Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q1w_GpeQPnlikqKsenjUGxwh24U.cer
File: Q1w_GpeQPnlikqKsenjUGxwh24U.cer (raw, json)
Hash identifier: a0UhVW1okK97Cc4EOb3davT5iNRbhmsFhvNR2ldo/w4=
Subject key identifier: 43:5C:3F:1A:97:90:3E:79:62:92:A2:AC:7A:78:D4:1B:1C:21:DB:85
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7E38083D8151409713194C060C432B59
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/Q1w_GpeQPnlikqKsenjUGxwh24U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 10:19:19 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 62256
IP: 2001:67c:920::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:08:3d:81:51:40:97:13:19:4c:06:0c:43:2b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:19:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=435c3f1a97903e796292a2ac7a78d41b1c21db85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:a5:7d:3f:a3:19:c2:ff:96:ef:5d:11:f6:
62:ed:e5:80:8a:eb:ad:80:b8:d0:ce:07:06:bc:5b:
b1:34:75:f4:c3:8c:d8:84:aa:78:54:ac:de:5a:be:
c4:44:74:1e:da:7d:c6:fb:74:cd:39:0d:16:d6:e1:
72:1f:8a:28:a7:3b:55:8b:2c:44:25:d8:39:53:c0:
83:e4:f5:6b:48:92:7a:b8:d2:86:51:6f:35:ce:3f:
70:70:3d:c3:cc:35:c5:2a:f0:1c:d7:1d:df:47:05:
d0:19:73:87:8a:e3:56:89:d5:ba:99:ac:f0:cb:0d:
22:ba:4f:88:66:01:a3:42:60:f5:29:5a:5e:0c:95:
b3:2c:1a:f7:15:0b:b7:44:93:5b:db:81:51:c0:f0:
16:cd:b8:d4:57:bd:3c:97:47:84:38:a0:ce:29:eb:
be:a0:2a:62:f1:4c:d3:94:fa:14:fa:8c:ec:6b:37:
1e:7c:59:11:1a:b1:32:a1:45:16:c7:8e:bd:64:e2:
ec:ac:2b:42:23:b9:8a:b6:49:a2:75:3c:63:0b:df:
34:cc:0f:00:38:aa:61:19:54:a6:7b:da:7b:05:34:
f4:b7:44:fd:03:89:51:13:d6:42:2c:b4:fc:f6:da:
8b:7a:1e:a1:f8:96:81:50:de:58:a2:de:7a:c9:6d:
54:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5C:3F:1A:97:90:3E:79:62:92:A2:AC:7A:78:D4:1B:1C:21:DB:85
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/Q1w_GpeQPnlikqKsenjUGxwh24U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:920::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
62256
Signature Algorithm: sha256WithRSAEncryption
44:04:2a:eb:9d:61:48:6f:7e:3c:77:93:75:87:b4:fd:e9:85:
05:fa:43:c7:21:26:27:47:2f:a1:c5:00:ad:0a:de:0e:aa:06:
81:37:5e:c6:d9:29:36:14:c6:38:3d:5f:98:a9:81:9e:16:5c:
1d:d7:85:01:47:1a:8b:95:7f:25:8a:68:fa:48:e3:b0:47:92:
b4:4e:06:62:31:34:57:b1:8c:d3:d5:62:89:08:77:f2:0a:5a:
2d:d6:d0:77:e9:40:f3:35:76:cf:f0:02:35:90:df:ac:2c:3a:
31:c4:62:11:36:03:6c:29:9c:d0:8b:bd:8e:74:27:78:5c:d0:
aa:e9:b5:e4:d7:45:a3:68:a1:48:74:9d:33:ff:12:1d:cd:cd:
ca:1a:d4:8e:d6:74:fb:e1:11:96:08:96:4a:2f:2b:0c:7f:d9:
c7:4b:0e:2b:3f:2a:92:2b:04:d7:a4:6d:b3:13:67:64:66:c1:
0e:97:3a:fe:fa:83:44:8c:11:df:5b:14:68:3b:2e:20:ef:00:
32:bc:91:55:66:0d:62:bb:5b:32:46:c1:86:7b:f3:5d:f7:f2:
fb:a1:d2:e8:0c:ff:55:be:9a:7a:55:e8:7e:88:54:a0:3a:9c:
63:3f:a1:46:41:20:8f:26:bb:81:fb:75:3e:0b:f6:69:88:02:
42:7d:b6:d9
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZt+OAg9gVFAlxMZTAYMQytZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTAxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzVjM2YxYTk3OTAzZTc5NjI5MmEyYWM3YTc4ZDQxYjFjMjFkYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskClfT+jGcL/lu9dEfZi7eWAiuut
gLjQzgcGvFuxNHX0w4zYhKp4VKzeWr7ERHQe2n3G+3TNOQ0W1uFyH4oopztViyxE
Jdg5U8CD5PVrSJJ6uNKGUW81zj9wcD3DzDXFKvAc1x3fRwXQGXOHiuNWidW6mazw
yw0iuk+IZgGjQmD1KVpeDJWzLBr3FQu3RJNb24FRwPAWzbjUV708l0eEOKDOKeu+
oCpi8UzTlPoU+ozsazcefFkRGrEyoUUWx469ZOLsrCtCI7mKtkmidTxjC980zA8A
OKphGVSme9p7BTT0t0T9A4lRE9ZCLLT89tqLeh6h+JaBUN5Yot56yW1ULQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFENcPxqXkD55YpKirHp41BscIduFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIzL2Q4YWRi
ZS1kY2JlLTRjMjctOTY3MS1kYmRlYjNkNTM2MGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvZDhhZGJl
LWRjYmUtNGMyNy05NjcxLWRiZGViM2Q1MzYwYi8xL1Exd19HcGVRUG5saWtxS3Nl
bmpVR3h3aDI0VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAkgMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwDzMDANBgkqhkiG9w0BAQsFAAOCAQEARAQq651hSG9+PHeTdYe0/emFBfpD
xyEmJ0cvocUArQreDqoGgTdextkpNhTGOD1fmKmBnhZcHdeFAUcai5V/JYpo+kjj
sEeStE4GYjE0V7GM09ViiQh38gpaLdbQd+lA8zV2z/ACNZDfrCw6McRiETYDbCmc
0Iu9jnQneFzQqum15NdFo2ihSHSdM/8SHc3NyhrUjtZ0++ERlgiWSi8rDH/Zx0sO
Kz8qkisE16RtsxNnZGbBDpc6/vqDRIwR31sUaDsuIO8AMryRVWYNYrtbMkbBhnvz
Xffy+6HS6Az/Vb6aelXofohUoDqcYz+hRkEgjya7gft1Pgv2aYgCQn222Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:31:54 2026 by rpki-client