Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer
File: iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer (raw, json)
Hash identifier: 4OJf/JnbJK/4UcvqFYVZqr1JT3d+1NnX+LwuG0oTj8A=
Subject key identifier: 88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01993D457091EDD4D071C4FBADF7427C2930
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 12 Sep 2025 09:33:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 215742
IP: 91.211.85.0/24
IP: 2a0d:ebc0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3d:45:70:91:ed:d4:d0:71:c4:fb:ad:f7:42:7c:29:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 12 09:33:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=881ab180cb3517186221b3999b08b83af4f66945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d5:e1:c2:d6:31:21:e3:ad:59:ee:e8:85:7c:
aa:30:1a:c7:16:2b:3f:86:c8:de:cf:e7:f6:f3:12:
4d:f5:a7:47:38:1d:1c:09:12:99:98:76:98:44:22:
09:f4:07:33:a2:ef:e3:e3:7f:68:2b:44:e6:ae:90:
ff:a6:ec:cb:aa:aa:bb:bd:4c:d5:6c:22:36:ee:55:
e7:43:96:26:e3:73:e6:58:d4:f2:6d:31:22:2c:9e:
4b:4b:93:ec:8f:9e:b8:01:e2:29:8b:99:04:b9:99:
ac:2a:4c:a5:bb:e1:c0:c5:e8:6f:a4:57:9c:0d:b8:
c1:db:25:5b:ff:86:15:d6:b4:06:8a:6a:3c:19:e1:
9f:e2:21:33:8b:bd:8d:5b:dc:46:b0:e3:cd:38:8d:
77:6c:df:4d:ad:42:c7:f9:8e:b5:7e:b0:e4:42:d4:
f6:74:df:96:b3:7c:e8:c2:2d:d1:64:07:58:c7:16:
e7:b3:df:7b:32:d9:10:5f:79:b2:e2:aa:42:d8:ce:
6a:bd:5c:89:9f:4e:8d:fa:5f:bd:79:cc:fc:af:fd:
f0:06:4c:e5:8e:f0:36:3c:74:2e:7e:18:93:08:5c:
33:a1:f8:4d:f1:5b:cb:f3:72:3c:92:34:57:28:c6:
c8:66:1f:d0:3d:ee:7b:94:04:26:a1:1e:63:ac:3c:
0e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.85.0/24
IPv6:
2a0d:ebc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
215742
Signature Algorithm: sha256WithRSAEncryption
4c:4d:ce:f2:a5:e2:f1:2f:14:8e:09:f2:35:20:4f:86:d0:48:
5b:51:a4:16:0c:e8:0a:57:7e:e4:77:ff:84:02:d7:6b:a6:40:
f6:c0:26:60:51:8c:9e:8b:e3:67:47:48:7d:01:7a:c9:fa:19:
80:11:8a:b6:53:ae:9c:90:e4:cd:5a:86:7d:2c:40:84:d1:77:
6d:f9:fa:53:e5:9e:6f:95:9a:e1:41:de:4a:3c:ca:9b:58:c4:
43:f1:ad:fe:a0:84:bb:bf:65:34:81:b5:da:c9:3f:3f:f7:ff:
1c:fe:eb:97:fa:fd:3b:56:07:2b:48:05:1f:4d:a8:6d:a6:40:
b0:95:62:ec:38:5c:16:77:cd:bd:61:c6:59:59:50:f0:8d:3f:
f2:96:9a:1a:ca:72:c9:90:45:9b:2c:d2:1e:5b:c6:66:40:4a:
8c:70:71:70:dd:75:70:aa:02:dc:ec:f2:a0:d8:02:21:5d:0b:
65:f6:5f:39:90:55:f3:03:46:4a:35:20:bd:37:a3:36:5c:4f:
41:4e:99:17:d6:93:49:76:27:fa:f0:ad:46:e1:ef:42:44:30:
7d:eb:7f:d3:dd:b6:6b:82:da:26:ce:a5:12:f6:a0:4a:c9:fd:
76:42:bf:8e:4d:e1:16:a2:45:32:63:49:82:3b:9b:00:95:21:
10:f5:dc:7c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZk9RXCR7dTQccT7rfdCfCkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTEyMDkzMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODFhYjE4MGNiMzUxNzE4NjIyMWIzOTk5YjA4YjgzYWY0ZjY2OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9XhwtYxIeOtWe7ohXyqMBrHFis/
hsjez+f28xJN9adHOB0cCRKZmHaYRCIJ9Aczou/j439oK0TmrpD/puzLqqq7vUzV
bCI27lXnQ5Ym43PmWNTybTEiLJ5LS5Psj564AeIpi5kEuZmsKkylu+HAxehvpFec
DbjB2yVb/4YV1rQGimo8GeGf4iEzi72NW9xGsOPNOI13bN9NrULH+Y61frDkQtT2
dN+Ws3zowi3RZAdYxxbns997MtkQX3my4qpC2M5qvVyJn06N+l+9ecz8r/3wBkzl
jvA2PHQufhiTCFwzofhN8VvL83I8kjRXKMbIZh/QPe57lAQmoR5jrDwOJwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFIgasYDLNRcYYiGzmZsIuDr09mlFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzL2M3ZjYw
MS0zZmEyLTRkYjYtYTAzZC0zYTYzYmY3NjMwZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvYzdmNjAx
LTNmYTItNGRiNi1hMDNkLTNhNjNiZjc2MzBmNS8xL2lCcXhnTXMxRnhoaUliT1pt
d2k0T3ZUMmFVVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW9NVMA0EAgACMAcDBQAqDevAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNKvjANBgkqhkiG9w0BAQsFAAOCAQEATE3O8qXi8S8U
jgnyNSBPhtBIW1GkFgzoCld+5Hf/hALXa6ZA9sAmYFGMnovjZ0dIfQF6yfoZgBGK
tlOunJDkzVqGfSxAhNF3bfn6U+Web5Wa4UHeSjzKm1jEQ/Gt/qCEu79lNIG12sk/
P/f/HP7rl/r9O1YHK0gFH02obaZAsJVi7DhcFnfNvWHGWVlQ8I0/8paaGspyyZBF
myzSHlvGZkBKjHBxcN11cKoC3OzyoNgCIV0LZfZfOZBV8wNGSjUgvTejNlxPQU6Z
F9aTSXYn+vCtRuHvQkQwfet/0922a4LaJs6lEvagSsn9dkK/jk3hFqJFMmNJgjub
AJUhEPXcfA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:33:49 2025 by rpki-client