Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
File: tATMDgOOsOaX7G565J0ChhRuDBo.cer (raw, json)
Hash identifier: GNksgtmNoevDgvxPilGFoOAiKOikFkypLvd524kVOKA=
Subject key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019995CCD7D94135414DA688A1CFAA2C6741
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 29 Sep 2025 14:07:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 58026
IP: 74.122.24.0/22
IP: 103.124.182.0/23
IP: 103.250.172.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:cc:d7:d9:41:35:41:4d:a6:88:a1:cf:aa:2c:67:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 29 14:07:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b9:3e:99:09:8a:81:e7:e8:7e:14:21:ca:0c:
6b:9b:85:eb:7c:b0:f2:b6:e7:d8:7a:4a:12:1c:b2:
d6:38:a3:66:a2:20:0e:a2:f0:5c:dc:68:b4:56:35:
01:4d:8d:db:d0:64:2c:23:06:5e:d7:fe:72:45:a6:
ca:d9:1b:00:6e:03:cc:1f:1b:7d:c5:92:cb:3f:c8:
f1:5a:19:c5:5d:e9:86:48:01:f1:4c:1d:a4:16:6f:
bc:64:19:34:25:5f:ed:23:92:72:b5:79:7e:a2:16:
4f:4d:19:70:15:77:9b:84:a2:20:d5:f9:33:e0:63:
85:e6:33:47:86:d3:1d:e8:84:69:e0:a1:71:cd:9a:
3f:85:94:f7:56:c1:fb:6a:a5:12:cb:2a:f9:36:39:
31:3f:d8:7b:b6:bb:3c:2a:9a:b2:29:97:93:74:9c:
92:30:f0:65:5c:32:5a:b4:b9:f4:e1:3a:35:91:03:
d6:f8:05:d0:0e:dc:19:94:8d:04:69:c8:77:82:f6:
d7:dc:2b:b3:11:65:a8:e1:82:e8:42:ce:bb:01:3a:
93:57:3b:c6:67:ab:6a:a1:71:34:ce:a3:62:72:31:
60:ac:82:43:d6:fc:5d:57:44:d4:09:aa:af:3c:35:
d7:c2:75:f6:f0:b5:4d:ac:7e:3f:1b:7d:04:88:fb:
67:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.122.24.0/22
103.124.182.0/23
103.250.172.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58026
Signature Algorithm: sha256WithRSAEncryption
71:17:f3:d6:e1:38:75:13:36:1d:df:c4:06:0b:29:ef:f4:a4:
55:e2:72:77:70:46:94:86:3c:61:3f:aa:a3:74:39:d5:c6:57:
4a:b5:ca:18:ae:4c:44:8b:be:b0:58:8f:ac:64:67:ad:27:2b:
76:15:db:40:fe:40:2a:c9:44:1c:90:b4:16:35:ac:39:8d:a0:
b8:51:a8:2c:98:d1:a0:be:ce:65:da:a1:b4:83:16:66:27:06:
8b:6b:3c:d8:7c:2a:d3:a5:47:af:2a:52:64:a4:61:c6:2c:18:
2d:ed:34:24:77:26:2c:7a:23:62:99:2c:53:58:8b:c9:16:40:
09:cf:1f:61:bb:14:75:56:c3:d7:30:f1:26:7f:9b:fc:3a:6e:
36:2e:10:4c:e8:26:55:3f:24:4d:64:64:f7:f4:b5:f2:82:cd:
da:de:0f:3e:53:6d:7a:f2:1f:b9:f3:c7:7a:aa:d2:03:41:42:
e0:50:62:cd:64:c9:d8:52:84:10:65:10:06:d9:f9:ed:a4:a5:
fa:00:9c:31:09:92:cc:6a:db:0e:6e:b5:85:23:5c:be:37:03:
88:8e:ed:a5:a6:31:a1:fb:a8:f1:07:36:fa:26:fc:37:b8:ac:
5b:60:a2:49:e3:dd:46:a9:ee:94:1f:9a:e2:57:4c:b0:e1:05:
3d:3b:83:f5
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZmVzNfZQTVBTaaIoc+qLGdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwOTI5MTQwNzMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDA0Y2MwZTAzOGViMGU2OTdlYzZlN2FlNDlkMDI4NjE0NmUwYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbk+mQmKgefofhQhygxrm4XrfLDy
tufYekoSHLLWOKNmoiAOovBc3Gi0VjUBTY3b0GQsIwZe1/5yRabK2RsAbgPMHxt9
xZLLP8jxWhnFXemGSAHxTB2kFm+8ZBk0JV/tI5JytXl+ohZPTRlwFXebhKIg1fkz
4GOF5jNHhtMd6IRp4KFxzZo/hZT3VsH7aqUSyyr5NjkxP9h7trs8KpqyKZeTdJyS
MPBlXDJatLn04To1kQPW+AXQDtwZlI0Each3gvbX3CuzEWWo4YLoQs67ATqTVzvG
Z6tqoXE0zqNicjFgrIJD1vxdV0TUCaqvPDXXwnX28LVNrH4/G30EiPtnHwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFLQEzA4DjrDml+xueuSdAoYUbgwaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4L2FiZTE2
Yi05MmNjLTQ4ZTMtYjViOS04NmEyZjA2N2I0ZTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvYWJlMTZi
LTkyY2MtNDhlMy1iNWI5LTg2YTJmMDY3YjRlOC8xL3RBVE1EZ09Pc09hWDdHNTY1
SjBDaGhSdURCby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQCSnoYAwQBZ3y2AwQCZ/qsMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwDiqjANBgkqhkiG9w0BAQsFAAOCAQEAcRfz1uE4dRM2Hd/E
Bgsp7/SkVeJyd3BGlIY8YT+qo3Q51cZXSrXKGK5MRIu+sFiPrGRnrScrdhXbQP5A
KslEHJC0FjWsOY2guFGoLJjRoL7OZdqhtIMWZicGi2s82Hwq06VHrypSZKRhxiwY
Le00JHcmLHojYpksU1iLyRZACc8fYbsUdVbD1zDxJn+b/DpuNi4QTOgmVT8kTWRk
9/S18oLN2t4PPlNtevIfufPHeqrSA0FC4FBizWTJ2FKEEGUQBtn57aSl+gCcMQmS
zGrbDm61hSNcvjcDiI7tpaYxofuo8Qc2+ib8N7isW2CiSePdRqnulB+a4ldMsOEF
PTuD9Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:40:11 2025 by rpki-client