Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Tu24VWoM8egtjnx5BY8O-1BALKY.cer
File: Tu24VWoM8egtjnx5BY8O-1BALKY.cer (raw, json)
Hash identifier: 6XJqaKgPm7b0PtrtnGzSYr9noT8p26dpAi5qOB5ifaM=
Subject key identifier: 4E:ED:B8:55:6A:0C:F1:E8:2D:8E:7C:79:05:8F:0E:FB:50:40:2C:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B77C7621CEF9D8B260CF0C936F2AA5F8E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5b/884aae-2203-4f21-91a4-8f1ff3880102/1/Tu24VWoM8egtjnx5BY8O-1BALKY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5b/884aae-2203-4f21-91a4-8f1ff3880102/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 04:18:34 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 35706
IP: 31.210.248.0/21
IP: 77.105.192.0/18
IP: 82.197.224.0/19
IP: 85.195.0.0/18
IP: 151.252.128.0/18
IP: 178.249.144.0/21
IP: 185.51.224.0/22
IP: 217.10.96.0/19
IP: 2001:4db8::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:62:1c:ef:9d:8b:26:0c:f0:c9:36:f2:aa:5f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4eedb8556a0cf1e82d8e7c79058f0efb50402ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:6c:0f:fd:0d:b2:e3:97:c1:7a:35:97:7a:
c6:f3:b6:4b:21:55:52:dc:46:e4:0a:95:a9:6e:f3:
60:07:cf:0e:0f:51:ce:6c:e2:72:fd:3f:c5:de:59:
8a:eb:06:26:8e:00:6b:90:e2:39:4f:88:1e:d6:13:
6c:ba:b2:67:75:92:f5:ea:00:b6:b4:9f:c3:e0:ec:
e1:c7:f9:d6:91:0a:64:fd:e1:52:d9:36:52:db:1d:
50:46:d2:18:aa:d7:a1:a1:a9:84:4c:57:6a:29:47:
5c:ad:d3:eb:17:a0:9c:99:d9:82:c2:89:48:14:ff:
cc:60:20:52:74:9f:17:9b:0c:d3:0d:e4:ea:70:ff:
ad:bb:74:94:d0:6d:87:18:ba:0f:88:84:ce:b6:54:
16:39:d3:f6:0a:b0:53:15:fe:c6:64:dc:f3:31:ce:
31:d9:41:b1:e8:62:ea:0a:63:83:d7:74:71:24:4e:
c6:f8:b2:39:00:6b:96:81:85:48:62:22:1d:b6:d0:
7d:9d:0f:a9:27:26:cc:0a:d1:a8:c3:14:52:f3:4f:
fe:36:3c:11:d4:52:45:c4:17:a5:e4:e7:29:2f:af:
25:4b:9e:75:1f:30:3e:19:6c:8c:a5:fe:86:c4:e6:
12:8c:0b:4d:19:1c:7a:19:3f:69:da:e4:66:1e:38:
dc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:ED:B8:55:6A:0C:F1:E8:2D:8E:7C:79:05:8F:0E:FB:50:40:2C:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/884aae-2203-4f21-91a4-8f1ff3880102/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/884aae-2203-4f21-91a4-8f1ff3880102/1/Tu24VWoM8egtjnx5BY8O-1BALKY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.248.0/21
77.105.192.0/18
82.197.224.0/19
85.195.0.0/18
151.252.128.0/18
178.249.144.0/21
185.51.224.0/22
217.10.96.0/19
IPv6:
2001:4db8::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35706
