Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/q1wa2N15IqRaLMdIHv4B3UMwBsI.cer
File: q1wa2N15IqRaLMdIHv4B3UMwBsI.cer (raw, json)
Hash identifier: ZeUjrT9urGt+7cOxyOwNNObbZbfgE0CcxKoN1RTbc0Y=
Subject key identifier: AB:5C:1A:D8:DD:79:22:A4:5A:2C:C7:48:1E:FE:01:DD:43:30:06:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01977D94FA07AB59EFEA1D4A5D23589C0DF4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/q1wa2N15IqRaLMdIHv4B3UMwBsI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 17 Jun 2025 11:10:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 81.92.200.0 -- 81.92.215.255
IP: 85.199.216.0/21
IP: 193.108.244.0/22
IP: 217.138.0.0 -- 217.138.9.255
IP: 217.138.12.0/23
IP: 217.138.15.0 -- 217.138.52.255
IP: 217.138.54.0 -- 217.138.70.255
IP: 217.138.72.0/21
IP: 217.138.81.0 -- 217.138.83.255
IP: 217.138.85.0 -- 217.138.88.255
IP: 217.138.90.0 -- 217.138.93.255
IP: 217.138.95.0 -- 217.138.103.255
IP: 217.138.106.0 -- 217.138.110.255
IP: 217.138.112.0 -- 217.138.132.255
IP: 217.138.136.0/21
IP: 217.138.145.0 -- 217.138.154.255
IP: 217.138.156.0 -- 217.138.161.255
IP: 217.138.163.0 -- 217.138.191.255
IP: 217.138.224.0 -- 217.138.251.255
IP: 2a0a:c200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:94:fa:07:ab:59:ef:ea:1d:4a:5d:23:58:9c:0d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 17 11:10:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab5c1ad8dd7922a45a2cc7481efe01dd433006c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4a:3b:51:b1:35:e6:61:6f:33:83:70:b3:6b:
99:ba:52:ba:76:f0:2d:55:6f:ce:e7:5a:48:4f:f0:
7e:db:1b:9c:6b:66:2f:52:44:33:f9:c9:8c:e4:17:
88:5e:3e:b3:cb:34:f6:68:b3:45:15:09:41:13:df:
56:8f:1e:06:cc:d9:28:c4:fb:10:35:c8:13:8f:1e:
8e:d1:8f:25:df:29:0b:44:f4:4a:f4:00:87:03:97:
10:1f:6c:7f:51:1f:6b:da:83:38:77:7d:3d:b8:1d:
d0:f8:b6:27:db:6b:95:67:9b:c6:ba:0e:30:4a:92:
c5:92:a0:52:ad:3b:51:b5:eb:c3:3a:f1:3f:31:b1:
94:1d:42:59:03:d4:07:2a:29:0c:51:65:c5:d3:99:
98:1f:8b:e6:98:19:7d:4c:0e:9c:5d:b1:0e:9f:7a:
53:c9:be:35:58:8b:7c:39:bd:e1:1d:5b:ca:b8:fa:
c8:2f:de:45:b6:d6:af:a5:b7:23:81:18:de:c3:f1:
d1:da:df:fa:9d:11:a0:2a:7d:4d:9f:27:f8:ea:52:
fd:2d:44:24:fe:cd:82:e2:9c:b3:fc:43:86:c7:ef:
3e:a8:90:27:33:63:8d:37:b3:09:48:e6:d5:b4:06:
75:e3:5d:09:d7:14:e4:ec:8f:76:6a:0f:c2:7b:40:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5C:1A:D8:DD:79:22:A4:5A:2C:C7:48:1E:FE:01:DD:43:30:06:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/q1wa2N15IqRaLMdIHv4B3UMwBsI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.200.0-81.92.215.255
85.199.216.0/21
193.108.244.0/22
217.138.0.0-217.138.9.255
217.138.12.0/23
217.138.15.0-217.138.52.255
217.138.54.0-217.138.70.255
217.138.72.0/21
217.138.81.0-217.138.83.255
217.138.85.0-217.138.88.255
217.138.90.0-217.138.93.255
217.138.95.0-217.138.103.255
217.138.106.0-217.138.110.255
