Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lQRT7UhedocGF6Dk9GdRRMMZLLI.cer
File: lQRT7UhedocGF6Dk9GdRRMMZLLI.cer (raw, json)
Hash identifier: LBOFBC9+YodIjooLueQRbvNyHLbyMJZ9bAQ1lDA726I=
Subject key identifier: 95:04:53:ED:48:5E:76:87:06:17:A0:E4:F4:67:51:44:C3:19:2C:B2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E171569178516DCC9D15B657FEF0392D1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/lQRT7UhedocGF6Dk9GdRRMMZLLI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 11 May 2026 12:48:59 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 31.132.44.0/22
IP: 185.26.84.0/24
IP: 2a0d:9fc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:15:69:17:85:16:dc:c9:d1:5b:65:7f:ef:03:92:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 11 12:48:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=950453ed485e76870617a0e4f4675144c3192cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4d:c2:c9:b0:56:5a:a9:9c:02:f2:02:09:8c:
76:95:07:ca:2a:1d:14:c5:c3:6d:f9:68:09:88:85:
f4:16:44:8f:11:3a:fa:9d:2d:16:9d:d8:87:1b:3f:
92:dd:84:cb:8a:b0:3c:e6:10:ec:c4:74:e2:78:ad:
e9:9f:6a:3f:67:05:6b:ce:22:ac:c2:b8:c7:39:dd:
d7:e0:ff:a4:44:9c:0c:54:fd:c7:7c:8d:7c:5a:62:
a8:fd:e9:9b:f9:2b:f0:04:04:95:01:5f:01:35:6c:
32:30:b4:97:3b:d0:26:20:50:1f:88:35:09:47:cb:
34:db:47:a5:d2:bc:82:4d:bc:af:bd:e1:94:33:8f:
6a:d3:ac:54:05:93:74:90:5e:80:1e:e8:3a:68:ad:
30:03:79:a0:44:9c:ee:80:de:5b:08:f1:42:64:a8:
ee:e8:3a:86:56:8e:d4:4f:8c:94:63:d8:0f:9b:da:
30:8c:9b:e1:b8:aa:99:9c:b8:34:2b:c9:c1:b7:ec:
6d:36:99:99:22:46:a1:d2:66:86:6d:e2:23:65:d5:
11:c5:01:a1:e5:5d:16:93:75:98:29:65:ec:df:9a:
2b:5a:d8:f4:3d:d6:d0:75:f8:87:74:a6:e8:fa:fc:
d9:e1:cd:12:6d:1e:1a:90:ea:c1:c0:01:fc:cc:5a:
fc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:04:53:ED:48:5E:76:87:06:17:A0:E4:F4:67:51:44:C3:19:2C:B2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/lQRT7UhedocGF6Dk9GdRRMMZLLI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.44.0/22
185.26.84.0/24
IPv6:
2a0d:9fc0::/29
Signature Algorithm: sha256WithRSAEncryption
84:38:bc:f4:73:c2:46:60:31:b2:0a:c8:80:71:bd:21:7e:5e:
88:90:77:7c:1b:95:08:7f:4d:9d:4d:42:3b:ed:a5:50:ab:58:
fe:90:61:1e:94:3e:e3:78:b8:50:45:01:5b:2d:fb:de:e0:8b:
d8:fd:4c:b2:56:05:94:45:3d:8e:53:ab:b6:44:b6:b5:c3:1e:
b9:70:a3:89:23:9b:29:d4:3b:6e:1e:32:c1:f0:15:38:0f:54:
1f:e0:3e:30:68:11:2f:89:f2:b7:80:11:f4:e6:76:4e:0a:3e:
13:e5:a2:23:d6:30:50:6a:fd:a8:7b:50:79:e1:9f:91:67:37:
ef:be:5f:c4:0b:90:02:06:33:c6:05:a7:fd:42:53:85:10:25:
64:8c:f6:c6:23:bc:2b:72:70:b1:1e:68:9b:a8:97:ce:f9:16:
b8:86:ce:96:e5:7a:04:e1:2d:88:90:40:fb:e4:e3:d4:27:48:
21:2a:e5:76:de:df:d7:dc:39:d6:85:90:41:b2:ff:9b:0b:92:
60:a1:48:7e:1a:7f:5e:e8:b3:f2:d6:7c:97:6e:5e:b5:36:ac:
ac:cb:91:35:ca:f3:cd:be:e7:5c:64:d8:c4:c7:d9:f8:38:31:
f3:00:fa:88:c8:f6:ef:08:0f:f1:5c:7b:c8:c7:30:f4:6f:fd:
97:b7:f4:ca
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZ4XFWkXhRbcydFbZX/vA5LRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTExMTI0ODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA0NTNlZDQ4NWU3Njg3MDYxN2EwZTRmNDY3NTE0NGMzMTkyY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy03CybBWWqmcAvICCYx2lQfKKh0U
xcNt+WgJiIX0FkSPETr6nS0WndiHGz+S3YTLirA85hDsxHTieK3pn2o/ZwVrziKs
wrjHOd3X4P+kRJwMVP3HfI18WmKo/emb+SvwBASVAV8BNWwyMLSXO9AmIFAfiDUJ
R8s020el0ryCTbyvveGUM49q06xUBZN0kF6AHug6aK0wA3mgRJzugN5bCPFCZKju
6DqGVo7UT4yUY9gPm9owjJvhuKqZnLg0K8nBt+xtNpmZIkah0maGbeIjZdURxQGh
5V0Wk3WYKWXs35orWtj0PdbQdfiHdKbo+vzZ4c0SbR4akOrBwAH8zFr8aQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFJUEU+1IXnaHBheg5PRnUUTDGSyyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JlL2QyNmEx
Yy0xODcwLTQ4MjEtYmI4YS04NGY5NWQzM2UyYzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvZDI2YTFj
LTE4NzAtNDgyMS1iYjhhLTg0Zjk1ZDMzZTJjNi8xL2xRUlQ3VWhlZG9jR0Y2RGs5
R2RSUk1NWkxMSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCH4QsAwQAuRpUMA0EAgACMAcDBQMqDZ/AMA0G
CSqGSIb3DQEBCwUAA4IBAQCEOLz0c8JGYDGyCsiAcb0hfl6IkHd8G5UIf02dTUI7
7aVQq1j+kGEelD7jeLhQRQFbLfve4IvY/UyyVgWURT2OU6u2RLa1wx65cKOJI5sp
1DtuHjLB8BU4D1Qf4D4waBEvifK3gBH05nZOCj4T5aIj1jBQav2oe1B54Z+RZzfv
vl/EC5ACBjPGBaf9QlOFECVkjPbGI7wrcnCxHmibqJfO+Ra4hs6W5XoE4S2IkED7
5OPUJ0ghKuV23t/X3DnWhZBBsv+bC5JgoUh+Gn9e6LPy1nyXbl61Nqysy5E1yvPN
vudcZNjEx9n4ODHzAPqIyPbvCA/xXHvIxzD0b/2Xt/TK
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:48 2026 by rpki-client