Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
File: YbU0Q3UDZogVrdk80X0K0-GxqHc.cer (raw, json)
Hash identifier: gYh5LEIe/sFL48SVLUdeaiGv5qayqRtU0Odui2Ap1ls=
Subject key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0199955EF297298AA231914A457880D1A992
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 29 Sep 2025 12:07:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 13127
AS: 15670
AS: 20507
AS: 25596
AS: 31615
AS: 200352
AS: 205448
IP: 31.20.0.0/15
IP: 31.184.64.0/18
IP: 31.187.128.0/17
IP: 62.58.0.0/15
IP: 62.166.0.0/16
IP: 62.177.128.0/17
IP: 62.250.0.0/16
IP: 78.27.0.0/18
IP: 81.58.0.0/15
IP: 82.172.0.0/14
IP: 82.204.0.0/17
IP: 82.215.0.0/18
IP: 84.241.192.0/18
IP: 85.223.0.0/17
IP: 87.208.0.0/13
IP: 89.205.128.0/17
IP: 91.141.128.0/17
IP: 92.254.0.0/17
IP: 93.125.128.0/17
IP: 94.157.0.0/16
IP: 95.36.0.0/20
IP: 95.36.64.0/21
IP: 95.36.96.0 -- 95.36.255.255
IP: 95.98.0.0/15
IP: 109.232.164.0/22
IP: 143.176.0.0/14
IP: 178.224.0.0/13
IP: 188.88.0.0/14
IP: 212.53.16.0/20
IP: 217.16.32.0/20
IP: 217.149.192.0/19
IP: 2a00:d380::/32
IP: 2a01:380::/32
IP: 2a01:3a8::/32
IP: 2a02:58::/32
IP: 2a02:498::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:5e:f2:97:29:8a:a2:31:91:4a:45:78:80:d1:a9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 29 12:07:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61b534437503668815add93cd17d0ad3e1b1a877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a6:a1:7c:2e:0b:97:f0:f8:13:7c:45:e6:6a:
8f:5a:46:1b:89:66:c4:a5:cf:92:2d:cb:5b:b1:bc:
90:38:a5:05:58:dd:cd:e3:e3:70:e4:0a:3d:04:5f:
33:89:24:79:5a:29:7e:aa:2b:b7:2d:c9:31:1c:ab:
f2:b7:8b:83:1a:65:11:50:ce:70:e0:f3:d4:24:a2:
09:96:6b:f2:17:5f:07:bc:c5:fd:09:a7:74:9e:09:
bf:62:60:0a:39:1f:22:12:c2:d1:54:89:d9:35:43:
25:70:81:fe:bb:83:23:52:56:e5:64:f8:cb:a0:5d:
6c:57:2e:65:4d:1c:b6:1d:f1:ca:ba:25:3a:98:32:
b4:db:38:cb:ea:22:7c:94:27:b5:3d:fc:46:89:5b:
ff:4f:55:13:e3:72:26:97:01:86:93:44:5f:ce:bf:
7d:8a:cd:d4:a8:c8:93:ac:19:e9:e8:2a:26:38:2c:
5a:f6:ad:8e:ac:19:e4:e1:13:7a:b1:f1:bc:0c:39:
9f:cb:25:7c:d5:3c:9c:d9:8e:b8:9d:53:48:c2:ba:
e3:dd:07:a1:48:a7:dd:be:a8:b6:46:e3:fd:83:8b:
7b:f2:34:a2:d6:62:d2:18:62:98:6b:99:b6:56:f2:
12:6c:16:f2:3a:a6:3c:4b:ec:85:31:5c:2c:13:e8:
d1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.20.0.0/15
31.184.64.0/18
31.187.128.0/17
62.58.0.0/15
62.166.0.0/16
62.177.128.0/17
62.250.0.0/16
78.27.0.0/18
81.58.0.0/15
82.172.0.0/14
82.204.0.0/17
82.215.0.0/18
84.241.192.0/18
85.223.0.0/17
87.208.0.0/13
89.205.128.0/17
91.141.128.0/17
92.254.0.0/17
93.125.128.0/17
94.157.0.0/16
95.36.0.0/20
95.36.64.0/21
95.36.96.0-95.36.255.255
95.98.0.0/15
109.232.164.0/22
143.176.0.0/14
178.224.0.0/13
188.88.0.0/14
212.53.16.0/20
217.16.32.0/20
217.149.192.0/19
IPv6:
2a00:d380::/32
2a01:380::/32
2a01:3a8::/32
2a02:58::/32
