Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
File: fyFvSaO5qEoOhegKLEKHTwnqOYU.cer (raw, json)
Hash identifier: 9xd2hQSekiaA4RpeDW58CVrSbGjw9665BWwM8Hu4vdw=
Subject key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DE31CD3D80D8C7E0EF8DEBEB2B65B1A92
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Fri 01 May 2026 10:36:50 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 44103
IP: 45.146.6.0/23
IP: 185.235.144.0/24
IP: 188.64.138.0/24
IP: 2a07:2c00::/29
IP: 2a09:be40::/32
IP: 2a09:bfc0::/29
IP: 2a0d:8d05:: -- 2a0d:8d07:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2a0e:fd40::/29
IP: 2a10:84c0::/29
IP: 2a11:1:: -- 2a11:2:ffff:ffff:ffff:ffff:ffff:ffff
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e3:1c:d3:d8:0d:8c:7e:0e:f8:de:be:b2:b6:5b:1a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 1 10:36:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f2:1e:42:58:64:4a:ac:5c:eb:ef:81:6c:3e:
64:51:c9:0c:82:b0:0b:a2:89:a7:05:dd:05:a5:95:
d7:d7:60:99:23:9f:e5:c1:37:8a:3a:10:e0:6a:e4:
32:ea:ac:57:06:0d:21:20:8c:64:35:98:d8:2f:c5:
3b:55:83:12:6c:6a:3c:74:9c:e8:82:10:c8:8f:d9:
d8:70:da:29:14:4d:cf:08:bd:9d:47:5c:be:21:c9:
99:b0:2b:47:c0:cc:b5:5b:a2:12:68:72:67:92:eb:
3c:24:8a:8b:5d:98:b9:b0:8e:ee:0c:df:61:e8:ab:
c9:03:e4:4c:c8:f3:5e:68:73:df:e9:54:51:c8:cd:
ec:39:33:69:2c:e4:60:63:88:9e:39:68:a2:d7:7d:
66:c2:33:2f:b3:b9:dd:3f:4e:8d:74:7e:49:6c:3b:
74:a8:11:17:eb:32:03:f6:38:8e:c7:49:22:c4:98:
19:a8:7f:be:61:b2:35:b4:05:96:b5:d6:57:fa:3f:
15:24:fb:b2:d7:89:70:b4:8a:57:8d:af:c6:cd:c3:
60:36:12:75:cb:75:39:cb:ed:10:06:15:1d:47:f4:
e9:28:3d:e3:4d:f2:ee:53:ae:7c:db:1f:08:65:2c:
65:bd:0e:2a:f6:94:27:ad:87:21:ef:d5:14:98:9e:
77:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.6.0/23
185.235.144.0/24
188.64.138.0/24
IPv6:
2a07:2c00::/29
2a09:be40::/32
2a09:bfc0::/29
2a0d:8d05::-2a0d:8d07:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:fd40::/29
2a10:84c0::/29
2a11:1::-2a11:2:ffff:ffff:ffff:ffff:ffff:ffff
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44103
Signature Algorithm: sha256WithRSAEncryption
8d:51:ba:55:4d:a3:dd:09:e7:53:73:72:5a:e5:5e:ea:e5:f0:
a8:72:4a:7a:d6:32:89:39:61:61:31:79:9d:64:f7:59:99:3c:
50:bf:8d:1b:79:4e:ed:76:f7:f8:a8:2e:d9:36:0c:99:20:0a:
90:9e:97:62:d7:b4:2e:ad:99:a2:b0:79:56:1c:41:49:0e:1a:
f2:d7:2b:b4:e7:e1:a1:6e:28:7d:53:6b:cc:f0:e2:0c:9e:23:
7f:34:5c:73:23:ba:5e:15:ad:19:b4:31:3c:8f:bb:2a:8f:de:
38:cb:e5:38:6b:86:59:6a:04:79:5d:02:0e:ae:fd:6c:2d:f7:
8c:26:2a:6c:1a:e0:a9:ad:14:9a:1f:0d:34:d2:b3:91:7a:d9:
09:b9:dc:b0:c3:2f:2b:ab:e5:76:74:66:5f:40:13:44:e5:95:
84:41:f6:61:46:78:54:de:c0:1d:c0:5f:66:40:87:6c:c3:e6:
06:fb:f4:11:c1:7a:d6:2f:de:e9:59:66:79:33:5c:4a:dc:4b:
71:01:a6:cd:e7:7e:7c:af:d9:8e:fd:63:a9:d2:35:88:85:1f:
b5:fa:f5:c7:d0:75:98:e7:8e:7a:bd:33:6b:d8:41:3b:44:33:
c4:fc:11:0f:e0:6c:51:d8:ed:32:a9:ad:1c:4f:31:9e:74:01:
c9:4f:77:a9
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZ3jHNPYDYx+DvjevrK2WxqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTAxMTAzNjUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjIxNmY0OWEzYjlhODRhMGU4NWU4MGEyYzQyODc0ZjA5ZWEzOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/IeQlhkSqxc6++BbD5kUckMgrAL
oomnBd0FpZXX12CZI5/lwTeKOhDgauQy6qxXBg0hIIxkNZjYL8U7VYMSbGo8dJzo
ghDIj9nYcNopFE3PCL2dR1y+IcmZsCtHwMy1W6ISaHJnkus8JIqLXZi5sI7uDN9h
6KvJA+RMyPNeaHPf6VRRyM3sOTNpLORgY4ieOWii131mwjMvs7ndP06NdH5JbDt0
qBEX6zID9jiOx0kixJgZqH++YbI1tAWWtdZX+j8VJPuy14lwtIpXja/GzcNgNhJ1
y3U5y+0QBhUdR/TpKD3jTfLuU6582x8IZSxlvQ4q9pQnrYch79UUmJ53xwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFH8hb0mjuahKDoXoCixCh08J6jmFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZmIz
MGNhLWUxYzItNDkyMS1iMDU0LWQ0YWYwOTE2NWFmMS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRm
YjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvN0YyMTZGNDlBM0I5
QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjB2BggrBgEFBQcBBwEB/wRnMGUwGAQCAAEwEgME
AS2SBgMEALnrkAMEALxAijBJBAIAAjBDAwUDKgcsAAMFACoJvkADBQMqCb/AMA4D
BQAqDY0FAwUDKg2NAAMFAyoO/UADBQMqEITAMA4DBQAqEQABAwUAKhEAAjAaBggr
BgEFBQcBCAEB/wQLMAmgBzAFAgMArEcwDQYJKoZIhvcNAQELBQADggEBAI1RulVN
o90J51NzclrlXurl8KhySnrWMok5YWExeZ1k91mZPFC/jRt5Tu129/ioLtk2DJkg
CpCel2LXtC6tmaKweVYcQUkOGvLXK7Tn4aFuKH1Ta8zw4gyeI380XHMjul4VrRm0
MTyPuyqP3jjL5ThrhllqBHldAg6u/Wwt94wmKmwa4KmtFJofDTTSs5F62Qm53LDD
Lyur5XZ0Zl9AE0TllYRB9mFGeFTewB3AX2ZAh2zD5gb79BHBetYv3ulZZnkzXErc
S3EBps3nfnyv2Y79Y6nSNYiFH7X69cfQdZjnjnq9M2vYQTtEM8T8EQ/gbFHY7TKp
rRxPMZ50AclPd6k=
-----END CERTIFICATE-----
Generated at Wed May 13 02:09:47 2026 by rpki-client