Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
File: aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer (raw, json)
Hash identifier: 883An+i60lOSsXyID04vEFTQGGgRqhAu9DMVtiDXaH8=
Subject key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DAB1B653D65D25F3DA826F4CC03DE0172
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 20 Apr 2026 13:36:32 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 185.206.253.0/24
IP: 2a0b:9340::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 14:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:1b:65:3d:65:d2:5f:3d:a8:26:f4:cc:03:de:01:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 20 13:36:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:99:31:c1:68:a8:22:11:8b:d4:08:44:8f:89:
64:1d:38:a8:04:ec:84:9a:c9:30:18:34:61:98:d8:
6c:31:c2:8c:72:ee:fb:74:4f:33:c2:ab:b2:0a:69:
95:14:50:fe:7e:9a:c9:1c:e7:33:b3:bd:19:73:4a:
84:f5:e2:c9:7d:26:7b:f2:e9:73:8a:bf:be:69:a8:
e5:39:94:54:73:3f:d2:ce:1f:16:b6:44:69:4b:35:
30:ba:ef:c4:29:3e:b1:7b:7a:ae:ed:98:99:11:fc:
d3:47:48:e4:35:8e:0e:e7:67:d1:4e:80:d2:af:6e:
82:65:a0:52:3d:19:05:70:c5:57:07:fa:b9:cc:fe:
65:79:94:26:2b:bd:fb:1a:96:01:8d:e5:b2:4b:77:
21:25:a9:84:82:77:65:54:6d:2a:7c:85:fc:02:e7:
14:a3:8b:7e:cd:52:a0:4b:6e:ba:7b:f8:6c:30:78:
b8:3f:9f:22:39:77:8d:d6:48:7f:e7:c0:4c:d1:a0:
eb:a9:61:b3:85:fb:87:ff:9f:41:f5:ca:75:be:7a:
f2:94:ac:17:c3:1c:b6:48:fa:cb:0c:f7:e7:37:49:
34:71:d0:d6:8e:bd:da:61:bb:fb:16:9c:ce:22:5d:
30:7c:fb:1e:c7:b7:f8:14:78:f4:d4:ec:0d:d2:a6:
3f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.253.0/24
IPv6:
2a0b:9340::/29
Signature Algorithm: sha256WithRSAEncryption
77:69:4f:c7:30:91:7a:d8:8a:65:90:d1:c2:62:b1:4f:40:f8:
e0:8d:f8:70:24:d2:bb:83:a1:f4:9b:5e:bc:99:3f:8a:48:fb:
96:be:c9:f1:1c:8f:98:92:e6:c6:20:24:98:1a:20:d0:c0:ad:
ca:2d:75:21:be:1f:6d:33:7e:e6:91:83:9e:15:ef:cf:09:0c:
d6:8e:30:77:b9:16:f8:d2:35:61:7f:63:43:4e:8d:a3:48:af:
ff:ac:cb:04:e0:f5:c1:c1:5c:4e:d2:fe:b1:62:8b:9b:d8:14:
9d:cb:30:46:bc:c5:6d:de:38:91:d6:b8:0b:38:35:0d:5b:4b:
5f:e4:2a:0c:3b:05:fd:a1:62:7a:55:4b:a1:f6:04:e4:7e:0b:
68:fe:ce:66:db:ce:ff:af:22:0a:9c:6b:c5:d5:68:39:78:2f:
db:b5:98:01:cc:aa:c9:5e:85:67:b1:11:75:21:75:10:0d:a9:
b8:ff:da:fd:57:4f:1d:34:7e:20:8a:b1:cf:44:9d:41:34:ab:
cc:50:9e:7d:98:46:e9:15:5c:a7:4b:a3:2a:e2:de:6d:22:9f:
6c:8f:9a:25:33:bf:90:38:26:30:98:c5:34:26:1d:48:00:b9:
b1:55:2c:e6:14:3c:d0:05:1a:4b:26:9c:22:b7:41:f4:e2:ce:
a8:04:39:6c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZ2rG2U9ZdJfPagm9MwD3gFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDIwMTMzNjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQwOTdhZmQ4OGFlZjNmMTAyODJmMzIxOGZjMTNmMDFhMGRlNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopkxwWioIhGL1AhEj4lkHTioBOyE
mskwGDRhmNhsMcKMcu77dE8zwquyCmmVFFD+fprJHOczs70Zc0qE9eLJfSZ78ulz
ir++aajlOZRUcz/Szh8WtkRpSzUwuu/EKT6xe3qu7ZiZEfzTR0jkNY4O52fRToDS
r26CZaBSPRkFcMVXB/q5zP5leZQmK737GpYBjeWyS3chJamEgndlVG0qfIX8AucU
o4t+zVKgS266e/hsMHi4P58iOXeN1kh/58BM0aDrqWGzhfuH/59B9cp1vnrylKwX
wxy2SPrLDPfnN0k0cdDWjr3aYbv7FpzOIl0wfPsex7f4FHj01OwN0qY/ywIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGjQl6/Yiu8/ECgvMhj8E/AaDeSGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdjMTFi
ODE5LWQ0NTktNDEzNi05OTg3LWYwMjkyYTg3ZTY0MC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Mx
MWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdlNjQwLzAvNjhEMDk3QUZEODhB
RUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
ALnO/TANBAIAAjAHAwUDKguTQDANBgkqhkiG9w0BAQsFAAOCAQEAd2lPxzCRetiK
ZZDRwmKxT0D44I34cCTSu4Oh9JtevJk/ikj7lr7J8RyPmJLmxiAkmBog0MCtyi11
Ib4fbTN+5pGDnhXvzwkM1o4wd7kW+NI1YX9jQ06No0iv/6zLBOD1wcFcTtL+sWKL
m9gUncswRrzFbd44kda4Czg1DVtLX+QqDDsF/aFielVLofYE5H4LaP7OZtvO/68i
CpxrxdVoOXgv27WYAcyqyV6FZ7ERdSF1EA2puP/a/VdPHTR+IIqxz0SdQTSrzFCe
fZhG6RVcp0ujKuLebSKfbI+aJTO/kDgmMJjFNCYdSAC5sVUs5hQ80AUaSyacIrdB
9OLOqAQ5bA==
-----END CERTIFICATE-----
Generated at Wed May 13 16:48:53 2026 by rpki-client