Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
File: fyFvSaO5qEoOhegKLEKHTwnqOYU.cer (raw, json)
Hash identifier: CZPllQtEZFblPlPD6CLwwpdHadfn55bLmIaTt/NLwas=
Subject key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D24FB919E92497F7B41C62C77AAEF3876
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 25 Mar 2026 12:32:39 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 44103
IP: 45.146.5.0 -- 45.146.7.255
IP: 185.235.144.0/24
IP: 188.64.138.0/24
IP: 2a07:2c00::/29
IP: 2a09:be40::/32
IP: 2a09:bfc0::/29
IP: 2a0d:8d05:: -- 2a0d:8d07:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2a0e:fd40::/29
IP: 2a10:84c0::/29
IP: 2a11:1:: -- 2a11:2:ffff:ffff:ffff:ffff:ffff:ffff
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:fb:91:9e:92:49:7f:7b:41:c6:2c:77:aa:ef:38:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 25 12:32:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f2:1e:42:58:64:4a:ac:5c:eb:ef:81:6c:3e:
64:51:c9:0c:82:b0:0b:a2:89:a7:05:dd:05:a5:95:
d7:d7:60:99:23:9f:e5:c1:37:8a:3a:10:e0:6a:e4:
32:ea:ac:57:06:0d:21:20:8c:64:35:98:d8:2f:c5:
3b:55:83:12:6c:6a:3c:74:9c:e8:82:10:c8:8f:d9:
d8:70:da:29:14:4d:cf:08:bd:9d:47:5c:be:21:c9:
99:b0:2b:47:c0:cc:b5:5b:a2:12:68:72:67:92:eb:
3c:24:8a:8b:5d:98:b9:b0:8e:ee:0c:df:61:e8:ab:
c9:03:e4:4c:c8:f3:5e:68:73:df:e9:54:51:c8:cd:
ec:39:33:69:2c:e4:60:63:88:9e:39:68:a2:d7:7d:
66:c2:33:2f:b3:b9:dd:3f:4e:8d:74:7e:49:6c:3b:
74:a8:11:17:eb:32:03:f6:38:8e:c7:49:22:c4:98:
19:a8:7f:be:61:b2:35:b4:05:96:b5:d6:57:fa:3f:
15:24:fb:b2:d7:89:70:b4:8a:57:8d:af:c6:cd:c3:
60:36:12:75:cb:75:39:cb:ed:10:06:15:1d:47:f4:
e9:28:3d:e3:4d:f2:ee:53:ae:7c:db:1f:08:65:2c:
65:bd:0e:2a:f6:94:27:ad:87:21:ef:d5:14:98:9e:
77:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.5.0-45.146.7.255
185.235.144.0/24
188.64.138.0/24
IPv6:
2a07:2c00::/29
2a09:be40::/32
2a09:bfc0::/29
2a0d:8d05::-2a0d:8d07:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:fd40::/29
2a10:84c0::/29
2a11:1::-2a11:2:ffff:ffff:ffff:ffff:ffff:ffff
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44103
Signature Algorithm: sha256WithRSAEncryption
04:50:51:ef:85:3b:43:1a:4c:c2:2f:36:b3:67:60:fe:e4:b4:
34:f0:0c:67:0c:e3:27:ce:1e:08:61:dd:64:42:fc:56:a2:6b:
23:6a:52:52:52:a5:0c:75:02:41:30:42:51:b6:74:0d:d1:af:
53:7e:8f:80:3d:fe:cf:c0:14:1b:b6:5e:11:c5:42:6f:4a:30:
f7:2b:84:ba:1c:a3:5c:60:2b:75:9f:64:e9:32:fe:39:fa:7f:
12:59:13:38:1d:52:3c:a6:fc:9f:70:93:61:a7:65:ac:58:9b:
44:91:11:6e:19:eb:30:8c:f4:a1:7b:58:b4:5c:43:e8:3c:c9:
79:71:65:4a:c8:3d:72:91:12:68:46:21:d7:a5:9a:b7:a7:b3:
7e:16:f3:e2:96:ac:ef:69:82:a3:8d:ed:eb:b6:bd:64:e1:ad:
48:64:0d:21:b2:9e:02:16:7c:4a:74:6f:a7:d8:f9:c7:30:2d:
84:f7:5e:bc:23:7f:d9:9b:9e:de:16:91:80:78:09:67:80:75:
63:c1:04:e3:7a:9c:6b:40:67:01:ab:d2:ad:d7:53:40:53:05:
fa:99:72:52:bd:6e:dd:2b:cc:4b:f3:cf:ab:0d:93:e9:4d:99:
b4:8b:12:84:24:a6:99:d8:04:5f:65:50:fd:f8:9d:23:7a:34:
9a:27:b5:26
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZ0k+5Gekkl/e0HGLHeq7zh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzI1MTIzMjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjIxNmY0OWEzYjlhODRhMGU4NWU4MGEyYzQyODc0ZjA5ZWEzOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/IeQlhkSqxc6++BbD5kUckMgrAL
oomnBd0FpZXX12CZI5/lwTeKOhDgauQy6qxXBg0hIIxkNZjYL8U7VYMSbGo8dJzo
ghDIj9nYcNopFE3PCL2dR1y+IcmZsCtHwMy1W6ISaHJnkus8JIqLXZi5sI7uDN9h
6KvJA+RMyPNeaHPf6VRRyM3sOTNpLORgY4ieOWii131mwjMvs7ndP06NdH5JbDt0
qBEX6zID9jiOx0kixJgZqH++YbI1tAWWtdZX+j8VJPuy14lwtIpXja/GzcNgNhJ1
y3U5y+0QBhUdR/TpKD3jTfLuU6582x8IZSxlvQ4q9pQnrYch79UUmJ53xwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFH8hb0mjuahKDoXoCixCh08J6jmFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZmIz
MGNhLWUxYzItNDkyMS1iMDU0LWQ0YWYwOTE2NWFmMS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRm
YjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvN0YyMTZGNDlBM0I5
QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjB+BggrBgEFBQcBBwEB/wRvMG0wIAQCAAEwGjAM
AwQALZIFAwQDLZIAAwQAueuQAwQAvECKMEkEAgACMEMDBQMqBywAAwUAKgm+QAMF
AyoJv8AwDgMFACoNjQUDBQMqDY0AAwUDKg79QAMFAyoQhMAwDgMFACoRAAEDBQAq
EQACMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCsRzANBgkqhkiG9w0BAQsFAAOC
AQEABFBR74U7QxpMwi82s2dg/uS0NPAMZwzjJ84eCGHdZEL8VqJrI2pSUlKlDHUC
QTBCUbZ0DdGvU36PgD3+z8AUG7ZeEcVCb0ow9yuEuhyjXGArdZ9k6TL+Ofp/ElkT
OB1SPKb8n3CTYadlrFibRJERbhnrMIz0oXtYtFxD6DzJeXFlSsg9cpESaEYh16Wa
t6ezfhbz4pas72mCo43t67a9ZOGtSGQNIbKeAhZ8SnRvp9j5xzAthPdevCN/2Zue
3haRgHgJZ4B1Y8EE43qca0BnAavSrddTQFMF+plyUr1u3SvMS/PPqw2T6U2ZtIsS
hCSmmdgEX2VQ/fidI3o0mie1Jg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:14:58 2026 by rpki-client