Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iHo4aGXvn4fOt5fmZ0ZHSWOFliE.cer
File: iHo4aGXvn4fOt5fmZ0ZHSWOFliE.cer (raw, json)
Hash identifier: UevV5cGq86hC6y1OWLyzGKQffMQfT7Q8UkdhADMMJ6E=
Subject key identifier: 88:7A:38:68:65:EF:9F:87:CE:B7:97:E6:67:46:47:49:63:85:96:21
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019CDCE1ADEA4FBF4E64575D62034515B468
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/af/d06961-d6c3-4a19-a692-7fd39539e146/1/iHo4aGXvn4fOt5fmZ0ZHSWOFliE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/af/d06961-d6c3-4a19-a692-7fd39539e146/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 11 Mar 2026 12:31:43 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 209130
IP: 5.252.236.0/22
IP: 185.143.122.0/23
IP: 185.183.148.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:e1:ad:ea:4f:bf:4e:64:57:5d:62:03:45:15:b4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 11 12:31:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=887a386865ef9f87ceb797e66746474963859621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:eb:da:e3:be:cc:8d:94:43:b6:35:0d:ef:
db:51:2c:c4:fc:71:57:b5:93:e4:76:16:6f:aa:09:
38:e6:15:1c:0a:65:c0:c5:f0:27:0a:1c:5f:ee:44:
50:61:0c:71:bd:b5:db:21:9b:52:f4:db:c0:b4:ec:
7c:b5:f9:a7:da:be:8e:0b:28:73:99:bb:11:d9:cb:
3f:89:8d:d0:c2:2b:ee:30:96:7c:e7:71:fd:05:e6:
b3:35:3a:67:59:18:3a:c0:bc:29:98:e3:9c:af:0a:
f5:01:cb:d7:1b:9d:37:1f:d8:8a:dc:21:9c:ac:9f:
70:b4:0d:a6:25:6e:e8:48:30:f9:c1:a8:26:57:1a:
a9:8c:12:68:5d:58:2f:ee:43:c3:e6:0b:e9:f5:fa:
95:fb:1f:59:27:ec:7e:df:44:d4:06:d0:6c:2a:c4:
d7:d1:f6:cd:64:09:be:bd:00:e6:5a:de:d5:65:5e:
2f:45:6d:91:5c:3a:cb:d9:78:2d:24:3c:62:d6:21:
e0:3d:32:ff:90:a2:77:a3:2d:88:f5:71:1e:0a:21:
a7:5a:7c:91:b8:d3:29:ec:54:5c:96:fb:05:5a:12:
55:cd:6a:b5:37:d2:80:65:f0:80:f7:6c:95:7a:84:
1e:fb:23:aa:ae:53:7b:08:f8:0c:42:6b:9c:0d:95:
c0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7A:38:68:65:EF:9F:87:CE:B7:97:E6:67:46:47:49:63:85:96:21
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d06961-d6c3-4a19-a692-7fd39539e146/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d06961-d6c3-4a19-a692-7fd39539e146/1/iHo4aGXvn4fOt5fmZ0ZHSWOFliE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.236.0/22
185.143.122.0/23
185.183.148.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209130
Signature Algorithm: sha256WithRSAEncryption
52:78:14:0d:1b:8b:fa:13:7b:7f:af:eb:b2:90:42:d0:2b:4b:
2e:8d:bb:a0:96:b3:06:c3:42:7c:6d:20:d4:d8:39:1e:80:70:
57:27:72:8f:6f:63:39:41:3d:17:48:8b:87:d8:48:d3:3e:e8:
1d:53:db:30:7d:67:d2:2d:0e:48:42:b0:91:f5:9b:8f:dc:59:
56:27:f3:d2:a1:a5:42:c4:98:87:2f:74:2d:df:e0:b5:95:3c:
e9:e9:db:8c:64:2a:34:f2:54:e0:41:fd:5c:cc:b9:56:8b:e6:
2d:05:14:25:66:ed:ba:76:5f:e2:ee:85:e8:7d:f7:d2:c8:b9:
fe:1f:50:b0:4a:6b:59:79:8c:f2:0e:ed:ea:21:e8:b9:e3:f7:
9f:5b:d7:3a:ae:95:cb:d5:6a:20:a6:dc:ca:72:4f:ee:0b:56:
fa:84:8d:62:d9:ea:81:7a:41:1c:ea:08:e1:0e:7e:76:27:3a:
fb:e5:9d:22:7b:db:ea:b9:23:ec:2e:38:8c:55:6f:62:d7:ec:
72:06:c9:eb:15:18:cd:06:3c:84:4c:f2:5b:9b:9d:e8:02:22:
7a:a7:b0:1e:0d:03:8e:9c:db:94:7e:ec:7f:5a:73:57:85:5e:
da:d7:3d:45:53:57:0c:3f:e7:d4:ba:f1:7a:d4:6c:46:f0:20:
7d:a3:51:9c
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZzc4a3qT79OZFddYgNFFbRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzExMTIzMTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdhMzg2ODY1ZWY5Zjg3Y2ViNzk3ZTY2NzQ2NDc0OTYzODU5NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkXr2uO+zI2UQ7Y1De/bUSzE/HFX
tZPkdhZvqgk45hUcCmXAxfAnChxf7kRQYQxxvbXbIZtS9NvAtOx8tfmn2r6OCyhz
mbsR2cs/iY3QwivuMJZ853H9BeazNTpnWRg6wLwpmOOcrwr1AcvXG503H9iK3CGc
rJ9wtA2mJW7oSDD5wagmVxqpjBJoXVgv7kPD5gvp9fqV+x9ZJ+x+30TUBtBsKsTX
0fbNZAm+vQDmWt7VZV4vRW2RXDrL2XgtJDxi1iHgPTL/kKJ3oy2I9XEeCiGnWnyR
uNMp7FRclvsFWhJVzWq1N9KAZfCA92yVeoQe+yOqrlN7CPgMQmucDZXAWwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFIh6OGhl75+HzreX5mdGR0ljhZYhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FmL2QwNjk2
MS1kNmMzLTRhMTktYTY5Mi03ZmQzOTUzOWUxNDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvZDA2OTYx
LWQ2YzMtNGExOS1hNjkyLTdmZDM5NTM5ZTE0Ni8xL2lIbzRhR1h2bjRmT3Q1Zm1a
MFpIU1dPRmxpRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQCBfzsAwQBuY96AwQCubeUMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwMw6jANBgkqhkiG9w0BAQsFAAOCAQEAUngUDRuL+hN7f6/r
spBC0CtLLo27oJazBsNCfG0g1Ng5HoBwVydyj29jOUE9F0iLh9hI0z7oHVPbMH1n
0i0OSEKwkfWbj9xZVifz0qGlQsSYhy90Ld/gtZU86enbjGQqNPJU4EH9XMy5Vovm
LQUUJWbtunZf4u6F6H330si5/h9QsEprWXmM8g7t6iHoueP3n1vXOq6Vy9VqIKbc
ynJP7gtW+oSNYtnqgXpBHOoI4Q5+dic6++WdInvb6rkj7C44jFVvYtfscgbJ6xUY
zQY8hEzyW5ud6AIieqewHg0DjpzblH7sf1pzV4Ve2tc9RVNXDD/n1LrxetRsRvAg
faNRnA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:25:22 2026 by rpki-client