Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hIiHKlri_4o7e3K2KaHYX_5l47I.cer
File: hIiHKlri_4o7e3K2KaHYX_5l47I.cer (raw, json)
Hash identifier: OESYtaZvW+t9Q8VTE6WNl7z3Diy3griN8MTtvzTqQtQ=
Subject key identifier: 84:88:87:2A:5A:E2:FF:8A:3B:7B:72:B6:29:A1:D8:5F:FE:65:E3:B2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CDD116DC988E6FA39B58FEFA35072B1E9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 11 Mar 2026 13:23:52 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 31278
IP: 193.26.129.0/24
IP: 193.227.110.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:11:6d:c9:88:e6:fa:39:b5:8f:ef:a3:50:72:b1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 11 13:23:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8488872a5ae2ff8a3b7b72b629a1d85ffe65e3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e3:67:e3:91:6e:97:f0:bb:29:54:4a:c5:15:
50:83:cc:37:80:c4:32:d9:a8:de:2b:18:ff:91:da:
3a:4b:d8:b8:bb:40:5a:dc:60:25:f7:b7:2b:9b:76:
28:5f:96:6b:39:86:c1:eb:ff:43:68:19:7f:0e:71:
51:c1:10:46:82:5e:8b:da:62:1d:26:5e:d2:e2:92:
89:e4:62:45:dd:44:f7:c7:27:21:94:3c:2d:13:e3:
c9:6c:d8:19:ba:2a:25:e8:0d:35:ec:2c:49:67:11:
82:4b:87:a8:9b:b0:8a:60:38:7c:e2:da:90:b5:e2:
cd:fd:a2:c3:d5:03:be:ac:34:9c:ff:b2:1c:9e:d4:
4d:c9:ef:5e:6a:2c:10:43:20:0f:87:53:e8:bf:73:
fa:28:9b:6a:4f:44:e4:be:b8:59:01:32:54:f2:c1:
bb:3d:4a:5c:1f:45:cc:fd:22:12:af:c3:c0:51:95:
c6:91:06:b0:dd:b0:0f:2f:31:92:b2:69:8b:54:07:
b5:60:b9:ee:8d:ca:33:2e:82:b8:a3:8d:24:17:8c:
5f:f0:48:c8:95:e8:d2:f9:74:3e:2a:94:ab:43:aa:
af:da:ce:4e:15:2c:4d:97:27:ce:35:94:8f:8a:13:
26:14:a5:63:91:c6:50:0a:e1:46:78:8d:c1:13:88:
f6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:88:87:2A:5A:E2:FF:8A:3B:7B:72:B6:29:A1:D8:5F:FE:65:E3:B2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.129.0/24
193.227.110.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
31278
Signature Algorithm: sha256WithRSAEncryption
53:b9:04:5a:eb:5a:f6:12:1c:d9:28:ba:73:e1:73:ad:18:fb:
68:21:93:76:c5:87:17:63:72:ce:3b:11:cd:0a:bf:1e:cb:fb:
c0:46:1b:0e:ab:10:61:66:0d:d1:21:e4:56:f4:bd:a4:ab:0f:
fe:23:a5:a4:2a:ae:b0:80:cd:82:2d:72:df:0b:6f:55:7c:b0:
f0:e0:b4:80:36:07:bf:cd:88:e8:9c:71:08:80:c9:50:d4:7c:
34:a1:e3:e5:af:2a:85:ef:78:12:a8:e6:bb:40:1e:2a:41:3d:
b5:d9:b5:89:9b:92:91:c7:e4:f2:47:6b:ff:d4:d1:08:1e:ee:
94:34:fb:9b:0e:62:e9:aa:98:f4:fc:3e:81:9f:6f:55:aa:57:
bd:b4:92:31:23:68:d1:99:93:17:cb:fc:b3:ae:71:87:39:39:
c4:f2:14:d8:a0:31:34:5b:11:79:a0:76:2e:9c:6b:f9:19:60:
5c:d5:2b:89:b2:0a:60:06:2f:4b:a7:0b:2b:f3:14:8d:a6:6e:
b1:6c:66:03:64:98:44:85:e5:41:41:3c:59:1b:16:ff:ad:22:
c4:df:92:17:a0:5e:1d:92:e4:9e:7f:2b:5b:29:de:2a:50:1e:
6d:c6:3e:0a:2a:69:4c:ee:3a:45:20:21:9c:77:ea:07:53:a8:
c3:87:a7:b8
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZzdEW3JiOb6ObWP76NQcrHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzExMTMyMzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg4ODcyYTVhZTJmZjhhM2I3YjcyYjYyOWExZDg1ZmZlNjVlM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eNn45Ful/C7KVRKxRVQg8w3gMQy
2ajeKxj/kdo6S9i4u0Ba3GAl97crm3YoX5ZrOYbB6/9DaBl/DnFRwRBGgl6L2mId
Jl7S4pKJ5GJF3UT3xychlDwtE+PJbNgZuiol6A017CxJZxGCS4eom7CKYDh84tqQ
teLN/aLD1QO+rDSc/7IcntRNye9eaiwQQyAPh1Pov3P6KJtqT0TkvrhZATJU8sG7
PUpcH0XM/SISr8PAUZXGkQaw3bAPLzGSsmmLVAe1YLnujcozLoK4o40kF4xf8EjI
lejS+XQ+KpSrQ6qv2s5OFSxNlyfONZSPihMmFKVjkcZQCuFGeI3BE4j2BQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFISIhypa4v+KO3tytimh2F/+ZeOyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdkLzExYjgz
Yi03OWVhLTQ3Y2UtYmVmYy04OGQxY2U2M2RiZWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvMTFiODNi
LTc5ZWEtNDdjZS1iZWZjLTg4ZDFjZTYzZGJlYi8xL2hJaUhLbHJpXzRvN2UzSzJL
YUhZWF81bDQ3SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAwRqBAwQAweNuMBkGCCsGAQUFBwEIAQH/BAow
CKAGMAQCAnouMA0GCSqGSIb3DQEBCwUAA4IBAQBTuQRa61r2EhzZKLpz4XOtGPto
IZN2xYcXY3LOOxHNCr8ey/vARhsOqxBhZg3RIeRW9L2kqw/+I6WkKq6wgM2CLXLf
C29VfLDw4LSANge/zYjonHEIgMlQ1Hw0oePlryqF73gSqOa7QB4qQT212bWJm5KR
x+TyR2v/1NEIHu6UNPubDmLpqpj0/D6Bn29Vqle9tJIxI2jRmZMXy/yzrnGHOTnE
8hTYoDE0WxF5oHYunGv5GWBc1SuJsgpgBi9Lpwsr8xSNpm6xbGYDZJhEheVBQTxZ
Gxb/rSLE35IXoF4dkuSefytbKd4qUB5txj4KKmlM7jpFICGcd+oHU6jDh6e4
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:41:31 2026 by rpki-client