Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
File: P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer (raw, json)
Hash identifier: fNFRMDWXut0QOrkxSkZuYP8I02WXqNQVp1WKGgnwyuA=
Subject key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0199144F6F341409094B95A3A20570610562
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Thu 04 Sep 2025 10:39:34 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8820
IP: 46.236.192.0/18
IP: 78.41.48.0/22
IP: 81.92.0.0/20
IP: 82.139.192.0/18
IP: 195.8.224.0/19
IP: 212.17.224.0/19
IP: 212.60.128.0/19
IP: 213.240.128.0/18
IP: 2a01:170::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:4f:6f:34:14:09:09:4b:95:a3:a2:05:70:61:05:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 4 10:39:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:45:9f:69:09:1c:00:c0:24:98:93:07:ad:a9:
67:9b:0a:fa:cf:02:e2:4f:c4:84:45:06:22:b5:c8:
1c:6b:24:a7:c5:5a:7a:ba:e5:2f:96:2c:ca:5f:5e:
de:a4:3f:68:b8:92:92:5b:f1:97:d7:4e:84:7c:b7:
55:f5:06:21:d3:58:66:40:48:51:4f:14:00:4d:25:
b5:d3:6e:80:d8:25:eb:6a:95:02:61:96:65:ad:7d:
ab:c3:e7:fb:f0:ce:3b:12:95:70:bc:11:c8:59:fe:
41:69:6c:4d:01:80:6d:20:3d:cc:7e:9b:c1:e2:60:
d7:f0:a9:d7:d4:0f:a5:95:ac:1e:52:cc:f0:76:0b:
fd:e7:19:5c:dd:7c:31:48:2a:76:01:94:0f:69:0e:
62:c6:a2:d7:d2:49:5b:f6:7f:a8:b1:15:3e:8e:dd:
5e:00:75:d9:5d:f4:91:89:c9:4f:2d:da:c7:42:30:
4a:98:9f:17:d4:8f:1f:55:2c:9f:9e:d4:49:71:11:
77:e8:c3:d7:1d:68:7f:97:d1:37:5a:17:51:bd:03:
ed:bd:fa:f5:a7:3e:3e:cc:09:11:dc:a5:57:be:af:
4d:83:60:82:b0:6b:0d:2e:ce:4f:e9:db:05:41:4a:
03:54:38:e9:1e:61:6c:b8:af:0f:b7:4e:a4:44:51:
f1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/18
78.41.48.0/22
81.92.0.0/20
82.139.192.0/18
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8820
Signature Algorithm: sha256WithRSAEncryption
39:7b:b2:e0:4d:71:fa:12:13:a3:c5:6a:52:6d:bf:21:cc:8d:
f1:31:f6:a7:6c:c3:c7:c3:ab:11:64:0d:e3:79:76:c4:61:5b:
4f:98:b0:85:1b:64:6e:dd:77:c0:c0:cc:c1:c5:e3:86:1c:f1:
09:6d:ea:38:4c:94:70:10:1c:c2:72:15:4d:84:f2:ff:fd:c7:
ce:85:f3:92:45:a3:12:d6:e7:7f:ea:70:a9:f3:69:83:00:d4:
52:cd:97:37:d2:05:f2:a3:3e:aa:56:c3:c2:2e:a3:10:59:df:
9c:41:47:0d:55:89:bb:3a:13:c6:f3:ca:23:38:81:85:13:b9:
17:d8:8f:59:b8:0b:fc:a3:04:63:da:ec:db:91:b4:93:fd:17:
84:46:28:b5:66:f7:80:8d:a9:76:c4:42:03:59:bc:b0:a9:60:
0c:1c:fe:03:41:67:1e:74:cd:aa:bd:62:3e:33:cc:1f:bd:0b:
69:b0:ee:08:08:69:1b:c8:df:98:fb:d4:f0:95:9c:64:41:2c:
2d:e4:09:02:a6:b6:a9:85:40:c7:33:9a:2f:68:1e:6f:3a:b2:
7b:0f:d3:46:95:69:fc:16:04:d2:21:13:9e:34:5c:07:ab:60:
d9:63:13:85:6f:70:05:8c:b2:6d:4d:71:df:94:ca:de:2c:75:
83:7d:f3:55
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZkUT280FAkJS5WjogVwYQViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTA0MTAzOTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmVjY2IxN2JlNTFlZTU5ZWM3NGQ2NGVlZDkxN2UyMjFlZTI4YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUWfaQkcAMAkmJMHralnmwr6zwLi
T8SERQYitcgcaySnxVp6uuUvlizKX17epD9ouJKSW/GX106EfLdV9QYh01hmQEhR
TxQATSW1026A2CXrapUCYZZlrX2rw+f78M47EpVwvBHIWf5BaWxNAYBtID3MfpvB
4mDX8KnX1A+llaweUszwdgv95xlc3XwxSCp2AZQPaQ5ixqLX0klb9n+osRU+jt1e
AHXZXfSRiclPLdrHQjBKmJ8X1I8fVSyfntRJcRF36MPXHWh/l9E3WhdRvQPtvfr1
pz4+zAkR3KVXvq9Ng2CCsGsNLs5P6dsFQUoDVDjpHmFsuK8Pt06kRFHxtwIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFD/syxe+Ue5Z7HTWTu2RfiIe4oobMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3
NTU1LTlhYTQtNDk4My05MzE2LTczODA5ZGQzNTRiYy8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJk
Yjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvM0ZFQ0NCMTdCRTUx
RUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAME
Bi7swAMEAk4pMAMEBFFcAAMEBlKLwAMEBcMI4AMEBdQR4AMEBdQ8gAMEBtXwgDAN
BAIAAjAHAwUAKgEBcDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgIidDANBgkqhkiG
9w0BAQsFAAOCAQEAOXuy4E1x+hITo8VqUm2/IcyN8TH2p2zDx8OrEWQN43l2xGFb
T5iwhRtkbt13wMDMwcXjhhzxCW3qOEyUcBAcwnIVTYTy//3HzoXzkkWjEtbnf+pw
qfNpgwDUUs2XN9IF8qM+qlbDwi6jEFnfnEFHDVWJuzoTxvPKIziBhRO5F9iPWbgL
/KMEY9rs25G0k/0XhEYotWb3gI2pdsRCA1m8sKlgDBz+A0FnHnTNqr1iPjPMH70L
abDuCAhpG8jfmPvU8JWcZEEsLeQJAqa2qYVAxzOaL2gebzqyew/TRpVp/BYE0iET
njRcB6tg2WMThW9wBYyybU1x35TK3ix1g33zVQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:29:06 2025 by rpki-client