Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xEBsnAYTL85A7cBG4GmuNFK6aOM.cer
File: xEBsnAYTL85A7cBG4GmuNFK6aOM.cer (raw, json)
Hash identifier: /+cQ28drPu93uivL9dr3hjBiiT4spsmyGjzFZ6AJN18=
Subject key identifier: C4:40:6C:9C:06:13:2F:CE:40:ED:C0:46:E0:69:AE:34:52:BA:68:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019C9FBDCAB312EBB56AED2F17463EF57344
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/xEBsnAYTL85A7cBG4GmuNFK6aOM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 27 Feb 2026 15:35:41 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 51159
IP: 91.142.134.0/24
IP: 91.228.115.0/24
IP: 91.239.124.0/23
IP: 185.62.84.0/22
IP: 2a02:55c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:bd:ca:b3:12:eb:b5:6a:ed:2f:17:46:3e:f5:73:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 27 15:35:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c4406c9c06132fce40edc046e069ae3452ba68e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5c:df:d9:1d:cc:3d:88:18:ce:25:67:ba:14:
8b:2b:f0:18:5b:f4:5e:54:49:09:5e:14:9e:fd:ed:
58:e2:0a:e9:5b:ad:9d:3b:e4:e4:f6:66:31:80:e6:
ba:78:33:d5:75:4d:6d:1f:d0:73:b8:b7:4f:48:85:
5f:80:f7:49:ab:de:39:09:ac:68:4e:cd:df:01:75:
2d:6c:ce:ae:4c:33:6e:3a:05:86:fd:51:4d:ee:05:
77:86:24:ac:d7:d2:f0:ee:3c:07:70:bc:ff:9b:38:
6a:96:8d:b9:11:55:b3:cc:69:81:28:10:81:2d:5f:
2f:a6:c1:95:03:ff:89:f8:70:2c:2e:51:e4:d6:a3:
6b:3d:ae:ca:ed:07:d6:3c:3b:88:0a:df:25:e3:82:
3c:d4:86:b4:18:99:3b:97:9d:5a:eb:25:63:d6:3a:
39:4a:80:1e:0c:93:30:6a:f5:f2:54:2e:fb:1e:ff:
fc:6a:3e:c2:75:e8:a7:55:a0:7b:14:25:8f:37:0e:
66:6d:00:d9:cd:15:de:34:50:7f:e6:f2:d1:6e:6b:
03:e5:80:db:cc:f6:69:8e:34:8a:7d:42:44:7b:d2:
80:4a:7e:44:4e:67:3d:b7:b4:37:a8:a2:62:ea:65:
41:1b:fc:87:20:d6:9c:41:18:ae:61:1e:05:88:0c:
f5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:40:6C:9C:06:13:2F:CE:40:ED:C0:46:E0:69:AE:34:52:BA:68:E3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/xEBsnAYTL85A7cBG4GmuNFK6aOM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.134.0/24
91.228.115.0/24
91.239.124.0/23
185.62.84.0/22
IPv6:
2a02:55c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
51159
Signature Algorithm: sha256WithRSAEncryption
0d:4e:61:77:3f:95:86:72:c6:6d:a0:f1:4b:ca:6a:81:ee:a6:
27:24:db:48:4b:08:51:9c:65:e7:eb:64:ec:11:c6:d4:e5:28:
36:ed:12:17:21:27:52:c3:da:8d:45:9d:cd:4e:c1:22:14:f7:
5a:20:75:1c:f1:ad:10:6c:08:cb:0e:f9:e0:39:69:57:b3:b6:
2c:e9:72:9f:1a:7f:76:7f:5b:9a:14:77:43:df:94:61:76:ce:
22:b3:4d:1c:b8:c8:bf:10:e9:bd:54:2e:ab:ea:b7:ef:14:cc:
57:41:51:1d:2f:3f:bc:9e:8f:80:13:98:8d:dd:20:08:82:32:
70:ef:cd:2b:45:28:f9:8f:4e:24:9a:47:a4:29:c3:95:9e:c2:
fb:3f:39:56:d1:fc:4f:39:fc:02:0b:65:a0:53:22:ed:ea:d7:
3a:34:f4:3d:9e:84:a4:8d:25:b9:ca:65:79:8f:2f:af:e8:ce:
e3:ba:1d:2e:84:b3:2d:27:1c:e9:d7:08:58:2f:b3:40:13:6e:
4b:e8:78:32:49:cc:3c:5f:d0:e3:dd:80:31:57:00:e7:a8:e6:
51:62:b4:33:3d:90:c8:0b:b3:17:d9:55:e8:0f:6c:17:da:ae:
2b:e1:b7:0c:6f:06:25:04:89:f9:2d:32:6b:23:03:33:d6:c5:
e3:e1:97:e6
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZyfvcqzEuu1au0vF0Y+9XNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMjI3MTUzNTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQwNmM5YzA2MTMyZmNlNDBlZGMwNDZlMDY5YWUzNDUyYmE2OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1zf2R3MPYgYziVnuhSLK/AYW/Re
VEkJXhSe/e1Y4grpW62dO+Tk9mYxgOa6eDPVdU1tH9BzuLdPSIVfgPdJq945Caxo
Ts3fAXUtbM6uTDNuOgWG/VFN7gV3hiSs19Lw7jwHcLz/mzhqlo25EVWzzGmBKBCB
LV8vpsGVA/+J+HAsLlHk1qNrPa7K7QfWPDuICt8l44I81Ia0GJk7l51a6yVj1jo5
SoAeDJMwavXyVC77Hv/8aj7CdeinVaB7FCWPNw5mbQDZzRXeNFB/5vLRbmsD5YDb
zPZpjjSKfUJEe9KASn5ETmc9t7Q3qKJi6mVBG/yHINacQRiuYR4FiAz1CwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFMRAbJwGEy/OQO3ARuBprjRSumjjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0LzdlZWNk
OS1hNGM0LTQxYWEtYTZlYy00MmFjNjllNWU4ZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvN2VlY2Q5
LWE0YzQtNDFhYS1hNmVjLTQyYWM2OWU1ZThkYy8xL3hFQnNuQVlUTDg1QTdjQkc0
R211TkZLNmFPTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQAW46GAwQAW+RzAwQBW+98AwQCuT5UMA0EAgAC
MAcDBQAqAlXAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDH1zANBgkqhkiG9w0B
AQsFAAOCAQEADU5hdz+VhnLGbaDxS8pqge6mJyTbSEsIUZxl5+tk7BHG1OUoNu0S
FyEnUsPajUWdzU7BIhT3WiB1HPGtEGwIyw754DlpV7O2LOlynxp/dn9bmhR3Q9+U
YXbOIrNNHLjIvxDpvVQuq+q37xTMV0FRHS8/vJ6PgBOYjd0gCIIycO/NK0Uo+Y9O
JJpHpCnDlZ7C+z85VtH8Tzn8AgtloFMi7erXOjT0PZ6EpI0lucpleY8vr+jO47od
LoSzLScc6dcIWC+zQBNuS+h4MknMPF/Q492AMVcA56jmUWK0Mz2QyAuzF9lV6A9s
F9quK+G3DG8GJQSJ+S0yayMDM9bF4+GX5g==
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:41:37 2026 by rpki-client