Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Wd0FdG-aKIdWwwr6jEWZW3dQVfg.cer
File: Wd0FdG-aKIdWwwr6jEWZW3dQVfg.cer (raw, json)
Hash identifier: DA3MWAfJjem5POw0cDJjrWSamcd0gF0zC0pwJ/Mp6yc=
Subject key identifier: 59:DD:05:74:6F:9A:28:87:56:C3:0A:FA:8C:45:99:5B:77:50:55:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7EA525B8C3CADA8001ADB4D6AAED8544
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/cc9b6f-3e1f-434c-9323-c2ce178df1c4/1/Wd0FdG-aKIdWwwr6jEWZW3dQVfg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/cc9b6f-3e1f-434c-9323-c2ce178df1c4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 12:18:30 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 210234
IP: 91.233.104.0/24
IP: 2a13:b400::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a5:25:b8:c3:ca:da:80:01:ad:b4:d6:aa:ed:85:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:18:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59dd05746f9a288756c30afa8c45995b775055f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cd:a0:a1:99:39:35:84:6c:36:00:1c:12:ad:
08:f0:e0:ac:75:17:0a:1f:d8:f2:42:67:64:bb:8c:
1f:fb:ff:1d:08:22:b9:a6:4b:6f:1f:05:47:5f:50:
d6:e1:a6:1c:b1:2d:96:4f:f3:42:4a:ca:9d:c3:d5:
cc:9a:e0:85:74:db:6a:cc:cd:42:9c:07:9e:a6:07:
69:44:71:47:98:43:97:94:44:6a:b6:c3:1d:12:7b:
71:5f:ea:41:f3:ae:36:a7:d8:59:2c:c9:3b:ce:01:
85:ea:62:20:a7:ab:93:19:25:c4:96:d1:d2:64:cf:
e4:6c:ab:bf:80:3c:be:3f:3f:35:6f:53:a6:59:a8:
68:28:aa:4c:88:1a:40:fc:c8:49:78:d7:2e:d9:06:
20:be:45:db:3f:9e:06:11:9a:f0:7c:07:50:64:12:
0a:b5:49:2d:f0:5d:47:05:23:f3:de:9c:e9:00:7b:
04:b5:17:8f:f7:38:0c:e9:8b:25:9d:c3:59:cb:6d:
b6:81:42:ea:71:14:80:5a:34:f6:a6:69:26:5f:53:
cb:77:95:0e:d0:c0:ae:a3:f3:d1:3f:ce:f2:2d:d2:
dd:50:d4:55:65:93:a5:be:2f:c1:67:ee:a9:81:42:
f7:d1:80:ec:99:af:67:3f:6c:fd:38:8a:a5:28:f1:
99:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DD:05:74:6F:9A:28:87:56:C3:0A:FA:8C:45:99:5B:77:50:55:F8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cc9b6f-3e1f-434c-9323-c2ce178df1c4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cc9b6f-3e1f-434c-9323-c2ce178df1c4/1/Wd0FdG-aKIdWwwr6jEWZW3dQVfg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.104.0/24
IPv6:
2a13:b400::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210234
Signature Algorithm: sha256WithRSAEncryption
06:4b:e0:26:7f:16:7d:2b:77:a6:5b:23:5d:6c:13:7b:6e:97:
0d:e1:2c:36:05:ba:de:34:95:03:d3:cd:ec:0c:b2:56:5f:c4:
9b:b9:8d:b1:7e:90:15:61:c1:1c:7a:ec:01:50:bf:27:d2:f2:
37:f8:40:df:cd:82:28:40:65:6f:4c:15:48:fa:94:76:22:c5:
e7:78:3a:81:9d:7f:28:71:74:7a:30:3c:ad:3a:5e:6f:32:32:
06:d9:58:8a:ec:ac:3c:cd:c1:9c:c9:43:98:30:80:b6:f5:ad:
e8:11:84:a0:56:d2:f7:ea:bb:ed:82:f9:47:03:88:84:03:31:
8f:be:37:cf:94:a5:99:8e:51:03:be:fc:df:09:33:7b:16:bf:
a6:d4:57:ad:91:cd:50:8a:22:0e:74:50:0c:b9:c4:9a:5f:29:
94:75:65:5a:62:b6:4c:56:26:4e:40:6b:14:e3:20:0d:bd:78:
42:45:55:3c:0d:f8:9b:d0:91:2f:87:3b:9e:49:9a:10:e1:e8:
84:e5:3e:36:2e:51:20:f9:eb:b6:e9:bb:28:aa:b4:bb:74:20:
98:03:67:d8:d5:c4:ed:24:94:3a:14:85:4c:83:4e:6f:1e:a7:
b8:8d:e8:1c:e0:04:43:94:22:54:8c:45:c5:4e:d2:e2:a2:4f:
3c:a4:0e:e5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt+pSW4w8ragAGttNaq7YVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWRkMDU3NDZmOWEyODg3NTZjMzBhZmE4YzQ1OTk1Yjc3NTA1NWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA282goZk5NYRsNgAcEq0I8OCsdRcK
H9jyQmdku4wf+/8dCCK5pktvHwVHX1DW4aYcsS2WT/NCSsqdw9XMmuCFdNtqzM1C
nAeepgdpRHFHmEOXlERqtsMdEntxX+pB8642p9hZLMk7zgGF6mIgp6uTGSXEltHS
ZM/kbKu/gDy+Pz81b1OmWahoKKpMiBpA/MhJeNcu2QYgvkXbP54GEZrwfAdQZBIK
tUkt8F1HBSPz3pzpAHsEtReP9zgM6YslncNZy222gULqcRSAWjT2pmkmX1PLd5UO
0MCuo/PRP87yLdLdUNRVZZOlvi/BZ+6pgUL30YDsma9nP2z9OIqlKPGZRwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFndBXRvmiiHVsMK+oxFmVt3UFX4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5L2NjOWI2
Zi0zZTFmLTQzNGMtOTMyMy1jMmNlMTc4ZGYxYzQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvY2M5YjZm
LTNlMWYtNDM0Yy05MzIzLWMyY2UxNzhkZjFjNC8xL1dkMEZkRy1hS0lkV3d3cjZq
RVdaVzNkUVZmZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW+loMA0EAgACMAcDBQMqE7QAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM1OjANBgkqhkiG9w0BAQsFAAOCAQEABkvgJn8WfSt3
plsjXWwTe26XDeEsNgW63jSVA9PN7AyyVl/Em7mNsX6QFWHBHHrsAVC/J9LyN/hA
382CKEBlb0wVSPqUdiLF53g6gZ1/KHF0ejA8rTpebzIyBtlYiuysPM3BnMlDmDCA
tvWt6BGEoFbS9+q77YL5RwOIhAMxj743z5SlmY5RA7783wkzexa/ptRXrZHNUIoi
DnRQDLnEml8plHVlWmK2TFYmTkBrFOMgDb14QkVVPA34m9CRL4c7nkmaEOHohOU+
Ni5RIPnrtum7KKq0u3QgmANn2NXE7SSUOhSFTINObx6nuI3oHOAEQ5QiVIxFxU7S
4qJPPKQO5Q==
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:58:43 2026 by rpki-client