Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Sq_kWzD6f1lJJd05W6FM77Zz4sA.cer
File: Sq_kWzD6f1lJJd05W6FM77Zz4sA.cer (raw, json)
Hash identifier: Ef5Z2lSpjYociIcshQGJGg99ZjbvHYoHRenvmb1dhBA=
Subject key identifier: 4A:AF:E4:5B:30:FA:7F:59:49:25:DD:39:5B:A1:4C:EF:B6:73:E2:C0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B775934163DE257D04A3C03CD3BAD6300
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/Sq_kWzD6f1lJJd05W6FM77Zz4sA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 02:18:13 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 35032
IP: 85.236.160.0/19
IP: 109.124.192.0/18
IP: 185.224.8.0/22
IP: 2a13:73c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:59:34:16:3d:e2:57:d0:4a:3c:03:cd:3b:ad:63:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:18:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4aafe45b30fa7f594925dd395ba14cefb673e2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0b:1a:5c:22:d2:ba:14:ef:d5:ee:fa:e1:5e:
dc:2d:2a:e4:39:3d:ae:94:46:1c:16:d9:48:07:a5:
27:56:23:87:23:fc:c0:3f:df:39:2d:8b:b2:c6:1b:
c0:a6:0c:36:17:97:36:4b:31:b8:0c:4c:5f:0e:d8:
a1:18:85:a1:b2:d1:b2:dd:4b:3d:c8:54:71:b9:a3:
8a:e1:d5:f4:56:14:33:8f:c0:dd:a8:c5:3a:a3:a4:
94:b8:2c:26:9e:56:e6:2b:bb:1e:e1:12:42:5b:88:
9b:80:5c:7b:a6:55:30:40:1f:80:27:08:ac:82:e4:
06:c4:f3:d2:ec:8b:af:f4:dd:06:70:80:c6:4b:c0:
46:91:1f:68:f7:06:3f:3f:8f:74:11:19:e8:6f:df:
20:51:f1:74:ca:2a:0c:52:bd:ad:1a:a8:6f:17:22:
92:38:86:b3:e4:1f:2d:f9:9e:16:9e:53:ba:e5:f5:
8c:60:bf:3d:49:4e:52:18:a0:12:45:0e:bd:16:5b:
49:4e:70:f7:ae:83:a4:95:63:98:e3:82:b8:bb:52:
80:11:cb:1b:aa:9f:f5:2d:e5:25:38:10:e5:a3:0e:
62:3d:92:75:0b:71:86:8a:be:e2:a1:e1:8a:5b:d1:
c3:44:91:9a:22:90:f6:f2:19:09:be:a0:7b:1f:77:
16:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AF:E4:5B:30:FA:7F:59:49:25:DD:39:5B:A1:4C:EF:B6:73:E2:C0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/Sq_kWzD6f1lJJd05W6FM77Zz4sA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.236.160.0/19
109.124.192.0/18
185.224.8.0/22
IPv6:
2a13:73c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35032
Signature Algorithm: sha256WithRSAEncryption
73:a6:7c:5e:b3:56:a3:a7:79:fe:22:09:27:35:13:cc:1a:12:
ca:11:35:35:44:31:37:e1:65:7a:db:e0:9f:dd:30:bb:a8:05:
48:c3:dd:8f:0a:00:c1:20:cd:06:1f:c4:f8:e7:c9:7c:fa:3d:
e8:49:7b:bf:23:d0:62:12:7a:af:ec:8c:d7:cb:c5:c4:ce:e0:
97:2d:58:14:24:1e:bf:cf:c9:bf:23:54:57:82:df:e2:b1:e8:
2f:db:f0:b0:d5:0d:5b:a6:16:32:7e:0a:ff:51:95:6c:46:7b:
10:d1:ab:e0:f9:d7:82:91:46:ba:70:f6:7a:74:1d:ee:cf:c2:
3a:32:f1:22:6d:6a:35:3f:38:61:25:3f:5d:a9:c9:ac:5d:07:
51:fa:b5:2e:4b:4a:64:cc:e7:b2:72:17:92:68:33:1a:56:6d:
13:dd:4a:1e:89:07:52:f3:46:33:57:57:81:5e:7a:77:2e:2d:
44:d3:7b:94:43:d2:a8:18:d1:14:3e:b0:41:9b:65:de:5e:3f:
1b:d8:f9:c8:5a:6d:68:40:f6:44:5f:14:31:cb:dc:ca:9b:47:
64:08:c3:bb:47:02:96:66:21:9e:38:9f:34:6e:76:1e:fc:f4:
bf:35:92:57:58:ae:40:2c:35:c9:74:95:b1:f3:5f:2b:b5:c5:
16:5d:10:48
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZt3WTQWPeJX0Eo8A807rWMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFmZTQ1YjMwZmE3ZjU5NDkyNWRkMzk1YmExNGNlZmI2NzNlMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAsaXCLSuhTv1e764V7cLSrkOT2u
lEYcFtlIB6UnViOHI/zAP985LYuyxhvApgw2F5c2SzG4DExfDtihGIWhstGy3Us9
yFRxuaOK4dX0VhQzj8DdqMU6o6SUuCwmnlbmK7se4RJCW4ibgFx7plUwQB+AJwis
guQGxPPS7Iuv9N0GcIDGS8BGkR9o9wY/P490ERnob98gUfF0yioMUr2tGqhvFyKS
OIaz5B8t+Z4WnlO65fWMYL89SU5SGKASRQ69FltJTnD3roOklWOY44K4u1KAEcsb
qp/1LeUlOBDlow5iPZJ1C3GGir7ioeGKW9HDRJGaIpD28hkJvqB7H3cWtwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFEqv5Fsw+n9ZSSXdOVuhTO+2c+LAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1L2FlMDlm
Yi1mNTM2LTQ3YTEtOTc4Ny1mMWY2MDNmOTE5NzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvYWUwOWZi
LWY1MzYtNDdhMS05Nzg3LWYxZjYwM2Y5MTk3MS8xL1NxX2tXekQ2ZjFsSkpkMDVX
NkZNNzdaejRzQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQFVeygAwQGbXzAAwQCueAIMA0EAgACMAcDBQMq
E3PAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCI2DANBgkqhkiG9w0BAQsFAAOC
AQEAc6Z8XrNWo6d5/iIJJzUTzBoSyhE1NUQxN+Fletvgn90wu6gFSMPdjwoAwSDN
Bh/E+OfJfPo96El7vyPQYhJ6r+yM18vFxM7gly1YFCQev8/JvyNUV4Lf4rHoL9vw
sNUNW6YWMn4K/1GVbEZ7ENGr4PnXgpFGunD2enQd7s/COjLxIm1qNT84YSU/XanJ
rF0HUfq1LktKZMznsnIXkmgzGlZtE91KHokHUvNGM1dXgV56dy4tRNN7lEPSqBjR
FD6wQZtl3l4/G9j5yFptaED2RF8UMcvcyptHZAjDu0cClmYhnjifNG52Hvz0vzWS
V1iuQCw1yXSVsfNfK7XFFl0QSA==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:10:03 2026 by rpki-client