Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fTRqzk5lKHDxaHRQ1cNOFMsAlLU.cer
File: fTRqzk5lKHDxaHRQ1cNOFMsAlLU.cer (raw, json)
Hash identifier: pOetzCY4kW09lc+zXfj6N1FfaX1czSxxMaPpceFFWzU=
Subject key identifier: 7D:34:6A:CE:4E:65:28:70:F1:68:74:50:D5:C3:4E:14:CB:00:94:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01997597D4C6AF505BE352C411D648DEFA1D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ed/c676d7-fbfe-4ae6-be51-327acc1b1e59/1/fTRqzk5lKHDxaHRQ1cNOFMsAlLU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ed/c676d7-fbfe-4ae6-be51-327acc1b1e59/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 23 Sep 2025 08:01:48 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 37.48.128.0 -- 37.48.223.255
IP: 46.58.128.0/17
IP: 130.0.240.0/20
IP: 130.180.128.0/18
IP: 178.171.128.0/17
IP: 188.160.0.0/16
IP: 188.229.128.0/17
IP: 2a00:1ee8::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:97:d4:c6:af:50:5b:e3:52:c4:11:d6:48:de:fa:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 23 08:01:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d346ace4e652870f1687450d5c34e14cb0094b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:b3:54:74:69:30:f5:d9:af:ec:85:da:e8:
eb:56:c4:8a:f7:6b:bd:46:b2:d7:e8:20:f6:60:e3:
25:78:ff:5d:90:45:20:e8:c0:77:d0:0f:85:e4:e2:
0d:85:de:ff:2e:e9:e7:61:85:cc:90:37:5f:53:1e:
6f:7f:46:a4:a6:d1:65:59:0e:32:81:59:19:83:f8:
65:53:b9:74:5a:62:72:72:c1:8d:0f:93:49:99:83:
64:8d:f0:7e:29:a0:51:9b:36:b6:04:32:b8:d4:c7:
b5:73:81:e5:33:32:94:5a:00:8f:45:a7:59:a2:b7:
1a:8d:8e:96:8c:74:de:1f:bb:19:06:51:6e:d2:ff:
66:54:17:b5:46:ee:60:31:95:3b:e3:f4:a9:4d:b0:
19:e9:2a:ad:2b:f7:50:33:1d:e1:21:99:30:e3:e0:
38:a0:0d:44:0a:11:b6:9e:d8:93:4c:5d:70:e6:ea:
20:a9:15:b5:3b:3b:d6:ea:4b:db:b6:ad:77:bf:0b:
39:5c:11:50:c9:5a:97:c3:28:de:6b:73:db:6d:ce:
53:99:d7:8c:29:80:16:9e:62:79:c4:37:d5:9a:5c:
cb:06:b8:62:c0:ff:8c:8c:93:b4:5b:d5:55:8a:98:
1c:66:0e:c7:3e:c5:d1:7e:28:3c:36:d7:50:55:98:
6f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:34:6A:CE:4E:65:28:70:F1:68:74:50:D5:C3:4E:14:CB:00:94:B5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c676d7-fbfe-4ae6-be51-327acc1b1e59/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c676d7-fbfe-4ae6-be51-327acc1b1e59/1/fTRqzk5lKHDxaHRQ1cNOFMsAlLU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.128.0-37.48.223.255
46.58.128.0/17
130.0.240.0/20
130.180.128.0/18
178.171.128.0/17
188.160.0.0/16
188.229.128.0/17
