Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.cer
File: rU-Hnz-XrYzXMZPYBp5JsBtrrd0.cer (raw, json)
Hash identifier: JX4hnX/XaeVb1ifeLlXmEhPa4VfSbPvdU6hEcRLgSFA=
Subject key identifier: AD:4F:87:9F:3F:97:AD:8C:D7:31:93:D8:06:9E:49:B0:1B:6B:AD:DD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01999AD7B2D269F15DB03606EC1066177871
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 30 Sep 2025 13:37:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 20648
IP: 62.164.181.0/24
IP: 62.164.185.0/24
IP: 149.126.8.0/23
IP: 185.75.176.0/23
IP: 185.81.168.0/24
IP: 185.81.170.0/24
IP: 192.109.40.0/23
IP: 193.239.197.0/24
IP: 194.46.42.0/24
IP: 194.46.47.0/24
IP: 194.164.218.0/24
IP: 217.180.57.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:d7:b2:d2:69:f1:5d:b0:36:06:ec:10:66:17:78:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 30 13:37:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad4f879f3f97ad8cd73193d8069e49b01b6baddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f2:0c:86:ae:f1:c2:35:e4:13:31:94:0f:24:
14:a0:aa:74:b1:7f:53:fe:40:19:d4:3e:c0:6a:4c:
a7:b0:23:21:aa:cb:ef:9b:20:c8:8a:7b:9e:5c:21:
ce:5d:02:30:56:77:82:52:39:b3:39:41:9b:5d:9c:
a2:da:61:3c:d0:15:fe:56:63:32:97:ac:be:0e:73:
38:e8:7f:76:be:0a:24:28:37:50:7b:f0:a1:f3:2d:
f1:6d:8a:50:30:d9:7c:9c:5f:fb:35:f3:3a:8a:cc:
bb:0f:d1:b7:d9:0d:3b:2d:94:ff:2a:cd:5d:53:d1:
fb:37:d1:c8:dc:fc:44:74:3d:41:85:8c:d1:2e:50:
14:e4:13:c7:31:b7:8c:f0:4a:60:25:fe:13:53:31:
45:bc:b6:d7:7b:54:d3:54:a2:ef:85:ea:2e:f1:3d:
03:63:2a:90:0c:e4:25:23:e1:79:11:6b:7e:4b:79:
f9:16:8a:24:15:72:83:2f:7a:d5:7a:22:38:6a:dc:
ff:3e:12:04:3d:1f:fe:07:05:1a:bc:67:1f:42:6c:
23:33:b6:60:d1:ad:6d:9b:74:53:a7:48:65:f6:2a:
55:25:19:53:45:25:2d:15:35:38:5e:ba:a5:a4:e3:
8b:59:a5:df:43:8f:7d:f7:71:c8:65:20:81:96:fb:
47:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4F:87:9F:3F:97:AD:8C:D7:31:93:D8:06:9E:49:B0:1B:6B:AD:DD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.181.0/24
62.164.185.0/24
149.126.8.0/23
185.75.176.0/23
185.81.168.0/24
185.81.170.0/24
192.109.40.0/23
193.239.197.0/24
194.46.42.0/24
194.46.47.0/24
194.164.218.0/24
217.180.57.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20648
Signature Algorithm: sha256WithRSAEncryption
68:11:17:8d:10:92:83:b1:41:b0:49:e6:74:d6:a8:42:41:06:
36:dd:cb:09:22:3e:70:f1:68:50:c5:3c:3b:aa:63:6e:73:b4:
