Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sMnhFmeJWbipR4_Op8o8BgMQIWI.cer
File: sMnhFmeJWbipR4_Op8o8BgMQIWI.cer (raw, json)
Hash identifier: Mz4OZR18sutCQx56cpXEweqoaqjaBHrSMYh8mOQ8J+w=
Subject key identifier: B0:C9:E1:16:67:89:59:B8:A9:47:8F:CE:A7:CA:3C:06:03:10:21:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019DF8541CE6FB5E82EBF4B1391A1C8DF71B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/sMnhFmeJWbipR4_Op8o8BgMQIWI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 05 May 2026 13:29:15 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 2121
IP: 193.0.24.0/21
IP: 2001:67c:64::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:54:1c:e6:fb:5e:82:eb:f4:b1:39:1a:1c:8d:f7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 5 13:29:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0c9e116678959b8a9478fcea7ca3c0603102162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:1b:b6:5c:2f:73:4f:d5:25:89:7a:5a:5c:
42:71:67:57:30:59:a4:ea:33:c1:3f:7e:56:81:ad:
7c:5f:4e:59:7c:bc:b3:6c:53:d2:17:6b:92:12:7b:
27:48:0c:20:1d:03:11:19:bb:34:00:36:9d:5a:7b:
f9:7c:07:4c:d4:1f:e0:5c:f8:7a:c6:a3:16:49:0f:
2c:d0:1e:9c:a8:ae:88:93:6a:82:70:b3:aa:8c:24:
62:90:ac:a6:48:62:45:6a:f6:8b:fe:7d:42:98:7b:
ec:7f:c1:45:d4:66:03:cd:81:4c:db:53:6c:2a:a5:
6d:dd:54:37:00:00:b7:44:50:3a:32:b1:71:d6:93:
dc:ee:1b:08:dd:c3:73:32:ef:78:ee:f2:3a:48:e7:
2f:c6:f9:2b:21:87:f9:1a:ee:2d:e2:94:33:f0:73:
73:2d:99:16:6a:96:21:fc:1b:1a:e0:59:c6:a6:3a:
21:aa:25:12:cd:1a:85:56:00:b3:d4:f1:f8:c1:2d:
1a:e4:a3:3a:0d:2e:91:85:88:a4:5c:83:89:f1:6a:
ba:5c:47:61:b2:46:f1:42:41:90:ba:60:75:a2:bd:
77:6d:18:a9:f0:a5:fe:ad:9c:ac:17:a5:d5:30:85:
7f:c2:f4:e3:8b:cf:c5:00:e3:44:0a:5a:2b:e8:c7:
20:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C9:E1:16:67:89:59:B8:A9:47:8F:CE:A7:CA:3C:06:03:10:21:62
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/sMnhFmeJWbipR4_Op8o8BgMQIWI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
2121
Signature Algorithm: sha256WithRSAEncryption
44:f3:f2:34:b7:f1:16:61:bb:92:23:77:ad:c0:91:bf:eb:21:
c9:19:a3:8a:3d:5a:35:a9:a9:0a:c2:05:e4:cc:ad:6c:3e:67:
fb:b9:fd:7f:d1:4b:92:a4:7b:12:a6:6f:28:55:c5:e1:8c:31:
21:0a:32:77:8e:2c:ef:1b:f8:d3:c0:7e:b1:e8:83:22:9b:a6:
32:df:1c:34:df:46:71:f1:5a:99:2b:c6:78:3e:1e:67:b3:38:
18:cf:c2:89:78:76:6a:90:eb:5e:90:a8:e6:d8:42:73:c2:5b:
1c:97:19:00:29:52:0b:c8:06:72:32:dc:f2:4d:c2:e3:b2:96:
67:67:6f:b5:8c:fc:a9:ab:ac:e0:1a:7c:f0:2e:eb:c1:0b:09:
64:e5:2a:a5:ee:3f:5c:8a:a4:b7:25:eb:4e:e5:27:33:ee:36:
ee:ec:d6:aa:0a:10:c9:d1:66:4f:23:8b:f2:5c:6d:88:ab:94:
e1:4a:dc:95:6a:e6:c3:2f:3f:e1:21:17:bc:93:8d:e3:aa:ca:
c5:d3:a1:1b:ce:7e:9a:8f:00:f6:ee:55:35:e5:2c:a3:88:48:
a1:3b:ca:13:a0:e8:55:b8:73:55:70:3c:43:bb:8b:db:90:78:
63:0c:0e:e5:d5:68:09:64:17:7d:1b:54:79:c6:3b:bd:91:af:
59:2f:46:f0
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZ34VBzm+16C6/SxORocjfcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTA1MTMyOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM5ZTExNjY3ODk1OWI4YTk0NzhmY2VhN2NhM2MwNjAzMTAyMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBwbtlwvc0/VJYl6WlxCcWdXMFmk
6jPBP35Wga18X05ZfLyzbFPSF2uSEnsnSAwgHQMRGbs0ADadWnv5fAdM1B/gXPh6
xqMWSQ8s0B6cqK6Ik2qCcLOqjCRikKymSGJFavaL/n1CmHvsf8FF1GYDzYFM21Ns
KqVt3VQ3AAC3RFA6MrFx1pPc7hsI3cNzMu947vI6SOcvxvkrIYf5Gu4t4pQz8HNz
LZkWapYh/Bsa4FnGpjohqiUSzRqFVgCz1PH4wS0a5KM6DS6RhYikXIOJ8Wq6XEdh
skbxQkGQumB1or13bRip8KX+rZysF6XVMIV/wvTji8/FAONEClor6McgqwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFLDJ4RZniVm4qUePzqfKPAYDECFiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzY4YmYx
ZC02ZTUwLTQ5OTYtODJhZi0wYWM1ODFhNThjZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvNjhiZjFk
LTZlNTAtNDk5Ni04MmFmLTBhYzU4MWE1OGNkMS8xL3NNbmhGbWVKV2JpcFI0X09w
OG84QmdNUUlXSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8EAgACMAkDBwAgAQZ8AGQwGQYIKwYB
BQUHAQgBAf8ECjAIoAYwBAICCEkwDQYJKoZIhvcNAQELBQADggEBAETz8jS38RZh
u5Ijd63Akb/rIckZo4o9WjWpqQrCBeTMrWw+Z/u5/X/RS5KkexKmbyhVxeGMMSEK
MneOLO8b+NPAfrHogyKbpjLfHDTfRnHxWpkrxng+HmezOBjPwol4dmqQ616QqObY
QnPCWxyXGQApUgvIBnIy3PJNwuOylmdnb7WM/KmrrOAafPAu68ELCWTlKqXuP1yK
pLcl607lJzPuNu7s1qoKEMnRZk8ji/JcbYirlOFK3JVq5sMvP+EhF7yTjeOqysXT
oRvOfpqPAPbuVTXlLKOISKE7yhOg6FW4c1VwPEO7i9uQeGMMDuXVaAlkF30bVHnG
O72Rr1kvRvA=
-----END CERTIFICATE-----
Generated at Tue May 12 22:10:31 2026 by rpki-client