Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer
File: QWUyQgoh5CuK0w2iTr9DR96V7zU.cer (raw, json)
Hash identifier: 85ZTU5pMrzhhwnsMgGJ3qK6DZMvuPfP477VOJSRpJN0=
Subject key identifier: 41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B76EB1FAAAC89F8D79EEB11874FE2663A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 00:17:59 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 207645
IP: 45.137.18.0/24
IP: 194.120.133.0/24
IP: 2a0d:b100::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:76:eb:1f:aa:ac:89:f8:d7:9e:eb:11:87:4f:e2:66:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:17:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=416532420a21e42b8ad30da24ebf4347de95ef35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7b:08:93:50:36:f3:e9:f7:ac:b7:85:ec:32:
95:17:73:88:b1:69:d0:49:61:68:83:dc:7e:60:67:
60:b6:26:80:06:c9:09:eb:e6:da:93:48:6f:8d:c0:
4e:37:92:0f:29:ed:58:39:40:c7:d5:44:f5:87:07:
69:64:dd:fb:a8:01:c6:55:8c:43:ed:86:b1:f1:e8:
d9:b9:78:27:10:9b:58:9c:eb:5a:fc:20:c4:83:b9:
af:c7:0f:3b:d2:1a:e6:2a:3b:f1:8d:89:b2:61:5c:
4e:98:e7:41:23:94:d7:d0:cb:33:5a:5c:7a:58:40:
4a:15:f6:2f:33:90:c6:db:e2:5a:f1:29:38:78:86:
a0:06:87:d9:ae:0c:fe:04:30:86:c8:8e:66:42:51:
3d:e8:09:03:fa:13:69:f0:52:77:2c:da:28:c7:e6:
1f:5e:64:1b:0b:58:55:6f:26:74:b3:b2:ff:88:fd:
56:cb:c7:5e:d3:79:71:93:a9:54:a2:d9:f6:39:e9:
e7:0c:43:27:ea:59:11:52:65:be:63:00:a0:b3:36:
f8:c1:e5:c1:2f:6f:1f:17:36:23:a7:7e:b7:61:2b:
47:de:7b:06:91:d3:fc:52:ab:ff:76:97:29:81:7a:
1a:e6:70:79:e2:0a:60:99:ec:46:90:93:5b:db:b0:
64:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.18.0/24
194.120.133.0/24
IPv6:
2a0d:b100::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207645
Signature Algorithm: sha256WithRSAEncryption
7b:60:a4:43:41:6d:6e:ba:21:69:30:4c:b7:52:1c:e9:3a:68:
6a:4a:c6:3e:67:85:06:0d:5a:48:89:da:d1:6b:46:dd:b7:aa:
34:88:09:f7:00:e1:ba:3a:59:16:b7:00:75:60:dc:6c:bd:54:
65:8b:20:86:d7:9f:ca:7b:39:a4:46:e6:3d:85:90:ed:67:c7:
92:6f:ef:de:3a:20:48:c2:5f:e1:50:cc:23:30:14:93:ec:45:
02:bd:8e:70:61:2c:90:fe:3c:d8:9e:94:49:9f:60:6d:0c:6c:
19:0b:8c:35:1f:7b:0a:b5:2f:ef:4d:22:86:30:dc:9b:d6:23:
61:f1:3f:b2:a1:f8:4d:ba:33:e6:2d:ea:7c:45:50:62:fb:e5:
46:1b:dc:af:b4:84:e1:4c:ac:2a:3d:ff:69:ee:f8:80:fa:1b:
3f:cc:02:6b:4c:50:b8:03:a5:c4:f7:c8:ae:76:9d:97:98:14:
24:65:06:c7:40:37:fc:66:18:89:10:b6:9b:c4:32:3e:7c:24:
b2:93:a1:eb:75:0a:60:bb:c4:c1:ab:62:c5:56:99:c3:d6:b7:
46:72:5e:bd:b2:3c:16:0c:e0:61:ef:65:29:ae:9b:8b:c3:a6:
cf:a3:03:20:83:4f:a0:4a:31:33:3a:e0:e1:f9:70:61:d3:f1:
bc:04:d8:af
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZt26x+qrIn4157rEYdP4mY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY1MzI0MjBhMjFlNDJiOGFkMzBkYTI0ZWJmNDM0N2RlOTVlZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nsIk1A28+n3rLeF7DKVF3OIsWnQ
SWFog9x+YGdgtiaABskJ6+bak0hvjcBON5IPKe1YOUDH1UT1hwdpZN37qAHGVYxD
7Yax8ejZuXgnEJtYnOta/CDEg7mvxw870hrmKjvxjYmyYVxOmOdBI5TX0MszWlx6
WEBKFfYvM5DG2+Ja8Sk4eIagBofZrgz+BDCGyI5mQlE96AkD+hNp8FJ3LNoox+Yf
XmQbC1hVbyZ0s7L/iP1Wy8de03lxk6lUotn2OennDEMn6lkRUmW+YwCgszb4weXB
L28fFzYjp363YStH3nsGkdP8Uqv/dpcpgXoa5nB54gpgmexGkJNb27BkUQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFEFlMkIKIeQritMNok6/Q0fele81MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg2LzRmNGIy
MC01MTM2LTQyMGItYjUxNi1iNmQ2NGEwMDNkOWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYvNGY0YjIw
LTUxMzYtNDIwYi1iNTE2LWI2ZDY0YTAwM2Q5ZS8xL1FXVXlRZ29oNUN1SzB3MmlU
cjlEUjk2Vjd6VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQALYkSAwQAwniFMA0EAgACMAcDBQMqDbEAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMrHTANBgkqhkiG9w0BAQsFAAOCAQEAe2Ck
Q0FtbrohaTBMt1Ic6TpoakrGPmeFBg1aSIna0WtG3beqNIgJ9wDhujpZFrcAdWDc
bL1UZYsghtefyns5pEbmPYWQ7WfHkm/v3jogSMJf4VDMIzAUk+xFAr2OcGEskP48
2J6USZ9gbQxsGQuMNR97CrUv700ihjDcm9YjYfE/sqH4Tboz5i3qfEVQYvvlRhvc
r7SE4UysKj3/ae74gPobP8wCa0xQuAOlxPfIrnadl5gUJGUGx0A3/GYYiRC2m8Qy
PnwkspOh63UKYLvEwatixVaZw9a3RnJevbI8FgzgYe9lKa6bi8Omz6MDIINPoEox
Mzrg4flwYdPxvATYrw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:49:58 2026 by rpki-client