IPv6:
2a00:1ee8::/32
Signature Algorithm: sha256WithRSAEncryption
a8:17:71:a9:84:2e:c3:d7:3d:a7:08:1c:92:7f:eb:c3:72:52:
43:f0:ac:1f:33:d2:1e:8e:17:7c:c4:2e:8d:27:7b:23:ab:57:
9b:7e:2d:3d:a1:4c:dc:cf:05:3f:73:c9:4a:7f:b5:73:0b:1d:
50:b7:01:fc:2d:d6:cd:eb:56:fb:71:a5:2a:39:37:20:ec:5c:
af:1d:4e:b4:84:de:78:36:27:8c:90:6b:32:b2:06:e2:09:75:
ae:e4:13:e0:e7:93:14:7b:ac:bb:71:b7:ca:43:6a:d7:73:83:
25:7f:a2:63:e7:d8:05:07:34:c2:aa:04:a1:d7:45:ae:6e:e3:
91:88:c1:5b:40:9a:92:db:6f:e5:d5:b5:b9:cd:9c:e2:62:b1:
ad:bc:b0:3c:5d:e1:d9:87:e6:1d:50:b3:4e:74:09:68:93:27:
da:a9:19:62:63:82:59:be:02:0c:3c:3b:04:e1:c9:8c:6c:06:
7c:e2:39:99:64:08:8e:9a:09:09:a2:f6:9c:d0:68:52:b6:44:
a1:75:81:c5:cf:9b:4a:ac:81:81:16:1d:bf:8a:92:4a:3c:37:
cc:02:4a:97:d6:2c:ba:4b:04:f6:64:1b:55:e9:81:3b:d1:80:
e5:53:d7:63:db:c4:da:ee:b2:b7:f3:5b:a1:71:b4:23:98:5b:
fa:6c:44:df
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZl1l9TGr1Bb41LEEdZI3vodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTIzMDgwMTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM0NmFjZTRlNjUyODcwZjE2ODc0NTBkNWMzNGUxNGNiMDA5NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgOzVHRpMPXZr+yF2ujrVsSK92u9
RrLX6CD2YOMleP9dkEUg6MB30A+F5OINhd7/LunnYYXMkDdfUx5vf0akptFlWQ4y
gVkZg/hlU7l0WmJycsGND5NJmYNkjfB+KaBRmza2BDK41Me1c4HlMzKUWgCPRadZ
orcajY6WjHTeH7sZBlFu0v9mVBe1Ru5gMZU74/SpTbAZ6SqtK/dQMx3hIZkw4+A4
oA1EChG2ntiTTF1w5uogqRW1OzvW6kvbtq13vws5XBFQyVqXwyjea3Pbbc5TmdeM
KYAWnmJ5xDfVmlzLBrhiwP+MjJO0W9VVipgcZg7HPsXRfig8NtdQVZhvVQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFH00as5OZShw8Wh0UNXDThTLAJS1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkL2M2NzZk
Ny1mYmZlLTRhZTYtYmU1MS0zMjdhY2MxYjFlNTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvYzY3NmQ3
LWZiZmUtNGFlNi1iZTUxLTMyN2FjYzFiMWU1OS8xL2ZUUnF6azVsS0hEeGFIUlEx
Y05PRk1zQWxMVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGCCsGAQUF
BwEHAQH/BEowSDA3BAIAATAxMAwDBAclMIADBAUlMMADBAcuOoADBASCAPADBAaC
tIADBAeyq4ADAwC8oAMEB7zlgDANBAIAAjAHAwUAKgAe6DANBgkqhkiG9w0BAQsF
AAOCAQEAqBdxqYQuw9c9pwgckn/rw3JSQ/CsHzPSHo4XfMQujSd7I6tXm34tPaFM
3M8FP3PJSn+1cwsdULcB/C3WzetW+3GlKjk3IOxcrx1OtITeeDYnjJBrMrIG4gl1
ruQT4OeTFHusu3G3ykNq13ODJX+iY+fYBQc0wqoEoddFrm7jkYjBW0Cakttv5dW1
uc2c4mKxrbywPF3h2YfmHVCzTnQJaJMn2qkZYmOCWb4CDDw7BOHJjGwGfOI5mWQI
jpoJCaL2nNBoUrZEoXWBxc+bSqyBgRYdv4qSSjw3zAJKl9YsuksE9mQbVemBO9GA
5VPXY9vE2u6yt/NboXG0I5hb+mxE3w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:29:07 2025 by rpki-client