Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
File: YKVAzkUEVjReyOCY709TY010vx8.cer (raw, json)
Hash identifier: lGo4vAA/b8HGNU/wVxmbazlhPvVcOTbWl7InZhnm9/g=
Subject key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CD312DA36131994B97F1DDA5B8981004E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 09 Mar 2026 14:49:14 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 213122
IP: 5.252.164.0/22
IP: 31.216.59.0/24
IP: 45.87.60.0/22
IP: 45.130.152.0/22
IP: 45.143.144.0/22
IP: 89.36.230.0/24
IP: 89.37.100.0/24
IP: 89.46.43.0/24
IP: 94.154.8.0/24
IP: 103.104.248.0/22
IP: 103.202.52.0/22
IP: 135.84.208.0/21
IP: 135.136.128.0/19
IP: 178.211.157.0/24
IP: 185.162.74.0/23
IP: 185.234.115.0/24
IP: 188.210.236.0/24
IP: 194.49.68.0/23
IP: 194.49.78.0/23
IP: 207.189.0.0/19
IP: 2a0e:f380::/29
IP: 2a0f:5c0::/29
IP: 2a10:e580::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d3:12:da:36:13:19:94:b9:7f:1d:da:5b:89:81:00:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 9 14:49:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a2:8b:e8:36:17:32:d7:d7:d5:ae:36:42:5c:
98:d4:ea:7a:fb:f9:13:1e:67:08:94:00:3b:46:e0:
47:d1:e0:26:af:3c:cd:fa:eb:13:61:be:af:ae:ae:
3d:a1:d1:92:0c:dc:b5:57:51:9c:a4:52:a6:87:9f:
c8:82:ef:3f:18:9e:f1:a0:c2:8e:68:aa:11:76:b4:
56:f5:b2:1d:f7:0c:e5:e6:62:fd:f2:9a:43:c7:16:
4c:c0:bd:ef:21:0e:56:51:1d:a2:4b:a5:2b:32:ff:
36:12:bd:89:70:85:61:78:a3:d5:a8:4f:88:79:d8:
37:43:16:a1:ed:a3:2d:da:19:dd:58:a7:24:b6:41:
69:36:df:65:de:0a:fc:7c:78:f1:f1:7d:68:49:36:
58:30:ee:9c:1d:5a:99:63:d2:a8:90:ef:5f:ac:5b:
12:56:18:e5:3d:de:60:58:5c:6c:ba:b7:23:1c:00:
dd:1a:28:69:27:f7:a7:8c:d6:52:9e:e4:9d:b4:b8:
fd:73:4a:03:35:8b:eb:e9:51:ea:e9:08:ea:c0:fd:
42:f9:53:59:62:9a:25:66:51:e7:65:6d:db:e7:64:
c8:a7:c7:8e:df:86:cf:d7:91:a9:87:47:d6:d0:a1:
61:ae:53:f5:f7:8f:0b:b6:9d:7b:30:87:1f:83:b6:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/22
31.216.59.0/24
45.87.60.0/22
45.130.152.0/22
45.143.144.0/22
89.36.230.0/24
89.37.100.0/24
89.46.43.0/24
94.154.8.0/24
103.104.248.0/22
103.202.52.0/22
135.84.208.0/21
135.136.128.0/19
178.211.157.0/24
185.162.74.0/23
185.234.115.0/24
188.210.236.0/24
194.49.68.0/23
194.49.78.0/23
207.189.0.0/19
IPv6:
2a0e:f380::/29
2a0f:5c0::/29
2a10:e580::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213122
Signature Algorithm: sha256WithRSAEncryption
0c:07:f3:64:b2:46:23:1d:a2:e8:a5:77:d0:6d:5a:3f:49:42:
a9:fa:5b:62:3e:a9:06:ef:18:31:4a:28:4f:eb:c7:d7:82:b5:
