Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
File: jzgYVUpRgI7vuCnsdGWjIi8nASM.cer (raw, json)
Hash identifier: 2kkhdVnyRaTdEclHaWLF14uuh+0ryEcaE7VfD7ZDkEk=
Subject key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019976832BA3D2FE006E2C2EF6B69980FFEE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 23 Sep 2025 12:18:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8641
AS: 24832
AS: 28809
AS: 34829
AS: 42484
AS: 56794
AS: 198602
AS: 198976
AS: 200955
IP: 77.73.24.0/21
IP: 77.94.160.0/19
IP: 77.95.20.0/22
IP: 81.26.144.0 -- 81.26.155.255
IP: 81.26.157.0/24
IP: 81.28.0.0/22
IP: 84.47.128.0/22
IP: 84.47.134.0 -- 84.47.136.255
IP: 84.47.140.0 -- 84.47.145.255
IP: 84.47.147.0 -- 84.47.153.255
IP: 84.47.156.0 -- 84.47.165.255
IP: 84.47.168.0 -- 84.47.178.255
IP: 84.47.181.0 -- 84.47.183.255
IP: 84.47.186.0/23
IP: 84.47.190.0/23
IP: 85.91.96.0/21
IP: 85.91.112.0/22
IP: 85.91.118.0 -- 85.91.122.255
IP: 91.197.183.0/24
IP: 91.227.198.0/24
IP: 91.244.240.0/23
IP: 185.106.107.0/24
IP: 185.122.28.0/22
IP: 193.105.11.0/24
IP: 193.164.194.0/23
IP: 213.135.64.0/22
IP: 213.135.69.0 -- 213.135.74.255
IP: 213.135.77.0/24
IP: 213.135.80.0 -- 213.135.92.255
IP: 213.135.94.0/23
IP: 213.208.160.0 -- 213.208.170.255
IP: 213.208.172.0 -- 213.208.184.255
IP: 213.208.188.0/22
IP: 217.73.116.0/22
IP: 2a01:8a00::/32
IP: 2a02:bc8::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:83:2b:a3:d2:fe:00:6e:2c:2e:f6:b6:99:80:ff:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 23 12:18:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f3818554a51808eefb829ec7465a3222f270123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d8:28:ef:36:9a:83:e1:33:86:1c:e6:86:ed:
ef:50:d6:92:c0:a7:bd:44:9e:3c:6f:1a:12:b1:12:
ad:3f:05:6d:51:3e:72:26:51:75:ed:51:1e:6f:8e:
9a:2a:16:ff:20:e6:69:35:7b:a5:24:28:c8:97:7d:
b5:9a:bc:48:83:16:8e:b2:7a:af:d9:4a:0f:09:4c:
03:0f:fa:c4:cf:fc:55:f6:58:70:03:00:7e:cc:5a:
11:29:91:4a:b7:15:ba:4f:d7:cf:43:4e:46:b8:c6:
c7:4d:19:fa:3e:fc:88:c2:fc:8a:0f:98:4b:3b:92:
ef:d1:a1:41:42:69:08:ab:5d:83:c5:dd:60:7b:8b:
f5:e8:4d:52:4a:94:24:e0:84:30:b1:cb:f4:2f:fe:
c2:65:c5:77:b0:d7:ff:c0:c3:ca:e0:44:fb:86:cf:
19:53:8a:96:a3:95:e0:06:88:5c:ad:5b:7c:8e:6c:
23:70:32:b8:da:21:89:74:57:b5:89:d1:48:b5:53:
3b:fe:ef:59:2c:c7:49:b3:cd:8b:fb:85:f2:f6:16:
5d:a9:ad:1f:4b:bc:1d:7a:e0:5d:4e:79:cf:1a:3b:
78:ec:f3:42:5a:29:15:11:1d:65:9e:2d:40:9b:f0:
20:1e:fb:47:85:a8:31:03:f2:69:86:61:8d:16:ee:
69:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.24.0/21
77.94.160.0/19
77.95.20.0/22
81.26.144.0-81.26.155.255
81.26.157.0/24
81.28.0.0/22
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
91.197.183.0/24
91.227.198.0/24
91.244.240.0/23
185.106.107.0/24
185.122.28.0/22
193.105.11.0/24
193.164.194.0/23
213.135.64.0/22
213.135.69.0-213.135.74.255
213.135.77.0/24
213.135.80.0-213.135.92.255
213.135.94.0/23
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.188.0/22
217.73.116.0/22
IPv6:
2a01:8a00::/32
