Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/q1wa2N15IqRaLMdIHv4B3UMwBsI.cer
File: q1wa2N15IqRaLMdIHv4B3UMwBsI.cer (raw, json)
Hash identifier: ljf43d5Zb/BEomxXjMh8qUjUAT2Kiie2erhrMWAztT8=
Subject key identifier: AB:5C:1A:D8:DD:79:22:A4:5A:2C:C7:48:1E:FE:01:DD:43:30:06:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0198ACF86250666837E66B6D99B3187270A7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/q1wa2N15IqRaLMdIHv4B3UMwBsI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 15 Aug 2025 09:03:35 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 81.92.200.0 -- 81.92.215.255
IP: 85.199.216.0/21
IP: 193.108.244.0/22
IP: 217.138.8.0/23
IP: 217.138.12.0/23
IP: 217.138.15.0 -- 217.138.52.255
IP: 217.138.54.0 -- 217.138.70.255
IP: 217.138.72.0/21
IP: 217.138.81.0 -- 217.138.83.255
IP: 217.138.85.0 -- 217.138.88.255
IP: 217.138.90.0 -- 217.138.93.255
IP: 217.138.95.0 -- 217.138.103.255
IP: 217.138.106.0 -- 217.138.110.255
IP: 217.138.112.0 -- 217.138.132.255
IP: 217.138.136.0/21
IP: 217.138.145.0 -- 217.138.154.255
IP: 217.138.156.0 -- 217.138.161.255
IP: 217.138.163.0 -- 217.138.191.255
IP: 217.138.224.0 -- 217.138.251.255
IP: 2a0a:c200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:f8:62:50:66:68:37:e6:6b:6d:99:b3:18:72:70:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 15 09:03:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab5c1ad8dd7922a45a2cc7481efe01dd433006c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4a:3b:51:b1:35:e6:61:6f:33:83:70:b3:6b:
99:ba:52:ba:76:f0:2d:55:6f:ce:e7:5a:48:4f:f0:
7e:db:1b:9c:6b:66:2f:52:44:33:f9:c9:8c:e4:17:
88:5e:3e:b3:cb:34:f6:68:b3:45:15:09:41:13:df:
56:8f:1e:06:cc:d9:28:c4:fb:10:35:c8:13:8f:1e:
8e:d1:8f:25:df:29:0b:44:f4:4a:f4:00:87:03:97:
10:1f:6c:7f:51:1f:6b:da:83:38:77:7d:3d:b8:1d:
d0:f8:b6:27:db:6b:95:67:9b:c6:ba:0e:30:4a:92:
c5:92:a0:52:ad:3b:51:b5:eb:c3:3a:f1:3f:31:b1:
94:1d:42:59:03:d4:07:2a:29:0c:51:65:c5:d3:99:
98:1f:8b:e6:98:19:7d:4c:0e:9c:5d:b1:0e:9f:7a:
53:c9:be:35:58:8b:7c:39:bd:e1:1d:5b:ca:b8:fa:
c8:2f:de:45:b6:d6:af:a5:b7:23:81:18:de:c3:f1:
d1:da:df:fa:9d:11:a0:2a:7d:4d:9f:27:f8:ea:52:
fd:2d:44:24:fe:cd:82:e2:9c:b3:fc:43:86:c7:ef:
3e:a8:90:27:33:63:8d:37:b3:09:48:e6:d5:b4:06:
75:e3:5d:09:d7:14:e4:ec:8f:76:6a:0f:c2:7b:40:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5C:1A:D8:DD:79:22:A4:5A:2C:C7:48:1E:FE:01:DD:43:30:06:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9e99bf-2d89-4401-bc9f-cba8c8a5453e/1/q1wa2N15IqRaLMdIHv4B3UMwBsI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.200.0-81.92.215.255
85.199.216.0/21
193.108.244.0/22
217.138.8.0/23
217.138.12.0/23
217.138.15.0-217.138.52.255
217.138.54.0-217.138.70.255
217.138.72.0/21
217.138.81.0-217.138.83.255
217.138.85.0-217.138.88.255
217.138.90.0-217.138.93.255
217.138.95.0-217.138.103.255
217.138.106.0-217.138.110.255
