Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
File: VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer (raw, json)
Hash identifier: HdeG/sbkYbdDUQ9j6F0iNNSbD8hXyVCIoDnkj8PD/0Y=
Subject key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CE1B7E992A024279BEF08833FBE1E61D5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 12 Mar 2026 11:04:12 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 200173
AS: 203872
AS: 212772
IP: 45.156.136.0/22
IP: 46.243.228.0/22
IP: 92.255.56.0/24
IP: 92.255.68.0/22
IP: 92.255.84.0/24
IP: 94.140.14.0/23
IP: 176.103.128.0/19
IP: 185.113.28.0/22
IP: 217.72.12.0/22
IP: 2a10:50c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:b7:e9:92:a0:24:27:9b:ef:08:83:3f:be:1e:61:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 12 11:04:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:30:89:bc:2e:3e:a8:13:68:fa:b4:c0:2d:
07:77:65:ce:2a:e9:9b:b1:f6:82:eb:2e:38:55:c7:
0c:46:42:21:8b:6d:35:f1:e1:1c:19:52:99:bc:2d:
f7:b4:64:89:fb:2b:8b:ed:55:3d:65:28:f8:aa:c7:
b4:46:8c:6a:90:21:48:f2:cc:b5:33:01:c7:c2:b4:
11:b3:30:c7:e8:75:a7:c3:db:39:5f:2a:49:de:67:
76:08:3a:df:12:be:8f:08:5b:3c:fa:ab:09:d2:dd:
d9:a1:9f:9a:12:cf:b2:d3:a5:36:8a:4b:45:e2:1c:
bb:6f:a4:45:0c:19:25:e1:17:c0:af:0e:27:79:6b:
10:0a:5b:47:52:d4:8a:d4:fb:50:ac:40:ad:5a:bf:
16:5b:bc:a4:9b:7d:23:4c:cb:6e:5a:fa:ed:7f:dd:
8b:f9:83:ee:b7:05:1e:c5:94:43:94:a9:22:46:d4:
78:34:42:b9:f7:77:6d:d7:f5:37:26:fd:4f:80:b9:
d8:81:1c:e9:3c:44:34:f4:13:93:53:c3:79:56:5b:
c2:12:17:48:af:5d:d7:27:de:e5:47:a7:52:82:8c:
fe:42:ed:ec:38:e2:91:1a:e7:33:a3:f5:f2:38:15:
8d:a9:d2:0a:89:f6:a5:d3:da:71:2e:a7:da:d2:a3:
81:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.136.0/22
46.243.228.0/22
92.255.56.0/24
92.255.68.0/22
92.255.84.0/24
94.140.14.0/23
176.103.128.0/19
185.113.28.0/22
217.72.12.0/22
IPv6:
2a10:50c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200173
203872
212772
Signature Algorithm: sha256WithRSAEncryption
0e:91:57:48:9d:a0:83:5a:b3:46:eb:cc:d7:98:11:c2:0d:a7:
19:13:1a:9a:55:c5:5c:b7:37:e0:4c:54:20:b4:b3:1a:45:4e:
4b:dd:bd:9f:60:0b:92:e9:42:75:6c:cc:12:7c:e4:5e:f4:37:
e2:22:72:69:7a:62:b9:cc:22:dc:81:11:dc:03:0e:10:1b:5a:
15:3c:c3:f9:e3:c1:2d:86:e2:70:0d:2a:97:6b:93:17:6b:b7:
fa:8a:cc:87:14:c5:9a:c3:9a:bc:20:ac:b2:21:45:ba:7a:d7:
74:70:6d:4a:33:50:aa:e4:fa:13:fe:94:77:b9:2d:44:c4:a5:
87:e9:e0:08:dd:df:e5:d5:85:6c:99:b5:f2:ff:0f:0c:f0:ae:
af:7d:db:da:86:d9:f5:66:87:6e:5e:a5:9d:32:1b:44:93:31:
95:a8:6e:1c:25:2c:4f:36:7d:16:e6:40:2e:fa:ff:8e:7e:79:
7d:bc:5a:d3:3d:d1:0c:ba:f6:e6:b8:2e:75:74:2a:96:3e:16:
de:a7:cf:42:d4:a4:0c:ac:18:e9:ed:c0:50:71:78:b0:d2:18:
28:47:56:51:cc:71:bc:0d:b5:36:f1:4b:86:ea:cc:c3:8d:17:
a1:a6:e8:ee:f0:2f:b1:7f:b6:91:8d:36:e6:ca:79:df:86:69:
c3:a8:7b:f8
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAZzht+mSoCQnm+8Igz++HmHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzEyMTEwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc5MWRkZTJjOWJkZWEzNjZjZTdlYzZjNWE4MDBjNWRhNjMzNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsAwibwuPqgTaPq0wC0Hd2XOKumb
sfaC6y44VccMRkIhi2018eEcGVKZvC33tGSJ+yuL7VU9ZSj4qse0RoxqkCFI8sy1
MwHHwrQRszDH6HWnw9s5XypJ3md2CDrfEr6PCFs8+qsJ0t3ZoZ+aEs+y06U2iktF
4hy7b6RFDBkl4RfArw4neWsQCltHUtSK1PtQrECtWr8WW7ykm30jTMtuWvrtf92L
+YPutwUexZRDlKkiRtR4NEK593dt1/U3Jv1PgLnYgRzpPEQ09BOTU8N5VlvCEhdI
r13XJ97lR6dSgoz+Qu3sOOKRGuczo/XyOBWNqdIKifal09pxLqfa0qOBKwIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFFR5Hd4sm96jZs5+xsWoAMXaYzRUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhmLzE3ZTU2
Ny05ZTQ0LTQ0NGEtYWM2NC0xOGIzNGJlYTliMDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvMTdlNTY3
LTllNDQtNDQ0YS1hYzY0LTE4YjM0YmVhOWIwNi8xL1ZIa2QzaXliM3FObXpuN0d4
YWdBeGRwak5GUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQCLZyIAwQCLvPkAwQAXP84AwQCXP9EAwQAXP9U
AwQBXowOAwQFsGeAAwQCuXEcAwQC2UgMMA0EAgACMAcDBQAqEFDAMCQGCCsGAQUF
BwEIAQH/BBUwE6ARMA8CAwMN7QIDAxxgAgMDPyQwDQYJKoZIhvcNAQELBQADggEB
AA6RV0idoINas0brzNeYEcINpxkTGppVxVy3N+BMVCC0sxpFTkvdvZ9gC5LpQnVs
zBJ85F70N+Iicml6YrnMItyBEdwDDhAbWhU8w/njwS2G4nANKpdrkxdrt/qKzIcU
xZrDmrwgrLIhRbp613RwbUozUKrk+hP+lHe5LUTEpYfp4Ajd3+XVhWyZtfL/Dwzw
rq9929qG2fVmh25epZ0yG0STMZWobhwlLE82fRbmQC76/45+eX28WtM90Qy69ua4
LnV0KpY+Ft6nz0LUpAysGOntwFBxeLDSGChHVlHMcbwNtTbxS4bqzMONF6Gm6O7w
L7F/tpGNNubKed+GacOoe/g=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:09:53 2026 by rpki-client