2a02:bc8::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8641
24832
28809
34829
42484
56794
198602
198976
200955
Signature Algorithm: sha256WithRSAEncryption
70:aa:1a:f5:82:e0:39:e7:55:eb:b6:a2:a2:f6:52:4f:f7:5e:
aa:c1:76:39:52:04:86:89:90:3d:7c:b7:41:3c:dc:0a:48:41:
b2:a7:28:05:ec:cd:ff:98:d0:c4:7f:74:5a:1b:90:3e:6d:0d:
9d:46:b8:f4:74:52:25:91:22:aa:01:66:1a:74:0f:ce:5c:b6:
7e:49:d1:3a:09:19:ce:e4:59:e6:05:74:7b:4a:4d:d8:c0:0c:
2c:44:3e:73:53:cc:45:ac:1a:0b:d0:49:84:4d:bc:b8:9b:5e:
44:50:67:c3:6b:30:ac:5f:97:2d:32:5e:85:ad:ef:e6:d7:e5:
50:74:e2:56:71:e9:2d:2e:fe:1c:e4:31:4f:d7:f6:cf:86:e6:
f3:a2:d4:b6:1f:b2:51:31:bd:e4:e3:34:c9:ad:00:3f:37:7a:
63:fd:55:06:ee:dd:b6:ac:25:17:03:f4:0f:d7:b5:80:5d:28:
3d:00:ed:a2:63:88:b0:f1:4a:28:b4:5d:28:2a:ff:b4:c5:fb:
41:e6:de:d3:d9:1e:c9:94:0f:ee:9f:cb:b4:ed:d9:2d:79:fa:
ea:c5:e6:b5:50:e8:14:8c:5c:6d:bd:88:66:b3:47:e9:65:fa:
ae:3f:e3:dc:cc:a4:00:d0:b9:8c:f1:2a:a1:30:75:7b:7f:fa:
8d:36:73:d4
-----BEGIN CERTIFICATE-----
MIIG/zCCBeegAwIBAgISAZl2gyuj0v4Abiwu9raZgP/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTIzMTIxODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjM4MTg1NTRhNTE4MDhlZWZiODI5ZWM3NDY1YTMyMjJmMjcwMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9go7zaag+Ezhhzmhu3vUNaSwKe9
RJ48bxoSsRKtPwVtUT5yJlF17VEeb46aKhb/IOZpNXulJCjIl321mrxIgxaOsnqv
2UoPCUwDD/rEz/xV9lhwAwB+zFoRKZFKtxW6T9fPQ05GuMbHTRn6PvyIwvyKD5hL
O5Lv0aFBQmkIq12Dxd1ge4v16E1SSpQk4IQwscv0L/7CZcV3sNf/wMPK4ET7hs8Z
U4qWo5XgBohcrVt8jmwjcDK42iGJdFe1idFItVM7/u9ZLMdJs82L+4Xy9hZdqa0f
S7wdeuBdTnnPGjt47PNCWikVER1lni1Am/AgHvtHhagxA/JphmGNFu5ppQIDAQAB
o4IECzCCBAcwHQYDVR0OBBYEFI84GFVKUYCO77gp7HRloyIvJwEjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2LzA5ZGJh
NC0xYzkzLTQ5ZDYtODg4OC1iZmI0YmEzMGU0NWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvMDlkYmE0
LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8xL2p6Z1lWVXBSZ0k3dnVDbnNk
R1dqSWk4bkFTTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBYwYIKwYB
BQUHAQcBAf8EggFSMIIBTjCCATQEAgABMIIBLAMEA01JGAMEBU1eoAMEAk1fFDAM
AwQEURqQAwQCURqYAwQAURqdAwQCURwAAwQCVC+AMAwDBAFUL4YDBABUL4gwDAME
AlQvjAMEAVQvkDAMAwQAVC+TAwQBVC+YMAwDBAJUL5wDBAFUL6QwDAMEA1QvqAME
AFQvsjAMAwQAVC+1AwQDVC+wAwQBVC+6AwQBVC++AwQDVVtgAwQCVVtwMAwDBAFV
W3YDBABVW3oDBABbxbcDBABb48YDBAFb9PADBAC5amsDBAK5ehwDBADBaQsDBAHB
pMIDBALVh0AwDAMEANWHRQMEANWHSgMEANWHTTAMAwQE1YdQAwQA1YdcAwQB1Yde
MAwDBAXV0KADBADV0KowDAMEAtXQrAMEANXQuAMEAtXQvAMEAtlJdDAUBAIAAjAO
AwUAKgGKAAMFAyoCC8gwPwYIKwYBBQUHAQgBAf8EMDAuoCwwKgICIcECAmEAAgJw
iQIDAIgNAgMApfQCAwDd2gIDAwfKAgMDCUACAwMQ+zANBgkqhkiG9w0BAQsFAAOC
AQEAcKoa9YLgOedV67aiovZST/deqsF2OVIEhomQPXy3QTzcCkhBsqcoBezN/5jQ
xH90WhuQPm0NnUa49HRSJZEiqgFmGnQPzly2fknROgkZzuRZ5gV0e0pN2MAMLEQ+
c1PMRawaC9BJhE28uJteRFBnw2swrF+XLTJeha3v5tflUHTiVnHpLS7+HOQxT9f2
z4bm86LUth+yUTG95OM0ya0APzd6Y/1VBu7dtqwlFwP0D9e1gF0oPQDtomOIsPFK
KLRdKCr/tMX7Qebe09keyZQP7p/LtO3ZLXn66sXmtVDoFIxcbb2IZrNH6WX6rj/j
3MykANC5jPEqoTB1e3/6jTZz1A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 10:41:11 2025 by rpki-client