2a02:498::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13127
15670
20507
25596
31615
200352
205448
Signature Algorithm: sha256WithRSAEncryption
9a:60:18:c4:7d:88:be:24:4a:7e:bc:28:11:9d:6d:d9:ce:04:
db:7d:6a:22:2b:0f:f9:7e:ec:db:38:de:a4:a3:b3:d1:7e:39:
27:d6:ed:ac:95:c8:9f:76:1f:9d:87:9e:d8:83:53:24:ac:e7:
0c:ec:9a:35:1e:87:44:be:3d:e8:34:23:45:9c:6e:dd:80:7e:
85:dd:29:13:6a:9a:c5:73:8c:94:3e:9f:a2:c4:6f:7c:2c:83:
53:88:f9:b8:89:69:42:10:33:31:48:44:d8:58:e8:d9:93:63:
51:72:ee:4c:66:4c:26:e1:75:93:26:75:cb:df:92:7a:33:51:
a6:4d:e8:6e:cc:36:ed:4a:ec:58:5e:b4:cb:3f:d6:13:10:50:
ee:85:75:c9:99:24:f2:d0:25:85:76:9b:9d:b9:6d:07:f5:c2:
b8:8a:65:b8:11:2b:ea:65:cd:e0:36:16:22:64:66:29:dc:2d:
ab:0d:8d:b2:d3:48:66:ad:2f:04:10:b3:73:53:83:b1:68:32:
d6:23:b2:ad:bc:f5:7d:56:43:dd:12:3b:68:00:f1:a8:16:37:
dd:38:44:e6:78:50:d9:e5:51:90:11:94:6e:b6:c4:7a:41:67:
1d:6f:8d:22:f5:1f:69:e9:5b:c4:99:8b:33:e2:6a:00:99:51:
32:17:51:c2
-----BEGIN CERTIFICATE-----
MIIGjDCCBXSgAwIBAgISAZmVXvKXKYqiMZFKRXiA0amSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTI5MTIwNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI1MzQ0Mzc1MDM2Njg4MTVhZGQ5M2NkMTdkMGFkM2UxYjFhODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaahfC4Ll/D4E3xF5mqPWkYbiWbE
pc+SLctbsbyQOKUFWN3N4+Nw5Ao9BF8ziSR5Wil+qiu3LckxHKvyt4uDGmURUM5w
4PPUJKIJlmvyF18HvMX9Cad0ngm/YmAKOR8iEsLRVInZNUMlcIH+u4MjUlblZPjL
oF1sVy5lTRy2HfHKuiU6mDK02zjL6iJ8lCe1PfxGiVv/T1UT43ImlwGGk0Rfzr99
is3UqMiTrBnp6ComOCxa9q2OrBnk4RN6sfG8DDmfyyV81Tyc2Y64nVNIwrrj3Qeh
SKfdvqi2RuP9g4t78jSi1mLSGGKYa5m2VvISbBbyOqY8S+yFMVwsE+jRrQIDAQAB
o4IDmDCCA5QwHQYDVR0OBBYEFGG1NEN1A2aIFa3ZPNF9CtPhsah3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlL2MxYWNk
Ni0yMzBhLTRlMzYtYTU4Zi1mNTU1ZTJlNjhhMTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvYzFhY2Q2
LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8xL1liVTBRM1VEWm9nVnJkazgw
WDBLMC1HeHFIYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH9BggrBgEF
BQcBBwEB/wSB7TCB6jCBvAQCAAEwgbUDAwEfFAMEBh+4QAMEBx+7gAMDAT46AwMA
PqYDBAc+sYADAwA++gMEBk4bAAMDAVE6AwMCUqwDBAdSzAADBAZS1wADBAZU8cAD
BAdV3wADAwNX0AMEB1nNgAMEB1uNgAMEB1z+AAMEB119gAMDAF6dAwQEXyQAAwQD
XyRAMAsDBAVfJGADAwBfJAMDAV9iAwQCbeikAwMCj7ADAwOy4AMDArxYAwQE1DUQ
AwQE2RAgAwQF2ZXAMCkEAgACMCMDBQAqANOAAwUAKgEDgAMFACoBA6gDBQAqAgBY
AwUDKgIEmDAzBggrBgEFBQcBCAEB/wQkMCKgIDAeAgIzRwICPTYCAlAbAgJj/AIC
e38CAwMOoAIDAyKIMA0GCSqGSIb3DQEBCwUAA4IBAQCaYBjEfYi+JEp+vCgRnW3Z
zgTbfWoiKw/5fuzbON6ko7PRfjkn1u2slcifdh+dh57Yg1MkrOcM7Jo1HodEvj3o
NCNFnG7dgH6F3SkTaprFc4yUPp+ixG98LINTiPm4iWlCEDMxSETYWOjZk2NRcu5M
Zkwm4XWTJnXL35J6M1GmTehuzDbtSuxYXrTLP9YTEFDuhXXJmSTy0CWFdpuduW0H
9cK4imW4ESvqZc3gNhYiZGYp3C2rDY2y00hmrS8EELNzU4OxaDLWI7KtvPV9VkPd
EjtoAPGoFjfdOETmeFDZ5VGQEZRutsR6QWcdb40i9R9p6VvEmYsz4moAmVEyF1HC
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:00:58 2025 by rpki-client