217.138.112.0-217.138.132.255
217.138.136.0/21
217.138.145.0-217.138.154.255
217.138.156.0-217.138.161.255
217.138.163.0-217.138.191.255
217.138.224.0-217.138.251.255
IPv6:
2a0a:c200::/29
Signature Algorithm: sha256WithRSAEncryption
57:dd:3d:6b:21:39:9b:ed:bc:93:e2:62:6c:c2:81:2f:50:b3:
98:92:de:87:a5:9a:de:20:74:06:d9:df:93:2b:cc:44:d6:fe:
34:d1:88:8f:46:42:34:17:77:59:d3:5d:8b:6a:c9:cd:9e:0d:
17:ac:a4:de:1f:96:28:91:17:88:45:65:42:c8:f5:e7:9a:2b:
61:fa:a4:d8:b8:ae:dd:f1:06:cd:8c:51:7a:ec:02:30:8f:d8:
1d:19:c0:33:36:af:e9:c0:f3:43:e3:ee:50:18:8c:53:64:b3:
01:e1:8e:14:83:64:fe:cf:c0:5b:93:be:38:4a:66:05:5d:03:
1e:65:89:50:e0:59:71:12:d6:c7:45:91:13:39:7f:cd:15:85:
a5:5d:4d:4e:61:91:0a:08:6e:5d:63:11:7b:bb:3d:66:bd:80:
b9:b3:66:79:1c:46:41:80:fe:4c:a4:fe:32:b7:16:14:42:d7:
e9:eb:de:93:a0:1b:e5:93:2f:34:75:51:97:ce:b5:70:12:1e:
d7:8f:36:b4:e0:7f:4a:30:72:48:57:9d:82:56:b8:21:af:c7:
9a:4d:2b:98:6b:99:4d:5f:95:b7:55:ee:0a:34:f3:e5:f1:ba:
22:ba:42:41:e1:5d:a1:bf:da:79:83:c0:59:20:36:ba:99:19:
5e:be:85:6e
-----BEGIN CERTIFICATE-----
MIIGaDCCBVCgAwIBAgISAZd9lPoHq1nv6h1KXSNYnA30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjE3MTExMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVjMWFkOGRkNzkyMmE0NWEyY2M3NDgxZWZlMDFkZDQzMzAwNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Uo7UbE15mFvM4Nws2uZulK6dvAt
VW/O51pIT/B+2xuca2YvUkQz+cmM5BeIXj6zyzT2aLNFFQlBE99Wjx4GzNkoxPsQ
NcgTjx6O0Y8l3ykLRPRK9ACHA5cQH2x/UR9r2oM4d309uB3Q+LYn22uVZ5vGug4w
SpLFkqBSrTtRtevDOvE/MbGUHUJZA9QHKikMUWXF05mYH4vmmBl9TA6cXbEOn3pT
yb41WIt8Ob3hHVvKuPrIL95FttavpbcjgRjew/HR2t/6nRGgKn1Nnyf46lL9LUQk
/s2C4pyz/EOGx+8+qJAnM2ONN7MJSObVtAZ1410J1xTk7I92ag/Ce0BK9QIDAQAB
o4IDdDCCA3AwHQYDVR0OBBYEFKtcGtjdeSKkWizHSB7+Ad1DMAbCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZhLzllOTli
Zi0yZDg5LTQ0MDEtYmM5Zi1jYmE4YzhhNTQ1M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEvOWU5OWJm
LTJkODktNDQwMS1iYzlmLWNiYThjOGE1NDUzZS8xL3Exd2EyTjE1SXFSYUxNZElI
djRCM1VNd0JzSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBDQYIKwYB
BQUHAQcBAf8Egf0wgfowgegEAgABMIHhMAwDBANRXMgDBANRXNADBANVx9gDBALB
bPQwCwMDAdmKAwQB2YoIAwQB2YoMMAwDBADZig8DBADZijQwDAMEAdmKNgMEANmK
RgMEA9mKSDAMAwQA2YpRAwQC2YpQMAwDBADZilUDBADZilgwDAMEAdmKWgMEAdmK
XDAMAwQA2YpfAwQD2YpgMAwDBAHZimoDBADZim4wDAMEBNmKcAMEANmKhAMEA9mK
iDAMAwQA2YqRAwQA2YqaMAwDBALZipwDBAHZiqAwDAMEANmKowMEBtmKgDAMAwQF
2YrgAwQC2Yr4MA0EAgACMAcDBQMqCsIAMA0GCSqGSIb3DQEBCwUAA4IBAQBX3T1r
ITmb7byT4mJswoEvULOYkt6HpZreIHQG2d+TK8xE1v400YiPRkI0F3dZ012LasnN
ng0XrKTeH5YokReIRWVCyPXnmith+qTYuK7d8QbNjFF67AIwj9gdGcAzNq/pwPND
4+5QGIxTZLMB4Y4Ug2T+z8Bbk744SmYFXQMeZYlQ4FlxEtbHRZETOX/NFYWlXU1O
YZEKCG5dYxF7uz1mvYC5s2Z5HEZBgP5MpP4ytxYUQtfp696ToBvlky80dVGXzrVw
Eh7Xjza04H9KMHJIV52CVrghr8eaTSuYa5lNX5W3Ve4KNPPl8boiukJB4V2hv9p5
g8BZIDa6mRlevoVu
-----END CERTIFICATE-----
Generated at Sat Jun 28 18:04:53 2025 by rpki-client