Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TfLG-lSozC3HHoAs-D9cd2zpdMk.cer
File: TfLG-lSozC3HHoAs-D9cd2zpdMk.cer (raw, json)
Hash identifier: Ic1y1W2EID9Er/zphdeR9oN3lsmOPyLNlFEmxZSxjGE=
Subject key identifier: 4D:F2:C6:FA:54:A8:CC:2D:C7:1E:80:2C:F8:3F:5C:77:6C:E9:74:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7DCB32D9F2066433B1483A17BA8AD5CC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/TfLG-lSozC3HHoAs-D9cd2zpdMk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 08:20:27 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 35205
IP: 46.28.80.0/21
IP: 77.78.160.0/19
IP: 185.27.152.0/22
IP: 212.37.160.0/19
IP: 2a03:ed00::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:cb:32:d9:f2:06:64:33:b1:48:3a:17:ba:8a:d5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 08:20:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4df2c6fa54a8cc2dc71e802cf83f5c776ce974c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:30:76:76:7d:19:f8:f8:2c:36:b5:4d:c6:8d:
1c:d8:9f:3b:31:2f:28:fa:2f:d1:81:1d:24:67:94:
14:3b:a1:b5:f2:8d:3b:db:2f:63:2d:7b:7e:e7:84:
12:01:c6:bf:01:4f:7c:71:f3:78:0f:de:86:1b:44:
11:9a:65:42:5e:57:7a:e7:d6:52:9a:15:de:45:08:
3a:5f:0f:b7:45:1e:78:4f:d4:9e:b3:8d:4d:85:83:
97:3f:e2:2e:e1:5c:ce:d2:ee:91:55:81:40:21:72:
25:92:1a:67:ea:7c:a6:a5:8c:ab:50:39:4b:64:df:
49:b1:42:e1:34:8f:db:8b:96:57:90:9b:ae:18:6e:
80:a4:51:1f:54:d3:f9:74:d5:6e:38:7b:c8:72:d3:
70:71:e6:dc:67:92:ba:54:4e:10:8c:6d:1c:38:35:
a1:16:04:c9:42:a9:e4:42:7f:a5:7a:bd:d7:37:18:
17:08:3d:60:9b:2f:7b:36:1e:d6:c6:a1:0d:1a:b4:
13:63:6f:38:bd:29:a3:55:32:8f:9f:74:ec:dc:64:
c0:51:77:9f:f3:47:bb:0b:b7:fb:65:b1:f3:63:8d:
f4:a6:cd:9e:d2:4b:cc:7e:23:3a:dd:69:c0:8a:3d:
30:e3:a1:f6:54:bc:c7:63:e8:7e:a0:3e:0a:57:3b:
42:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F2:C6:FA:54:A8:CC:2D:C7:1E:80:2C:F8:3F:5C:77:6C:E9:74:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/TfLG-lSozC3HHoAs-D9cd2zpdMk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.80.0/21
77.78.160.0/19
185.27.152.0/22
212.37.160.0/19
IPv6:
2a03:ed00::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35205
Signature Algorithm: sha256WithRSAEncryption
1b:0c:59:34:db:fd:8e:fd:a1:15:bf:4a:f0:9a:2f:18:21:99:
ea:02:0f:28:1e:d0:08:9b:48:27:7b:fc:2b:b3:dc:f2:a2:ca:
82:2b:4d:ae:2e:f2:7c:a0:c7:fb:14:7b:c4:c4:bd:c2:ea:b1:
85:47:9d:2c:9f:1a:f9:37:0d:2b:51:9a:58:be:71:1c:37:81:
5e:5c:86:a1:42:91:38:d8:a4:3f:06:d3:30:33:12:25:b5:09:
97:24:2f:80:95:06:bf:e8:ac:df:8d:a6:1c:90:eb:a6:7f:c3:
0b:45:74:0d:2f:e7:63:16:a2:67:2e:a7:63:aa:09:5d:f8:23:
30:28:14:43:6f:43:b0:0e:1d:ca:88:b2:02:89:2b:13:70:0b:
d4:82:7e:9c:3e:94:66:e8:2b:5c:03:62:f5:1c:fa:22:d3:91:
fc:94:21:ca:e7:8f:32:78:ba:09:d7:80:f9:29:73:7b:fb:86:
dc:9a:a9:5a:61:28:7b:ef:2a:43:31:26:e5:62:a8:89:38:07:
a5:21:eb:c0:1f:2e:2d:a1:34:ff:73:9a:4a:22:e9:fb:88:c6:
fb:cd:ad:e4:95:b0:13:d7:01:2d:8e:00:0f:3c:91:79:e2:9c:
1f:be:96:96:5d:ae:f5:29:90:c1:39:81:2a:7c:62:7d:6b:0e:
c5:cc:c1:6e
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZt9yzLZ8gZkM7FIOhe6itXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDgyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYyYzZmYTU0YThjYzJkYzcxZTgwMmNmODNmNWM3NzZjZTk3NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DB2dn0Z+PgsNrVNxo0c2J87MS8o
+i/RgR0kZ5QUO6G18o072y9jLXt+54QSAca/AU98cfN4D96GG0QRmmVCXld659ZS
mhXeRQg6Xw+3RR54T9Ses41NhYOXP+Iu4VzO0u6RVYFAIXIlkhpn6nympYyrUDlL
ZN9JsULhNI/bi5ZXkJuuGG6ApFEfVNP5dNVuOHvIctNwcebcZ5K6VE4QjG0cODWh
FgTJQqnkQn+ler3XNxgXCD1gmy97Nh7WxqENGrQTY284vSmjVTKPn3Ts3GTAUXef
80e7C7f7ZbHzY430ps2e0kvMfiM63WnAij0w46H2VLzHY+h+oD4KVztC3wIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFE3yxvpUqMwtxx6ALPg/XHds6XTJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjLzU0YjBk
MC1lOWZlLTQ4ZDEtOTY4ZC05ZTI0M2MyZDg4MjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvNTRiMGQw
LWU5ZmUtNDhkMS05NjhkLTllMjQzYzJkODgyMS8xL1RmTEctbFNvekMzSEhvQXMt
RDljZDJ6cGRNay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQDLhxQAwQFTU6gAwQCuRuYAwQF1CWgMA0EAgAC
MAcDBQAqA+0AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJhTANBgkqhkiG9w0B
AQsFAAOCAQEAGwxZNNv9jv2hFb9K8JovGCGZ6gIPKB7QCJtIJ3v8K7Pc8qLKgitN
ri7yfKDH+xR7xMS9wuqxhUedLJ8a+TcNK1GaWL5xHDeBXlyGoUKRONikPwbTMDMS
JbUJlyQvgJUGv+is342mHJDrpn/DC0V0DS/nYxaiZy6nY6oJXfgjMCgUQ29DsA4d
yoiyAokrE3AL1IJ+nD6UZugrXANi9Rz6ItOR/JQhyuePMni6CdeA+Slze/uG3Jqp
WmEoe+8qQzEm5WKoiTgHpSHrwB8uLaE0/3OaSiLp+4jG+82t5JWwE9cBLY4ADzyR
eeKcH76Wll2u9SmQwTmBKnxifWsOxczBbg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:21:54 2026 by rpki-client