e9:63:1a:dd:74:68:d3:6a:3a:51:48:dd:74:02:6b:fb:8b:fe:
e4:09:28:ea:4c:87:0d:7c:b3:90:69:18:f5:cb:a6:99:6b:64:
42:4f:c4:1c:94:bd:08:1a:1d:a9:65:6f:bd:78:f0:92:d5:e6:
07:08:76:4a:63:1d:2c:b7:88:5c:0f:96:4f:3a:95:6e:64:d2:
4c:2a:8a:23:42:9e:6d:f2:6a:51:c3:63:ee:8a:ff:7d:f5:4a:
19:9e:f9:da:ba:4a:bc:84:6f:fc:08:96:14:4e:53:8b:50:ff:
a0:82:c9:20:be:ad:40:e0:f2:09:42:39:0d:27:a5:69:67:3c:
d2:0b:93:c2:5c:c1:e5:5b:ed:8c:e4:b4:56:42:ca:9e:64:00:
8d:d2:73:db:50:56:a8:fe:38:27:49:f6:40:93:8e:9f:22:eb:
0f:c1:9a:2b:34:c9:4a:80:82:e8:86:96:16:28:89:43:f2:95:
31:69:8b:8e:3b:43:08:3f:a4:1b:16:48:38:1e:f4:d3:1d:60:
89:9b:b3:f5:03:7d:43:0d:e5:d8:37:44:8c:2d:3b:dd:b3:1c:
a2:f5:e9:87
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZma17LSafFdsDYG7BBmF3hxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTMwMTMzNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRmODc5ZjNmOTdhZDhjZDczMTkzZDgwNjllNDliMDFiNmJhZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPIMhq7xwjXkEzGUDyQUoKp0sX9T
/kAZ1D7AakynsCMhqsvvmyDIinueXCHOXQIwVneCUjmzOUGbXZyi2mE80BX+VmMy
l6y+DnM46H92vgokKDdQe/Ch8y3xbYpQMNl8nF/7NfM6isy7D9G32Q07LZT/Ks1d
U9H7N9HI3PxEdD1BhYzRLlAU5BPHMbeM8EpgJf4TUzFFvLbXe1TTVKLvheou8T0D
YyqQDOQlI+F5EWt+S3n5FookFXKDL3rVeiI4atz/PhIEPR/+BwUavGcfQmwjM7Zg
0a1tm3RTp0hl9ipVJRlTRSUtFTU4XrqlpOOLWaXfQ49993HIZSCBlvtHdQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFK1Ph58/l62M1zGT2AaeSbAba63dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3LzJmMTIw
Ny1lYTBhLTQ1MDctOWE1NC05NGVmMTk3MDczODIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMmYxMjA3
LWVhMGEtNDUwNy05YTU0LTk0ZWYxOTcwNzM4Mi8xL3JVLUhuei1Ycll6WE1aUFlC
cDVKc0J0cnJkMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUF
BwEHAQH/BFIwUDBOBAIAATBIAwQAPqS1AwQAPqS5AwQBlX4IAwQBuUuwAwQAuVGo
AwQAuVGqAwQBwG0oAwQAwe/FAwQAwi4qAwQAwi4vAwQAwqTaAwQA2bQ5MBkGCCsG
AQUFBwEIAQH/BAowCKAGMAQCAlCoMA0GCSqGSIb3DQEBCwUAA4IBAQBoEReNEJKD
sUGwSeZ01qhCQQY23csJIj5w8WhQxTw7qmNuc7TpYxrddGjTajpRSN10Amv7i/7k
CSjqTIcNfLOQaRj1y6aZa2RCT8QclL0IGh2pZW+9ePCS1eYHCHZKYx0st4hcD5ZP
OpVuZNJMKoojQp5t8mpRw2Puiv999UoZnvnaukq8hG/8CJYUTlOLUP+ggskgvq1A
4PIJQjkNJ6VpZzzSC5PCXMHlW+2M5LRWQsqeZACN0nPbUFao/jgnSfZAk46fIusP
wZorNMlKgILohpYWKIlD8pUxaYuOO0MIP6QbFkg4HvTTHWCJm7P1A31DDeXYN0SM
LTvdsxyi9emH
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:55:13 2025 by rpki-client