Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
File: QPwHKZcRrfoiLiexKLdtHZdFBYI.cer (raw, json)
Hash identifier: Hc6yrG0JCrZLZmi0jtpZobACRkuopd99Lr9YDt28Dyg=
Subject key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B797EA0A3E63EAA76C9C9623EB9ACB897
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 12:18:20 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 204158
IP: 185.112.4.0/22
IP: 2a06:65c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:7e:a0:a3:e6:3e:aa:76:c9:c9:62:3e:b9:ac:b8:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40fc07299711adfa222e27b128b76d1d97450582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:6d:9e:12:9f:1e:1c:77:6d:43:e4:13:a5:
df:e4:8b:d5:f4:25:b9:73:5b:a2:e7:ae:6a:2e:3b:
fc:8c:8a:ee:38:38:96:27:47:50:66:fd:67:ce:75:
90:a2:c5:e2:b3:74:d5:e2:d7:94:a0:e5:c3:e0:c7:
40:25:76:fc:7b:56:5d:06:73:e9:97:ae:cc:f9:57:
79:b6:8c:c1:fa:1c:1f:25:8f:c1:29:a9:8e:1f:59:
96:77:4e:2a:2f:ae:50:a3:d3:b3:1f:90:d1:ea:68:
69:fa:a3:e3:3a:c4:c6:97:59:bf:23:e6:0e:68:29:
7b:7f:53:10:06:ab:89:d8:23:9b:3a:fe:3b:1a:07:
77:f3:61:6b:8a:d9:0b:ad:b3:1b:c6:33:3a:9a:8b:
13:dd:22:e1:b0:72:a3:27:68:83:7b:b3:6f:22:fa:
fb:88:68:9a:94:4a:42:5e:00:44:06:98:7b:fb:e0:
92:24:94:ed:32:38:44:98:de:b4:52:49:cb:8d:80:
cd:72:6f:3e:6f:af:5c:09:28:3d:7a:4b:8a:0f:ac:
62:fe:b6:0c:3c:9f:19:7a:a2:65:11:28:bd:38:2a:
b5:fe:51:9a:8f:8d:ef:bd:1e:d3:0e:e4:93:93:75:
2c:12:00:64:c5:cf:fb:6c:5d:86:c8:ad:4c:37:93:
94:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.4.0/22
IPv6:
2a06:65c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204158
Signature Algorithm: sha256WithRSAEncryption
b0:fc:68:03:01:d9:e2:4c:e3:2f:a7:34:0c:79:7c:a6:a9:e0:
89:ce:db:c8:ff:c9:ab:b6:15:df:71:84:01:e9:fd:90:83:e6:
7f:1e:a4:58:86:44:53:01:77:f0:a2:56:fe:29:3d:b8:9d:7c:
9f:a8:88:c2:5d:2c:62:27:a2:6a:53:77:99:7c:6f:ca:10:22:
57:b5:7c:75:17:5a:36:60:38:ed:a7:60:58:7c:96:3a:50:f2:
d8:8d:ed:f7:be:ca:ca:b7:81:5e:90:b5:61:1b:0b:dc:c5:ce:
9f:ab:e1:50:03:5f:b5:03:6c:0a:fd:bc:41:46:aa:ee:04:4a:
32:bd:83:e2:2f:fd:71:71:ea:14:f6:db:31:4e:31:fb:4b:74:
9c:68:25:29:d8:ee:1d:1c:41:c4:20:80:7c:6d:c2:b3:d5:2e:
04:7d:f9:ca:0a:06:5b:95:e4:c7:1d:63:bf:f2:ba:c3:ad:5e:
b0:5d:5e:a7:03:e6:df:f9:cd:70:39:17:09:97:ac:0e:3f:6d:
4f:e3:6a:0d:43:fd:4d:80:97:69:f9:ea:ea:49:f3:48:97:0e:
52:0c:67:21:06:0d:70:b3:9e:b5:01:ec:75:fd:35:c1:a4:c1:
4f:9a:a2:d1:a4:6c:66:86:f1:c1:03:bb:b0:0b:a0:61:f9:15:
80:95:fa:67
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt5fqCj5j6qdsnJYj65rLiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTIxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZjMDcyOTk3MTFhZGZhMjIyZTI3YjEyOGI3NmQxZDk3NDUwNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnltnhKfHhx3bUPkE6Xf5IvV9CW5
c1ui565qLjv8jIruODiWJ0dQZv1nznWQosXis3TV4teUoOXD4MdAJXb8e1ZdBnPp
l67M+Vd5tozB+hwfJY/BKamOH1mWd04qL65Qo9OzH5DR6mhp+qPjOsTGl1m/I+YO
aCl7f1MQBquJ2CObOv47Ggd382FritkLrbMbxjM6mosT3SLhsHKjJ2iDe7NvIvr7
iGialEpCXgBEBph7++CSJJTtMjhEmN60UknLjYDNcm8+b69cCSg9ekuKD6xi/rYM
PJ8ZeqJlESi9OCq1/lGaj43vvR7TDuSTk3UsEgBkxc/7bF2GyK1MN5OUtQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFED8BymXEa36Ii4nsSi3bR2XRQWCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmLzVkYzg3
YS1mMzI5LTRjNDQtODIzNS03N2UzYmVhYjYxZWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvNWRjODdh
LWYzMjktNGM0NC04MjM1LTc3ZTNiZWFiNjFlYi8xL1FQd0hLWmNScmZvaUxpZXhL
TGR0SFpkRkJZSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuXAEMA0EAgACMAcDBQMqBmXAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMdfjANBgkqhkiG9w0BAQsFAAOCAQEAsPxoAwHZ4kzj
L6c0DHl8pqngic7byP/Jq7YV33GEAen9kIPmfx6kWIZEUwF38KJW/ik9uJ18n6iI
wl0sYieialN3mXxvyhAiV7V8dRdaNmA47adgWHyWOlDy2I3t977KyreBXpC1YRsL
3MXOn6vhUANftQNsCv28QUaq7gRKMr2D4i/9cXHqFPbbMU4x+0t0nGglKdjuHRxB
xCCAfG3Cs9UuBH35ygoGW5Xkxx1jv/K6w61esF1epwPm3/nNcDkXCZesDj9tT+Nq
DUP9TYCXafnq6knzSJcOUgxnIQYNcLOetQHsdf01waTBT5qi0aRsZobxwQO7sAug
YfkVgJX6Zw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:17:59 2026 by rpki-client