Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q3DTtpmsWu_y24ily8HJ2NCccjE.cer
File: Q3DTtpmsWu_y24ily8HJ2NCccjE.cer (raw, json)
Hash identifier: K4mFcTkTM3jpmeT4vGk4aVkCRCt2mwzBvaseNid1V3c=
Subject key identifier: 43:70:D3:B6:99:AC:5A:EF:F2:DB:88:A5:CB:C1:C9:D8:D0:9C:72:31
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01995939103CA544A5645A41B1ACBA54E377
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fa/8efed1-8f65-4fb9-8331-145a01278948/1/Q3DTtpmsWu_y24ily8HJ2NCccjE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fa/8efed1-8f65-4fb9-8331-145a01278948/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 17 Sep 2025 19:48:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 211065
IP: 185.214.64.0/24
IP: 2a11:7000::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:59:39:10:3c:a5:44:a5:64:5a:41:b1:ac:ba:54:e3:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 17 19:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4370d3b699ac5aeff2db88a5cbc1c9d8d09c7231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:d2:78:e7:3f:ff:51:9f:0c:db:73:a1:ab:
72:c2:05:dd:72:19:69:0b:7e:b0:bf:72:cb:ba:c8:
ee:ab:97:2d:bd:68:a3:6a:63:87:c5:43:2d:d2:e9:
b1:0a:cd:52:d3:44:4e:96:fb:e3:ee:0d:f6:85:6a:
b0:8a:c2:f5:fb:cb:59:b1:5c:31:51:7f:cb:a9:85:
f4:44:f0:e5:bf:4b:24:57:c6:b1:96:5e:1d:61:48:
ed:9a:d6:41:f5:af:84:0a:12:a5:dc:2f:d7:9e:16:
63:90:e2:7e:de:4a:65:b4:e5:70:75:74:a6:c2:09:
8b:b2:e7:4b:89:8f:7d:0b:a9:3d:2b:c4:22:d8:39:
f6:cf:1b:16:70:bc:a6:bf:20:ba:43:d6:27:44:45:
1c:c5:22:d9:d7:93:e3:2b:6a:a5:45:be:81:af:97:
18:b7:a3:1b:cf:60:69:dc:b6:50:23:c8:69:ff:81:
ef:3e:53:1b:55:cc:18:ed:b9:a5:6e:0f:5f:3b:5e:
43:84:54:2a:37:aa:19:e4:24:64:09:ba:74:c5:bd:
27:44:6a:d4:0a:ee:9e:93:a5:fb:0b:cc:0c:70:53:
d6:7b:27:c5:d6:1e:db:4b:10:0e:5e:4f:c3:fa:eb:
ba:aa:71:ab:7f:c4:ef:4e:c2:8b:f9:9e:3d:66:1e:
04:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:70:D3:B6:99:AC:5A:EF:F2:DB:88:A5:CB:C1:C9:D8:D0:9C:72:31
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8efed1-8f65-4fb9-8331-145a01278948/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8efed1-8f65-4fb9-8331-145a01278948/1/Q3DTtpmsWu_y24ily8HJ2NCccjE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.64.0/24
IPv6:
2a11:7000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
211065
Signature Algorithm: sha256WithRSAEncryption
03:66:92:b7:b7:2c:6e:84:12:3f:ad:89:ba:14:91:18:42:41:
a2:df:3c:64:9e:1f:0a:69:94:3a:d6:5f:7c:e2:80:6b:91:e3:
7b:9d:1e:e3:95:35:08:a7:cd:36:70:d8:5b:38:0e:a7:22:88:
06:ab:a9:9c:71:7c:96:c1:6d:7a:75:56:41:73:bc:e5:22:a2:
47:6b:80:e8:c2:f3:4a:7e:af:f7:de:3e:d1:72:a8:3a:d0:41:
e1:25:72:28:76:ed:f8:52:59:7e:43:01:6a:c6:b6:b1:31:3e:
bd:a5:55:26:8d:01:b1:09:b1:2b:92:c6:ef:fd:9a:8f:38:24:
00:31:cc:12:fb:89:b5:73:4d:4a:67:ed:f1:cd:a1:ae:ac:e2:
a5:35:a2:d3:a0:cd:14:fd:b7:f2:66:c7:f7:88:4a:65:3e:e0:
50:4c:46:63:d7:00:c0:0a:4f:d9:da:f3:12:1f:c0:4a:0e:03:
f6:05:cc:fd:f6:5b:f9:02:f4:ef:44:f2:81:1c:9e:64:00:ec:
ab:7e:49:20:19:c8:18:2c:07:cc:d3:f4:08:a0:21:9f:bd:06:
df:f1:d6:2f:a6:9b:25:02:ba:71:18:b4:9a:36:0d:6a:7f:14:
f1:7f:bf:56:0f:36:bd:b3:f8:3d:ad:27:75:7b:7a:ac:5e:0f:
95:55:ba:d6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZlZORA8pUSlZFpBsay6VON3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTE3MTk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzcwZDNiNjk5YWM1YWVmZjJkYjg4YTVjYmMxYzlkOGQwOWM3MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WDSeOc//1GfDNtzoatywgXdchlp
C36wv3LLusjuq5ctvWijamOHxUMt0umxCs1S00ROlvvj7g32hWqwisL1+8tZsVwx
UX/LqYX0RPDlv0skV8axll4dYUjtmtZB9a+EChKl3C/XnhZjkOJ+3kpltOVwdXSm
wgmLsudLiY99C6k9K8Qi2Dn2zxsWcLymvyC6Q9YnREUcxSLZ15PjK2qlRb6Br5cY
t6Mbz2Bp3LZQI8hp/4HvPlMbVcwY7bmlbg9fO15DhFQqN6oZ5CRkCbp0xb0nRGrU
Cu6ek6X7C8wMcFPWeyfF1h7bSxAOXk/D+uu6qnGrf8TvTsKL+Z49Zh4ELwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFENw07aZrFrv8tuIpcvBydjQnHIxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZhLzhlZmVk
MS04ZjY1LTRmYjktODMzMS0xNDVhMDEyNzg5NDgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEvOGVmZWQx
LThmNjUtNGZiOS04MzMxLTE0NWEwMTI3ODk0OC8xL1EzRFR0cG1zV3VfeTI0aWx5
OEhKMk5DY2NqRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAudZAMA0EAgACMAcDBQMqEXAAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM4eTANBgkqhkiG9w0BAQsFAAOCAQEAA2aSt7csboQS
P62JuhSRGEJBot88ZJ4fCmmUOtZffOKAa5Hje50e45U1CKfNNnDYWzgOpyKIBqup
nHF8lsFtenVWQXO85SKiR2uA6MLzSn6v994+0XKoOtBB4SVyKHbt+FJZfkMBasa2
sTE+vaVVJo0BsQmxK5LG7/2ajzgkADHMEvuJtXNNSmft8c2hrqzipTWi06DNFP23
8mbH94hKZT7gUExGY9cAwApP2drzEh/ASg4D9gXM/fZb+QL070TygRyeZADsq35J
IBnIGCwHzNP0CKAhn70G3/HWL6abJQK6cRi0mjYNan8U8X+/Vg82vbP4Pa0ndXt6
rF4PlVW61g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:29:01 2025 by rpki-client