Signature Algorithm: sha256WithRSAEncryption
52:ea:26:6d:b3:21:57:40:08:c0:19:62:22:0c:6a:c6:e0:0d:
3c:95:5b:d9:69:8a:10:68:18:d9:39:af:c0:e7:f8:d2:85:d0:
f8:ce:b6:67:ab:b3:88:77:8d:0d:6d:7a:97:59:8f:91:b8:19:
e6:05:fa:78:62:a7:61:44:d6:2a:33:c2:31:3c:73:70:d8:87:
c3:0e:7f:f1:95:19:c9:9d:47:1d:28:c5:08:d9:4e:44:36:d9:
43:30:37:73:c9:3f:4a:c4:55:1d:9b:8e:34:3e:c0:76:68:6c:
d6:d7:f6:4f:b5:d6:b0:ab:d7:5f:bc:25:b1:8e:a9:70:5f:35:
5d:05:09:33:92:df:54:89:ca:1c:4e:50:82:e5:9f:54:72:1f:
05:8f:53:e3:d1:23:bb:ba:a6:75:e4:53:d9:84:5e:cc:c3:61:
40:ba:a3:41:c7:53:73:fe:22:d0:08:5b:97:3e:a1:c6:c6:08:
5c:1d:c3:fe:30:b7:dc:19:fc:43:75:b6:b5:fe:1f:13:9c:fb:
dd:60:e2:db:27:22:c2:9d:59:83:10:12:4a:c8:d9:d7:db:9c:
d4:3c:53:a8:84:3f:78:14:34:8e:48:ff:ec:c5:75:4d:d3:3f:
79:9e:40:55:fc:77:e8:7b:0c:2d:95:6e:88:bb:a9:a1:b1:98:
ef:84:b9:ad
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAZt3x2Ic752LJgzwyTbyql+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDQxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWVkYjg1NTZhMGNmMWU4MmQ4ZTdjNzkwNThmMGVmYjUwNDAyY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqihsD/0NsuOXwXo1l3rG87ZLIVVS
3EbkCpWpbvNgB88OD1HObOJy/T/F3lmK6wYmjgBrkOI5T4ge1hNsurJndZL16gC2
tJ/D4Ozhx/nWkQpk/eFS2TZS2x1QRtIYqtehoamETFdqKUdcrdPrF6CcmdmCwolI
FP/MYCBSdJ8XmwzTDeTqcP+tu3SU0G2HGLoPiITOtlQWOdP2CrBTFf7GZNzzMc4x
2UGx6GLqCmOD13RxJE7G+LI5AGuWgYVIYiIdttB9nQ+pJybMCtGowxRS80/+NjwR
1FJFxBel5OcpL68lS551HzA+GWyMpf6GxOYSjAtNGRx6GT9p2uRmHjjc/QIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFE7tuFVqDPHoLY58eQWPDvtQQCymMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViLzg4NGFh
ZS0yMjAzLTRmMjEtOTFhNC04ZjFmZjM4ODAxMDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvODg0YWFl
LTIyMDMtNGYyMS05MWE0LThmMWZmMzg4MDEwMi8xL1R1MjRWV29NOGVndGpueDVC
WThPLTFCQUxLWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFgGCCsGAQUF
BwEHAQH/BEkwRzA2BAIAATAwAwQDH9L4AwQGTWnAAwQFUsXgAwQGVcMAAwQGl/yA
AwQDsvmQAwQCuTPgAwQF2QpgMA0EAgACMAcDBQAgAU24MBoGCCsGAQUFBwEIAQH/
BAswCaAHMAUCAwCLejANBgkqhkiG9w0BAQsFAAOCAQEAUuombbMhV0AIwBliIgxq
xuANPJVb2WmKEGgY2TmvwOf40oXQ+M62Z6uziHeNDW16l1mPkbgZ5gX6eGKnYUTW
KjPCMTxzcNiHww5/8ZUZyZ1HHSjFCNlORDbZQzA3c8k/SsRVHZuOND7Admhs1tf2
T7XWsKvXX7wlsY6pcF81XQUJM5LfVInKHE5QguWfVHIfBY9T49Eju7qmdeRT2YRe
zMNhQLqjQcdTc/4i0Ahblz6hxsYIXB3D/jC33Bn8Q3W2tf4fE5z73WDi2yciwp1Z
gxASSsjZ19uc1DxTqIQ/eBQ0jkj/7MV1TdM/eZ5AVfx36HsMLZVuiLupobGY74S5
rQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:11:39 2026 by rpki-client