Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
File: PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer (raw, json)
Hash identifier: bXdy9HyzsbNbzCUKiDI1Q7BEK1mvnYFzqMa+ns2m/GY=
Subject key identifier: 3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7B35ADC8CCEDC2CD5C29A9757831852F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 20:17:54 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 198611
IP: 91.231.205.0/24
IP: 91.237.68.0/22
IP: 2001:67c:16f8::/48
IP: 2001:67c:2ad8::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:35:ad:c8:cc:ed:c2:cd:5c:29:a9:75:78:31:85:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:17:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b4:e0:de:a1:fb:10:dd:3c:56:18:1b:a0:eb:
1d:ae:cf:0b:8e:13:4f:c2:1a:e7:9c:73:92:80:21:
19:c5:55:97:99:a7:89:de:f4:25:a8:fc:2b:37:5d:
82:22:0f:ee:f4:78:c6:07:de:ee:d0:df:97:6a:0a:
86:de:3a:4f:b2:82:a9:84:ef:cf:b3:4c:d9:a2:74:
86:9f:7d:7b:e6:82:e2:fc:08:db:73:d9:9d:14:4d:
59:af:1c:e2:ac:52:c3:7b:5e:62:68:0c:91:49:b4:
6a:0f:92:f4:8a:bb:8d:b2:44:ed:ba:96:a2:0f:84:
dd:84:b5:d3:32:17:25:5a:5b:ae:14:47:b9:fb:06:
e4:31:b5:b2:19:05:c6:01:cf:1a:97:b2:64:2e:29:
d6:97:07:1b:56:d1:bf:60:26:8f:cc:5b:90:df:9b:
3f:b9:0a:45:83:da:d4:0b:23:a0:6c:45:51:0a:8d:
91:f1:69:dc:3f:73:02:b1:32:de:d6:3d:3d:ef:6b:
48:80:29:49:96:6b:64:db:b1:42:84:79:6b:24:3f:
6d:e2:63:5a:e7:62:d9:4c:ca:5b:70:ce:e9:e1:60:
2c:28:b8:96:d3:ab:3e:ec:78:d7:b3:66:b6:04:7e:
0d:32:1c:1d:dd:0c:de:ae:f1:5a:ed:6e:1c:bd:67:
0b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.205.0/24
91.237.68.0/22
IPv6:
2001:67c:16f8::/48
2001:67c:2ad8::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198611
Signature Algorithm: sha256WithRSAEncryption
32:17:a7:04:34:75:ae:fb:de:8f:de:c8:99:db:54:4c:c6:1a:
55:be:ca:9c:7a:4f:0f:cf:ad:69:42:34:9a:d0:67:d6:6e:85:
0b:db:03:0d:b0:de:fc:27:0f:43:4f:ff:ed:81:fb:62:1b:c9:
6e:46:9b:9d:3a:78:93:9b:0a:60:72:28:7a:42:dd:bb:d6:bb:
e2:b1:8c:d6:1f:38:70:85:3a:eb:85:2a:15:4f:f2:9f:0c:e6:
24:6a:20:3e:cf:fd:9d:4e:27:fb:8f:cd:b1:3a:7d:45:b5:48:
1f:d9:42:56:8d:47:5b:ce:7f:6d:71:28:77:47:de:d6:8d:a3:
2d:af:fb:20:8d:c6:81:01:f0:8c:2e:9d:5f:e9:89:90:e2:f6:
24:15:18:01:08:30:ed:00:cf:d2:40:34:dc:77:d8:8f:93:de:
3e:cd:48:bb:5a:f2:12:8d:50:1b:22:df:72:40:9e:8e:a8:08:
b0:08:55:18:74:97:20:a4:09:22:72:d4:af:25:17:60:96:40:
67:ef:49:44:2a:17:5b:00:2b:6e:f5:49:6d:b8:89:e2:f6:b7:
9f:5e:2a:30:e9:14:7f:cf:ed:58:9b:79:d2:31:2a:7f:04:ff:
ac:64:77:68:f1:8d:4e:cc:2b:0f:83:4d:f6:4c:5d:4a:6f:02:
1f:6e:24:99
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZt7Na3IzO3CzVwpqXV4MYUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU1YTFkZDBjZWU4NzRjMDZlMWVhMWY3MjgyN2Q5N2NiYzY3MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbTg3qH7EN08VhgboOsdrs8LjhNP
whrnnHOSgCEZxVWXmaeJ3vQlqPwrN12CIg/u9HjGB97u0N+XagqG3jpPsoKphO/P
s0zZonSGn3175oLi/Ajbc9mdFE1ZrxzirFLDe15iaAyRSbRqD5L0iruNskTtupai
D4TdhLXTMhclWluuFEe5+wbkMbWyGQXGAc8al7JkLinWlwcbVtG/YCaPzFuQ35s/
uQpFg9rUCyOgbEVRCo2R8WncP3MCsTLe1j0972tIgClJlmtk27FChHlrJD9t4mNa
52LZTMpbcM7p4WAsKLiW06s+7HjXs2a2BH4NMhwd3QzervFa7W4cvWcLWQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFD7lod0M7odMBuHqH3KCfZfLxnGHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU3Lzk1ZmZk
OS0xOWQzLTQ1MTctOGM0Ny1jNjE2NjFkMWI3MWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvOTVmZmQ5
LTE5ZDMtNDUxNy04YzQ3LWM2MTY2MWQxYjcxYi8xL1B1V2gzUXp1aDB3RzRlb2Zj
b0o5bDh2R2NZYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUF
BwEHAQH/BDAwLjASBAIAATAMAwQAW+fNAwQCW+1EMBgEAgACMBIDBwAgAQZ8FvgD
BwAgAQZ8KtgwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAwfTMA0GCSqGSIb3DQEB
CwUAA4IBAQAyF6cENHWu+96P3siZ21RMxhpVvsqcek8Pz61pQjSa0GfWboUL2wMN
sN78Jw9DT//tgftiG8luRpudOniTmwpgcih6Qt271rvisYzWHzhwhTrrhSoVT/Kf
DOYkaiA+z/2dTif7j82xOn1FtUgf2UJWjUdbzn9tcSh3R97WjaMtr/sgjcaBAfCM
Lp1f6YmQ4vYkFRgBCDDtAM/SQDTcd9iPk94+zUi7WvISjVAbIt9yQJ6OqAiwCFUY
dJcgpAkictSvJRdglkBn70lEKhdbACtu9UltuIni9refXiow6RR/z+1Ym3nSMSp/
BP+sZHdo8Y1OzCsPg032TF1KbwIfbiSZ
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:37:51 2026 by rpki-client