92:2f:67:6a:55:0d:af:ce:d3:5a:48:7e:7d:90:57:53:d2:7e:
73:89:fc:b0:ed:a1:18:89:1e:91:ce:6c:31:c7:31:04:c2:ea:
4d:9a:c2:d4:46:99:1e:78:59:72:e6:25:d6:5d:c9:4f:0f:0d:
5b:dd:38:d3:93:85:07:70:b7:45:a9:6a:6f:43:34:fa:a7:ed:
b8:27:e2:52:87:a0:6a:e0:3b:fd:f1:d5:fb:c2:d4:fd:bf:92:
bd:27:6c:49:9f:3c:bf:e7:75:7d:5e:7b:ed:f1:73:3f:01:f4:
ff:53:b7:24:37:31:f3:10:ba:3e:f4:79:71:7c:ec:64:eb:4d:
f0:9c:e9:9e:be:d0:a6:97:bb:7c:78:49:70:cd:94:39:40:58:
05:a8:70:62:66:bd:be:7a:84:d0:84:7f:42:e6:35:c4:16:de:
de:5e:8f:4e:af:27:08:df:6a:72:72:2e:93:50:12:aa:1c:80:
85:8f:eb:de:9b:33:8c:8c:82:e6:f8:3c:07:55:b2:3d:61:3f:
c7:bf:6b:1a:ba:a5:4e:2c:62:2b:d5:8b:73:5d:f1:f5:dc:8c:
dd:46:82:8d
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISAZzTEto2ExmUuX8d2luJgQBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzA5MTQ0OTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE1NDBjZTQ1MDQ1NjM0NWVjOGUwOThlZjRmNTM2MzRkNzRiZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaKL6DYXMtfX1a42QlyY1Op6+/kT
HmcIlAA7RuBH0eAmrzzN+usTYb6vrq49odGSDNy1V1GcpFKmh5/Igu8/GJ7xoMKO
aKoRdrRW9bId9wzl5mL98ppDxxZMwL3vIQ5WUR2iS6UrMv82Er2JcIVheKPVqE+I
edg3Qxah7aMt2hndWKcktkFpNt9l3gr8fHjx8X1oSTZYMO6cHVqZY9KokO9frFsS
VhjlPd5gWFxsurcjHADdGihpJ/enjNZSnuSdtLj9c0oDNYvr6VHq6QjqwP1C+VNZ
YpolZlHnZW3b52TIp8eO34bP15Gph0fW0KFhrlP1948Ltp17MIcfg7bkDwIDAQAB
o4IDMjCCAy4wHQYDVR0OBBYEFGClQM5FBFY0XsjgmO9PU2NNdL8fMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzE5NWE0
Ny1hMmNiLTRmMDAtODUzMS1lNDczNTMxZjZmZTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvMTk1YTQ3
LWEyY2ItNGYwMC04NTMxLWU0NzM1MzFmNmZlOC8xL1lLVkF6a1VFVmpSZXlPQ1k3
MDlUWTAxMHZ4OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGwBggrBgEF
BQcBBwEB/wSBoDCBnTB+BAIAATB4AwQCBfykAwQAH9g7AwQCLVc8AwQCLYKYAwQC
LY+QAwQAWSTmAwQAWSVkAwQAWS4rAwQAXpoIAwQCZ2j4AwQCZ8o0AwQDh1TQAwQF
h4iAAwQAstOdAwQBuaJKAwQAuepzAwQAvNLsAwQBwjFEAwQBwjFOAwQFz70AMBsE
AgACMBUDBQMqDvOAAwUDKg8FwAMFAyoQ5YAwGgYIKwYBBQUHAQgBAf8ECzAJoAcw
BQIDA0CCMA0GCSqGSIb3DQEBCwUAA4IBAQAMB/NkskYjHaLopXfQbVo/SUKp+lti
PqkG7xgxSihP68fXgrWSL2dqVQ2vztNaSH59kFdT0n5zifyw7aEYiR6RzmwxxzEE
wupNmsLURpkeeFly5iXWXclPDw1b3TjTk4UHcLdFqWpvQzT6p+24J+JSh6Bq4Dv9
8dX7wtT9v5K9J2xJnzy/53V9Xnvt8XM/AfT/U7ckNzHzELo+9HlxfOxk603wnOme
vtCml7t8eElwzZQ5QFgFqHBiZr2+eoTQhH9C5jXEFt7eXo9OrycI32pyci6TUBKq
HICFj+vemzOMjILm+DwHVbI9YT/Hv2sauqVOLGIr1YtzXfH13IzdRoKN
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:33:02 2026 by rpki-client