:65:26:ca:bb:
76:49:ca:7c:69:6c:ea:22:06:ed:90:79:d3:21:6e:
5d:d3:21:80:6a:bb:b2:63:7e:e2:d2:60:fc:18:0c:
79:fb:1f:43:40:60:91:f7:44:30:19:43:74:44:e6:
c9:bf:98:e6:91:d7:77:1a:d9:58:6b:d8:07:7f:25:
16:f2:49:0a:7a:5b:76:90:d3:1b:08:9b:67:81:1c:
b0:15:7f:60:e9:7b:de:6d:ca:fe:c1:87:dd:95:6e:
f4:55:75:6c:60:8e:83:73:f8:99:17:cc:93:15:07:
00:0b:88:20:03:f7:ff:89:3e:9d:10:60:5d:b4:55:
2d:18:d1:06:bc:fe:a0:fb:88:47:03:bc:1f:a0:2a:
20:e8:19:43:e1:96:38:15:d6:88:54:bc:a8:60:ac:
16:5e:fc:7c:93:99:e5:d9:22:71:0f:9c:5d:02:e7:
f4:46:89:0d:38:78:4d:56:36:3e:77:57:9c:2e:f6:
a1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.48.0/22
IPv6:
2a09:52c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209301
Signature Algorithm: sha256WithRSAEncryption
53:24:8b:3f:c0:e1:08:65:76:16:1e:75:12:d4:f5:7c:7e:e4:
c1:ac:91:80:22:f7:d0:5f:db:44:02:8f:50:0a:85:fa:b3:85:
e4:c1:5e:61:62:a3:ab:17:1d:1a:80:e9:f5:24:02:d9:9c:50:
58:90:38:46:93:71:07:b4:43:3a:31:33:36:99:c3:18:15:40:
44:e5:7f:2a:bd:20:65:67:36:55:8d:7f:a4:27:2e:c5:f3:4b:
fe:ab:7d:50:38:12:7b:6f:49:3b:8a:15:40:06:26:cb:b9:32:
84:01:e2:c3:a6:81:28:d5:b6:09:98:1d:5c:20:94:d1:92:dd:
7b:c4:27:99:48:66:ee:5e:af:65:a2:7f:de:13:cc:a8:07:8c:
21:04:18:ec:e5:dc:5b:87:2f:ff:91:f7:ef:6e:23:b4:df:02:
79:7d:75:73:51:b9:16:0f:0a:f4:95:66:e7:de:74:fc:70:92:
bf:93:8f:1c:1a:0d:87:10:ae:d1:7a:f8:78:38:9d:a3:e8:6a:
1c:49:f3:cc:86:06:6a:e6:c6:ed:2f:69:45:8b:05:9b:05:0a:
a2:33:1b:ef:20:e1:ec:6b:c6:6d:2f:db:b9:ed:8f:1a:6e:73:
2b:43:41:69:25:46:54:2b:a6:97:86:6e:6b:dd:be:59:b9:e2:
ae:47:a5:95
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt6yAzaSNl1bCgwSR/UqKwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTgxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUzYWY1MDE0NDk5YjJmYjVjZDJjMWU2OGEyNGZmODI1NmQwZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlRLT/YGjZ3eQeAv4KXxsyXXtteL
XcF2UB8qu4K0WXyPx0y6Y2PDZY4htEmlrCxyolSCqkWrikGyAh9M5ZBjqIzrgzMv
3GUmyrt2Scp8aWzqIgbtkHnTIW5d0yGAaruyY37i0mD8GAx5+x9DQGCR90QwGUN0
RObJv5jmkdd3GtlYa9gHfyUW8kkKelt2kNMbCJtngRywFX9g6Xvebcr+wYfdlW70
VXVsYI6Dc/iZF8yTFQcAC4ggA/f/iT6dEGBdtFUtGNEGvP6g+4hHA7wfoCog6BlD
4ZY4FdaIVLyoYKwWXvx8k5nl2SJxD5xdAuf0RokNOHhNVjY+d1ecLvahzwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDhTr1AUSZsvtc0sHmiiT/glbQ0NMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQwLzMwY2M0
MS04YWFiLTQ0NjMtOTlmOC1kY2I1NmFjYjc3N2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAvMzBjYzQx
LThhYWItNDQ2My05OWY4LWRjYjU2YWNiNzc3Zi8xL09GT3ZVQlJKbXktMXpTd2Vh
S0pQLUNWdERRMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCBf0wMA0EAgACMAcDBQMqCVLAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMxlTANBgkqhkiG9w0BAQsFAAOCAQEAUySLP8DhCGV2
Fh51EtT1fH7kwayRgCL30F/bRAKPUAqF+rOF5MFeYWKjqxcdGoDp9SQC2ZxQWJA4
RpNxB7RDOjEzNpnDGBVAROV/Kr0gZWc2VY1/pCcuxfNL/qt9UDgSe29JO4oVQAYm
y7kyhAHiw6aBKNW2CZgdXCCU0ZLde8QnmUhm7l6vZaJ/3hPMqAeMIQQY7OXcW4cv
/5H3724jtN8CeX11c1G5Fg8K9JVm5950/HCSv5OPHBoNhxCu0Xr4eDido+hqHEnz
zIYGaubG7S9pRYsFmwUKojMb7yDh7GvGbS/bue2PGm5zK0NBaSVGVCuml4Zua92+
WbnirkellQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:48:07 2026 by rpki-client