Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
File: TwMCBfo2Xp9J_06nUG35EtXtg2A.cer (raw, json)
Hash identifier: gl3Uxg2s5m0Tu+27KylBQ8vXH28/6u16A2GiJqdpyWM=
Subject key identifier: 4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7D5CCE94F67DD9BD04EB71E3D7ECF5DA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 06:19:52 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 28768
AS: 35667
IP: 81.200.32.0/20
IP: 94.143.216.0/21
IP: 185.124.216.0/22
IP: 2a00:1bb0::/32
IP: 2a03:9060::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:ce:94:f6:7d:d9:bd:04:eb:71:e3:d7:ec:f5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:19:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ce:6f:ba:29:5d:83:4c:1c:1a:f2:76:91:5d:
97:82:0f:1d:44:b2:a1:c1:df:59:5c:27:0b:33:88:
18:b1:0e:9c:00:82:b3:5d:78:90:30:35:c3:c4:39:
ea:f9:c1:b6:8b:67:b8:d2:a1:e0:58:08:4d:6f:1b:
e7:85:49:09:dc:9f:5b:c1:6a:2a:2b:24:e5:f5:3f:
68:18:85:22:44:f0:f6:81:98:f6:46:5b:94:32:fc:
5c:3f:2f:30:5d:d8:39:1b:5a:b0:45:2f:67:4e:bd:
8e:76:85:cb:f9:73:5f:aa:cf:c2:33:68:17:94:8d:
6f:3d:31:cd:d5:55:b8:ff:1f:fd:bb:08:f3:bb:d4:
03:ab:f3:91:5a:b5:2f:6f:85:d3:8e:8a:bb:f3:9d:
52:fa:7e:83:4b:d1:55:8a:55:d8:6d:60:c1:6b:06:
cc:77:2e:fd:ea:ec:d1:89:ec:50:f1:cf:e1:26:17:
9c:6f:ae:9f:4e:b5:41:99:7c:d6:5f:4f:55:26:d9:
d6:2a:2f:1f:11:57:61:a5:cd:b1:df:5a:24:f8:37:
da:6f:b2:00:c6:cd:18:72:ca:4d:8a:8e:94:bf:ac:
85:75:28:9d:37:75:57:a0:a6:f6:5c:8b:7f:04:03:
ad:e2:b4:e4:1d:bc:48:91:44:b1:6f:33:13:08:94:
bd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.32.0/20
94.143.216.0/21
185.124.216.0/22
IPv6:
2a00:1bb0::/32
2a03:9060::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
28768
35667
Signature Algorithm: sha256WithRSAEncryption
0f:7f:92:be:3e:c2:dd:b8:95:36:2b:86:66:ab:d8:d8:27:57:
2d:6a:bf:93:20:9c:e5:68:f4:a6:8f:69:0f:78:b5:ee:e9:a9:
90:e7:f2:3a:62:f9:a7:e0:2b:87:4d:57:22:19:a9:aa:38:01:
cc:a1:f1:95:0a:ce:08:2f:31:f4:3a:ac:0d:32:a3:85:c7:f4:
8d:44:38:a7:9e:98:c9:df:9d:71:95:29:8b:05:0c:93:c4:a3:
59:0b:98:52:39:9f:01:52:fd:93:51:5e:e6:f9:16:c6:3c:38:
7d:e6:a3:35:05:e9:3d:54:f1:ed:64:94:80:d9:e8:da:37:cf:
a3:2b:47:5f:dc:fd:2c:8e:83:bd:15:a3:ba:a4:ac:46:00:5d:
a3:0b:db:1a:13:d7:e3:c8:42:c5:62:a4:c2:10:76:0f:60:b1:
73:ec:2f:b8:b6:2c:62:13:a0:17:3f:05:e4:61:30:92:6e:63:
12:2a:9b:10:36:a0:24:f9:75:21:b3:62:dd:72:a9:89:c1:0f:
6f:13:b0:de:f9:72:a1:48:3b:f7:84:d8:22:0c:04:5d:be:8c:
4f:bd:b8:36:1b:8f:d6:12:9a:85:dc:73:02:3b:e7:51:6a:99:
1b:e1:f2:ff:7e:5a:c8:c8:1d:64:54:d5:c9:30:cc:c7:ce:de:
f3:72:70:07
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZt9XM6U9n3ZvQTrcePX7PXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDYxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAzMDIwNWZhMzY1ZTlmNDlmZjRlYTc1MDZkZjkxMmQ1ZWQ4MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx85vuildg0wcGvJ2kV2Xgg8dRLKh
wd9ZXCcLM4gYsQ6cAIKzXXiQMDXDxDnq+cG2i2e40qHgWAhNbxvnhUkJ3J9bwWoq
KyTl9T9oGIUiRPD2gZj2RluUMvxcPy8wXdg5G1qwRS9nTr2OdoXL+XNfqs/CM2gX
lI1vPTHN1VW4/x/9uwjzu9QDq/ORWrUvb4XTjoq7851S+n6DS9FVilXYbWDBawbM
dy796uzRiexQ8c/hJhecb66fTrVBmXzWX09VJtnWKi8fEVdhpc2x31ok+Dfab7IA
xs0YcspNio6Uv6yFdSidN3VXoKb2XIt/BAOt4rTkHbxIkUSxbzMTCJS9GQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFE8DAgX6Nl6fSf9Op1Bt+RLV7YNgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FlLzNjOGRh
NS1hOGU5LTRhNGYtODE2OC0zY2U2MTFjYjY3OTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUvM2M4ZGE1
LWE4ZTktNGE0Zi04MTY4LTNjZTYxMWNiNjc5OS8xL1R3TUNCZm8yWHA5Sl8wNm5V
RzM1RXRYdGcyQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF
BwEHAQH/BDIwMDAYBAIAATASAwQEUcggAwQDXo/YAwQCuXzYMBQEAgACMA4DBQAq
ABuwAwUAKgOQYDAeBggrBgEFBQcBCAEB/wQPMA2gCzAJAgJwYAIDAItTMA0GCSqG
SIb3DQEBCwUAA4IBAQAPf5K+PsLduJU2K4Zmq9jYJ1ctar+TIJzlaPSmj2kPeLXu
6amQ5/I6Yvmn4CuHTVciGamqOAHMofGVCs4ILzH0OqwNMqOFx/SNRDinnpjJ351x
lSmLBQyTxKNZC5hSOZ8BUv2TUV7m+RbGPDh95qM1Bek9VPHtZJSA2ejaN8+jK0df
3P0sjoO9FaO6pKxGAF2jC9saE9fjyELFYqTCEHYPYLFz7C+4tixiE6AXPwXkYTCS
bmMSKpsQNqAk+XUhs2LdcqmJwQ9vE7De+XKhSDv3hNgiDARdvoxPvbg2G4/WEpqF
3HMCO+dRapkb4fL/flrIyB1kVNXJMMzHzt7zcnAH
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:32:24 2026 by rpki-client