Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer
File: ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer (raw, json)
Hash identifier: 2xrATw8/YedbqIG1qk26P2uqVyhzcYdRCifXIUfuUkI=
Subject key identifier: 8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0197A18A71F1E9496F1AAC4D1006878523D8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 24 Jun 2025 10:44:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41549
IP: 88.84.0.0/19
IP: 89.186.208.0/21
IP: 146.185.0.0/21
IP: 157.173.80.0/20
IP: 178.21.224.0/21
IP: 185.37.72.0/22
IP: 194.11.218.0/23
IP: 195.20.64.0/19
IP: 213.159.144.0/20
IP: 217.67.128.0/20
IP: 2a01:aec0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:8a:71:f1:e9:49:6f:1a:ac:4d:10:06:87:85:23:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 24 10:44:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4000101ad393cadf7fc8fd63daad3c6dae124f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:07:e2:23:bb:09:9d:7b:fe:32:ad:fb:33:
7e:3a:00:bc:ec:27:5b:f4:3e:d5:4c:69:23:c8:5e:
32:91:10:26:e4:8c:3f:94:b6:4e:8f:55:bb:a7:48:
bd:5a:19:12:50:b7:c0:07:f6:d6:5d:ff:a1:fe:66:
67:64:95:ba:9a:70:f6:c4:63:92:dd:69:f9:4f:4d:
91:b1:ed:49:ce:c1:5d:04:1d:8f:a2:da:39:cf:8d:
c5:da:18:ca:28:b9:9c:67:1b:4b:a8:b7:9e:1f:7d:
7f:64:9e:59:a1:d3:00:c1:f3:c7:fc:33:e6:78:21:
9b:24:6c:df:ec:9a:c0:20:e0:e7:13:5d:9c:50:db:
b3:ea:e9:9c:ad:f4:c6:3a:1d:41:99:37:b9:50:04:
c6:43:87:3f:b5:52:74:39:6d:ff:01:0c:68:58:15:
69:dd:1a:03:72:2c:06:e9:e5:17:aa:c8:81:e4:b7:
6d:48:3f:86:3f:b0:6d:bc:98:fd:32:1f:1c:2f:31:
8f:57:b7:0f:7f:93:61:b1:a3:44:12:bd:98:77:b8:
67:17:45:27:94:9a:b7:d5:b6:6b:98:4c:37:fb:2e:
8c:8a:54:31:a0:ad:c4:46:d7:5f:d1:db:15:1b:a4:
06:ad:86:b4:b2:75:b1:91:9f:7c:f5:3f:19:b2:a3:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.0.0/19
89.186.208.0/21
146.185.0.0/21
157.173.80.0/20
178.21.224.0/21
185.37.72.0/22
194.11.218.0/23
195.20.64.0/19
213.159.144.0/20
217.67.128.0/20
IPv6:
2a01:aec0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41549
Signature Algorithm: sha256WithRSAEncryption
08:88:b8:28:33:c9:26:87:83:02:4a:91:79:81:29:40:1e:81:
d6:8e:ea:41:bb:f8:1f:f6:8d:1b:2d:e2:a9:e9:31:34:dc:7c:
f7:be:4d:14:1f:14:29:87:7e:88:ca:cd:fa:47:9b:75:01:93:
4d:a8:67:88:6c:07:70:18:45:e7:21:5e:c8:07:c3:02:89:53:
c3:35:14:d9:bb:fa:24:ae:40:e0:41:3b:38:e9:23:d3:95:11:
c8:99:6d:d0:90:34:77:da:72:67:c2:b3:a8:b0:03:d8:f2:8a:
42:2e:a0:91:58:79:79:48:9e:c8:48:c8:e7:4a:1d:be:9a:65:
66:b1:07:3e:f5:03:b2:9a:6a:bf:0a:80:5d:5e:8c:f6:23:d2:
c2:90:9c:c7:47:76:eb:7a:ed:ac:68:dc:f6:3f:e0:95:66:ae:
71:fa:3c:39:72:6b:9d:fd:31:00:e5:5b:05:df:17:f0:10:41:
ff:7e:0b:4a:08:4a:e4:e7:84:50:f5:94:a8:25:16:9a:76:63:
fe:cf:0c:64:39:19:6d:39:cc:b9:cf:3f:8b:9f:f1:55:a5:2f:
2f:b3:81:66:ee:6a:3f:96:65:40:df:41:15:f9:06:b2:a3:15:
ff:45:e9:be:fb:fb:65:15:49:f2:e6:11:42:63:5c:6d:1f:77:
1b:b3:a7:8c
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAZehinHx6UlvGqxNEAaHhSPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjI0MTA0NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQwMDAxMDFhZDM5M2NhZGY3ZmM4ZmQ2M2RhYWQzYzZkYWUxMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZkH4iO7CZ17/jKt+zN+OgC87Cdb
9D7VTGkjyF4ykRAm5Iw/lLZOj1W7p0i9WhkSULfAB/bWXf+h/mZnZJW6mnD2xGOS
3Wn5T02Rse1JzsFdBB2Poto5z43F2hjKKLmcZxtLqLeeH31/ZJ5ZodMAwfPH/DPm
eCGbJGzf7JrAIODnE12cUNuz6umcrfTGOh1BmTe5UATGQ4c/tVJ0OW3/AQxoWBVp
3RoDciwG6eUXqsiB5LdtSD+GP7BtvJj9Mh8cLzGPV7cPf5NhsaNEEr2Yd7hnF0Un
lJq31bZrmEw3+y6MilQxoK3ERtdf0dsVG6QGrYa0snWxkZ989T8ZsqMZ5QIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFIpAABAa05PK33/I/WParTxtrhJPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZjL2IyN2Jk
MC0zZDM5LTRkNzgtYWEyYy0xZjNjY2ZhNjFhYWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvYjI3YmQw
LTNkMzktNGQ3OC1hYTJjLTFmM2NjZmE2MWFhYy8xL2lrQUFFQnJUazhyZmY4ajlZ
OXF0UEcydUVrOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGCCsGAQUF
BwEHAQH/BFUwUzBCBAIAATA8AwQFWFQAAwQDWbrQAwQDkrkAAwQEna1QAwQDshXg
AwQCuSVIAwQBwgvaAwQFwxRAAwQE1Z+QAwQE2UOAMA0EAgACMAcDBQAqAa7AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCiTTANBgkqhkiG9w0BAQsFAAOCAQEACIi4
KDPJJoeDAkqReYEpQB6B1o7qQbv4H/aNGy3iqekxNNx8975NFB8UKYd+iMrN+keb
dQGTTahniGwHcBhF5yFeyAfDAolTwzUU2bv6JK5A4EE7OOkj05URyJlt0JA0d9py
Z8KzqLAD2PKKQi6gkVh5eUieyEjI50odvpplZrEHPvUDsppqvwqAXV6M9iPSwpCc
x0d263rtrGjc9j/glWaucfo8OXJrnf0xAOVbBd8X8BBB/34LSghK5OeEUPWUqCUW
mnZj/s8MZDkZbTnMuc8/i5/xVaUvL7OBZu5qP5ZlQN9BFfkGsqMV/0Xpvvv7ZRVJ
8uYRQmNcbR93G7OnjA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 18:47:45 2025 by rpki-client