Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer
File: XLOiFF-bTUZgWCrca3NUlp4InKk.cer (raw, json)
Hash identifier: 6EYVgRcAHoaVKVzp1VlpHbm7NfLrdIh/HtfGr23W0MQ=
Subject key identifier: 5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D1B45FB731DC72E430B1E7685829EAF9F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 23 Mar 2026 15:17:44 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 202897
IP: 194.127.172.0/23
IP: 194.127.178.0/23
IP: 2a10:4dc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:45:fb:73:1d:c7:2e:43:0b:1e:76:85:82:9e:af:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 23 15:17:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5cb3a2145f9b4d4660582adc6b7354969e089ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:58:3b:6f:6d:a7:cc:7d:a1:b2:34:45:9f:
74:2e:3e:4a:61:e8:42:6c:bf:1a:d2:d8:8e:7d:eb:
83:e2:df:34:33:bb:cd:21:16:b1:71:03:2b:7d:18:
b2:d1:1e:0c:8f:e0:7e:fa:44:33:58:eb:2f:b1:c0:
0d:33:b0:a4:f5:05:b4:36:ac:e1:d4:f7:8b:41:d6:
1d:73:bb:d3:65:22:c6:ac:76:91:2d:29:e3:fd:b7:
3f:50:e5:1a:0a:8f:0a:72:5f:df:73:8a:b3:8c:ad:
20:19:22:11:a3:f6:ca:aa:78:97:5e:03:6a:ba:c5:
27:0c:05:3b:e3:68:26:93:15:ed:83:98:75:c9:47:
17:be:06:c5:1e:8a:84:14:54:99:ad:ba:82:83:fd:
26:ef:0c:49:ca:bf:6b:88:60:db:b9:2b:d7:f9:79:
3d:29:cb:0c:7b:97:99:24:5a:3f:4c:71:13:06:43:
2f:c7:46:b6:bc:34:19:f3:c7:c7:cf:aa:09:6f:13:
5f:7d:b0:62:59:4f:f7:1a:b6:fe:eb:3c:80:72:f5:
f2:3f:a7:b9:a5:73:2f:fd:b4:16:94:9d:dd:31:1c:
a0:cd:cc:a3:aa:68:d9:8e:99:53:35:b1:74:23:fa:
6c:cd:67:51:2b:0f:24:d6:6d:c3:b9:ec:f6:1c:45:
6e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.172.0/23
194.127.178.0/23
IPv6:
2a10:4dc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202897
Signature Algorithm: sha256WithRSAEncryption
88:82:c7:d7:53:89:20:2b:b2:86:68:83:df:f3:26:21:9b:c5:
2f:6e:ac:21:cb:99:cc:ac:9d:19:94:f6:92:c6:06:3a:a6:2b:
11:a3:a5:95:2e:e0:80:a8:a3:af:2d:06:b3:44:c2:da:51:27:
36:aa:0c:24:c9:82:a5:25:20:9d:d5:50:01:54:8c:72:df:f8:
5f:82:e5:68:58:27:7c:7b:76:7f:0b:d2:6f:ff:e8:bc:01:34:
64:b3:00:9a:c8:bc:a6:9c:1f:a0:0c:08:06:be:f6:10:75:2e:
1f:86:00:18:16:cc:ae:17:a4:36:74:f7:28:08:3e:68:bf:53:
95:b0:56:6e:dd:e8:c0:5a:ad:11:03:54:2d:52:04:de:14:44:
aa:e1:a0:36:1f:2a:3f:ca:fe:e4:03:ec:54:02:e4:d9:15:3e:
09:89:ad:5b:09:c3:1c:c2:3f:5f:a9:38:48:f6:3f:09:0a:ff:
0c:79:94:a0:9d:62:b0:14:32:dd:38:bf:81:71:fc:94:d2:7c:
8a:ee:09:05:80:36:f2:fb:27:60:7e:e7:c6:7e:45:7e:de:d0:
8a:f6:07:6a:f3:83:a5:4f:6d:69:e9:cb:e5:7b:dd:fb:fb:74:
4e:48:d3:c1:fc:e4:3e:27:f6:93:a1:c7:d5:4e:ad:ce:21:38:
91:52:ad:0c
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZ0bRftzHccuQwsedoWCnq+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzIzMTUxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2IzYTIxNDVmOWI0ZDQ2NjA1ODJhZGM2YjczNTQ5NjllMDg5Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzJYO29tp8x9obI0RZ90Lj5KYehC
bL8a0tiOfeuD4t80M7vNIRaxcQMrfRiy0R4Mj+B++kQzWOsvscANM7Ck9QW0Nqzh
1PeLQdYdc7vTZSLGrHaRLSnj/bc/UOUaCo8Kcl/fc4qzjK0gGSIRo/bKqniXXgNq
usUnDAU742gmkxXtg5h1yUcXvgbFHoqEFFSZrbqCg/0m7wxJyr9riGDbuSvX+Xk9
KcsMe5eZJFo/THETBkMvx0a2vDQZ88fHz6oJbxNffbBiWU/3Grb+6zyAcvXyP6e5
pXMv/bQWlJ3dMRygzcyjqmjZjplTNbF0I/pszWdRKw8k1m3Duez2HEVunQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFFyzohRfm01GYFgq3GtzVJaeCJypMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2QwNjYx
Yy1jZWJiLTRlMjItYjE5Ny0xMzk4MDBhOGM3NWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvZDA2NjFj
LWNlYmItNGUyMi1iMTk3LTEzOTgwMGE4Yzc1Zi8xL1hMT2lGRi1iVFVaZ1dDcmNh
M05VbHA0SW5Lay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBwn+sAwQBwn+yMA0EAgACMAcDBQMqEE3AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMYkTANBgkqhkiG9w0BAQsFAAOCAQEAiILH
11OJICuyhmiD3/MmIZvFL26sIcuZzKydGZT2ksYGOqYrEaOllS7ggKijry0Gs0TC
2lEnNqoMJMmCpSUgndVQAVSMct/4X4LlaFgnfHt2fwvSb//ovAE0ZLMAmsi8ppwf
oAwIBr72EHUuH4YAGBbMrhekNnT3KAg+aL9TlbBWbt3owFqtEQNULVIE3hREquGg
Nh8qP8r+5APsVALk2RU+CYmtWwnDHMI/X6k4SPY/CQr/DHmUoJ1isBQy3Ti/gXH8
lNJ8iu4JBYA28vsnYH7nxn5Fft7QivYHavODpU9taenL5Xvd+/t0TkjTwfzkPif2
k6HH1U6tziE4kVKtDA==
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:55:43 2026 by rpki-client