Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/o3CyP1wNuomxV_gcnDgQlRGLep8.cer
File: o3CyP1wNuomxV_gcnDgQlRGLep8.cer (raw, json)
Hash identifier: 18aNlLZjRyfhG3tLbEVtb3scxxVqg1M0pcwRYkEYIzI=
Subject key identifier: A3:70:B2:3F:5C:0D:BA:89:B1:57:F8:1C:9C:38:10:95:11:8B:7A:9F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01988426313DF54DE45206FCA2CDE13B2D5A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/o3CyP1wNuomxV_gcnDgQlRGLep8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 07 Aug 2025 10:49:12 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44500
IP: 185.75.136.0/22
IP: 185.203.44.0/22
IP: 2a03:43a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:26:31:3d:f5:4d:e4:52:06:fc:a2:cd:e1:3b:2d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 7 10:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a370b23f5c0dba89b157f81c9c381095118b7a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:91:03:d6:4c:7d:97:32:c7:e5:4a:cb:f5:e8:
25:7e:a2:68:e3:f5:b3:f7:ec:83:e9:10:fb:ba:a6:
0c:b6:f4:e3:e1:c5:c3:9d:30:27:35:8f:84:bf:0d:
bb:50:4f:1e:14:ea:bf:7e:df:9d:6f:65:c1:8a:9a:
29:f4:75:fd:d5:d1:d4:67:ba:18:96:43:3c:ea:ac:
ae:c3:07:bb:e6:4d:2d:9f:e8:59:22:cf:10:1a:18:
b4:c4:8a:a6:2c:87:cf:54:b1:e2:0d:4d:f6:ac:80:
82:c5:01:de:a6:d3:f8:6a:e9:10:89:9f:dc:e0:7b:
6d:15:79:2d:d8:19:88:49:f0:70:ef:ab:84:85:ca:
f5:c1:de:e8:72:82:4c:a6:67:80:6c:23:18:8a:56:
41:65:f3:d3:a7:6f:b8:d9:77:05:15:d9:c6:bf:db:
c1:0a:0d:f2:7a:cc:13:07:02:1c:0d:b2:b3:4a:fc:
13:1d:68:e6:7c:10:51:19:57:36:d9:0f:c4:03:56:
e0:c6:7b:00:e6:c5:e6:91:05:97:e7:ff:4c:1d:1e:
cd:6f:75:9c:db:54:96:51:e3:99:c8:27:9e:64:91:
e9:f6:36:a9:fe:0a:b9:f6:27:c7:f1:7e:00:c3:d1:
bf:ee:56:d6:42:84:a9:ba:69:6c:12:d1:4a:fa:7c:
25:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:70:B2:3F:5C:0D:BA:89:B1:57:F8:1C:9C:38:10:95:11:8B:7A:9F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/o3CyP1wNuomxV_gcnDgQlRGLep8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.136.0/22
185.203.44.0/22
IPv6:
2a03:43a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44500
Signature Algorithm: sha256WithRSAEncryption
67:97:dd:8a:c3:10:e1:6d:77:0d:8d:5f:0b:1e:ce:5d:15:95:
a3:8a:d7:22:61:87:a3:7f:3b:5d:0d:83:24:43:ed:36:be:04:
94:1f:51:62:4c:59:07:f7:56:ba:90:76:de:6d:f1:6f:b7:ef:
5e:96:40:87:a4:98:6b:af:3a:39:b0:f7:a8:7f:9d:bf:d6:0a:
d6:d4:13:8a:e5:e0:b5:59:a5:19:4a:27:06:0b:3c:5b:ff:c3:
76:46:91:2a:0c:d8:82:79:36:c2:db:07:d3:bd:2b:a6:ca:c7:
03:12:3d:ae:05:73:9e:6e:19:8e:49:5f:19:97:dd:0b:6d:fe:
66:34:fb:df:18:4d:63:15:80:3b:28:a2:4a:4b:69:a1:cf:89:
c2:61:c0:89:a0:0f:f5:6e:18:7b:6a:26:45:c4:00:b4:fb:5d:
7d:a7:89:30:97:53:3f:f8:ef:76:2d:7c:56:7a:56:0f:dc:18:
a2:f1:d2:12:7a:b1:86:41:eb:4f:f3:eb:c1:27:65:f1:fd:7a:
24:c0:ac:c2:87:01:46:ee:f4:20:ad:77:c7:78:f5:04:9d:14:
60:6f:c2:e5:b9:55:fc:e4:78:ec:49:c8:f0:af:72:20:8f:90:
34:ab:10:cf:d3:0f:dc:b6:40:13:ec:23:d1:53:52:94:8a:12:
b8:a9:85:db
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZiEJjE99U3kUgb8os3hOy1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODA3MTA0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcwYjIzZjVjMGRiYTg5YjE1N2Y4MWM5YzM4MTA5NTExOGI3YTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZED1kx9lzLH5UrL9eglfqJo4/Wz
9+yD6RD7uqYMtvTj4cXDnTAnNY+Evw27UE8eFOq/ft+db2XBipop9HX91dHUZ7oY
lkM86qyuwwe75k0tn+hZIs8QGhi0xIqmLIfPVLHiDU32rICCxQHeptP4aukQiZ/c
4HttFXkt2BmISfBw76uEhcr1wd7ocoJMpmeAbCMYilZBZfPTp2+42XcFFdnGv9vB
Cg3yeswTBwIcDbKzSvwTHWjmfBBRGVc22Q/EA1bgxnsA5sXmkQWX5/9MHR7Nb3Wc
21SWUeOZyCeeZJHp9jap/gq59ifH8X4Aw9G/7lbWQoSpumlsEtFK+nwllQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFKNwsj9cDbqJsVf4HJw4EJURi3qfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdiLzMxNTRi
NC01YmQ0LTRhYzktYjBjOC0xYjI1YWU0MjI5ZGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvMzE1NGI0
LTViZDQtNGFjOS1iMGM4LTFiMjVhZTQyMjlkYi8xL28zQ3lQMXdOdW9teFZfZ2Nu
RGdRbFJHTGVwOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuUuIAwQCucssMA0EAgACMAcDBQAqA0OgMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCt1DANBgkqhkiG9w0BAQsFAAOCAQEAZ5fd
isMQ4W13DY1fCx7OXRWVo4rXImGHo387XQ2DJEPtNr4ElB9RYkxZB/dWupB23m3x
b7fvXpZAh6SYa686ObD3qH+dv9YK1tQTiuXgtVmlGUonBgs8W//DdkaRKgzYgnk2
wtsH070rpsrHAxI9rgVznm4ZjklfGZfdC23+ZjT73xhNYxWAOyiiSktpoc+JwmHA
iaAP9W4Ye2omRcQAtPtdfaeJMJdTP/jvdi18VnpWD9wYovHSEnqxhkHrT/PrwSdl
8f16JMCswocBRu70IK13x3j1BJ0UYG/C5blV/OR47EnI8K9yII+QNKsQz9MP3LZA
E+wj0VNSlIoSuKmF2w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:17:48 2025 by rpki-client