217.138.112.0-217.138.132.255
217.138.136.0/21
217.138.145.0-217.138.154.255
217.138.156.0-217.138.161.255
217.138.163.0-217.138.191.255
217.138.224.0-217.138.251.255
IPv6:
2a0a:c200::/29
Signature Algorithm: sha256WithRSAEncryption
95:77:45:29:43:5b:47:3c:dd:2b:b6:02:87:97:bf:5b:b0:c2:
44:03:a5:fe:8f:f6:f9:d4:6b:4b:bc:00:63:6d:f1:8b:7e:57:
e2:c3:d3:d9:7b:ac:c3:06:f3:20:59:ae:e9:4d:b6:34:15:cd:
e3:0c:3a:88:f8:57:a3:fc:84:fd:10:59:7e:ae:6c:f8:62:71:
a3:00:b5:b4:b2:5f:36:4a:66:7f:e2:ab:e0:f7:97:4b:eb:f2:
a4:b4:ab:e0:1e:ed:ee:a9:85:56:4f:6e:e2:5b:10:80:7f:41:
46:b3:e8:85:cc:f6:df:c0:82:20:be:ed:1b:9b:93:43:1f:26:
a9:8f:7f:d2:07:ea:34:50:19:54:b4:a3:9d:6b:ff:37:d4:c5:
a8:b1:8e:35:a6:36:a6:48:b3:0c:78:02:72:53:22:95:ff:30:
b5:9e:7c:91:fd:b3:e1:41:84:3d:0f:3c:1c:ac:82:6c:d0:44:
5c:18:96:10:be:b7:74:d2:db:96:37:ff:a4:55:03:98:f7:8b:
76:a8:94:11:31:c8:6c:64:69:d3:56:93:59:3d:9b:c8:ca:21:
c9:8e:79:a7:56:60:9d:25:06:f4:51:8e:f5:58:41:e3:b6:dd:
7d:c8:6b:7a:e4:14:74:27:b8:54:59:35:00:78:33:f7:4b:1f:
50:e9:05:3f
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgISAZis+GJQZmg35mttmbMYcnCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODE1MDkwMzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVjMWFkOGRkNzkyMmE0NWEyY2M3NDgxZWZlMDFkZDQzMzAwNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Uo7UbE15mFvM4Nws2uZulK6dvAt
VW/O51pIT/B+2xuca2YvUkQz+cmM5BeIXj6zyzT2aLNFFQlBE99Wjx4GzNkoxPsQ
NcgTjx6O0Y8l3ykLRPRK9ACHA5cQH2x/UR9r2oM4d309uB3Q+LYn22uVZ5vGug4w
SpLFkqBSrTtRtevDOvE/MbGUHUJZA9QHKikMUWXF05mYH4vmmBl9TA6cXbEOn3pT
yb41WIt8Ob3hHVvKuPrIL95FttavpbcjgRjew/HR2t/6nRGgKn1Nnyf46lL9LUQk
/s2C4pyz/EOGx+8+qJAnM2ONN7MJSObVtAZ1410J1xTk7I92ag/Ce0BK9QIDAQAB
o4IDbTCCA2kwHQYDVR0OBBYEFKtcGtjdeSKkWizHSB7+Ad1DMAbCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZhLzllOTli
Zi0yZDg5LTQ0MDEtYmM5Zi1jYmE4YzhhNTQ1M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEvOWU5OWJm
LTJkODktNDQwMS1iYzlmLWNiYThjOGE1NDUzZS8xL3Exd2EyTjE1SXFSYUxNZElI
djRCM1VNd0JzSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBgYIKwYB
BQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaMAwDBANRXMgDBANRXNADBANVx9gDBALB
bPQDBAHZiggDBAHZigwwDAMEANmKDwMEANmKNDAMAwQB2Yo2AwQA2YpGAwQD2YpI
MAwDBADZilEDBALZilAwDAMEANmKVQMEANmKWDAMAwQB2YpaAwQB2YpcMAwDBADZ
il8DBAPZimAwDAMEAdmKagMEANmKbjAMAwQE2YpwAwQA2YqEAwQD2YqIMAwDBADZ
ipEDBADZipowDAMEAtmKnAMEAdmKoDAMAwQA2YqjAwQG2YqAMAwDBAXZiuADBALZ
ivgwDQQCAAIwBwMFAyoKwgAwDQYJKoZIhvcNAQELBQADggEBAJV3RSlDW0c83Su2
AoeXv1uwwkQDpf6P9vnUa0u8AGNt8Yt+V+LD09l7rMMG8yBZrulNtjQVzeMMOoj4
V6P8hP0QWX6ubPhicaMAtbSyXzZKZn/iq+D3l0vr8qS0q+Ae7e6phVZPbuJbEIB/
QUaz6IXM9t/AgiC+7Rubk0MfJqmPf9IH6jRQGVS0o51r/zfUxaixjjWmNqZIswx4
AnJTIpX/MLWefJH9s+FBhD0PPBysgmzQRFwYlhC+t3TS25Y3/6RVA5j3i3aolBEx
yGxkadNWk1k9m8jKIcmOeadWYJ0lBvRRjvVYQeO23X3Ia3rkFHQnuFRZNQB4M/dL
H1DpBT8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:34:44 2025 by rpki-client