Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.cer
File: 1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.cer (raw, json)
Hash identifier: EAlRsqof0exrC5NAR81d3+IcV8fz0FI4UXBgYQrzaHU=
Subject key identifier: F8:79:BA:A8:9E:21:41:33:CC:F6:46:0F:24:20:6A:D2:C8:66:70:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B78A34C7BC68F9F2A592C4102B89EE251
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 08:18:46 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 44772
IP: 185.129.56.0/22
IP: 195.28.14.0/23
IP: 2a04:8c00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a3:4c:7b:c6:8f:9f:2a:59:2c:41:02:b8:9e:e2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:18:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f879baa89e214133ccf6460f24206ad2c86670eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cc:c4:f7:32:3f:62:e6:14:d1:87:26:eb:5c:
5e:d8:c6:5c:b2:bc:20:66:a0:e5:cf:14:3e:df:d5:
0b:e0:cc:c2:36:37:aa:8a:f2:cb:d7:ac:b5:e9:cc:
68:43:9c:c6:51:b9:19:28:61:1a:7c:cd:02:45:c2:
ad:5b:29:ee:03:75:38:ef:81:36:fd:e7:15:bf:5e:
96:e3:b9:d9:96:bd:d9:b7:19:13:a1:6f:2d:e0:cf:
a5:15:81:e1:19:84:a7:95:17:17:eb:16:c3:12:17:
6e:45:61:33:c1:11:6e:fb:66:f0:43:33:19:d3:ee:
fa:60:d8:21:50:3b:9c:10:e6:d5:1a:0b:1f:82:1d:
fe:c5:70:7c:75:d5:85:f4:18:4a:28:b3:f5:a6:20:
a6:13:c3:4e:34:05:79:05:be:66:4b:c9:7f:aa:da:
8d:89:59:4c:0d:aa:18:37:fe:e9:97:d4:4b:97:19:
22:2c:e9:70:04:37:28:33:71:08:ac:89:81:6a:60:
68:f7:bd:9d:4a:85:f1:3f:9d:c9:58:52:ec:67:c4:
66:26:be:61:cd:9e:23:0a:79:fd:10:a3:30:8f:2e:
c7:45:7f:21:c3:45:20:81:2f:bd:7e:a2:95:a1:f9:
9a:3b:2a:29:1f:4a:13:42:99:fb:3f:f2:57:4f:d9:
d6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:79:BA:A8:9E:21:41:33:CC:F6:46:0F:24:20:6A:D2:C8:66:70:EB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.56.0/22
195.28.14.0/23
IPv6:
2a04:8c00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44772
Signature Algorithm: sha256WithRSAEncryption
a8:04:78:d3:76:d3:b7:84:cc:f7:13:25:46:86:14:8b:38:fe:
70:cf:30:a9:65:6c:87:47:10:79:7b:14:78:1e:ff:a1:14:db:
3b:a4:39:1e:12:3e:bd:94:d2:c2:f2:63:a5:57:81:c8:41:be:
96:be:dd:e7:17:3c:ef:3e:f6:66:cc:d0:b6:92:7f:f7:77:da:
27:98:7a:f9:2b:0d:4e:e6:5e:ab:f0:a3:5c:f1:81:88:54:59:
2d:f9:47:83:84:7f:75:3a:94:3f:d7:ad:64:94:99:96:3c:3a:
e7:1c:9b:82:31:5d:ba:4e:fd:30:f6:5a:58:90:98:dd:df:4c:
c0:53:89:9f:f3:1e:ea:ef:37:49:d6:c7:cb:6e:e7:07:a8:f8:
0b:36:c9:62:b5:a3:91:d1:28:2f:46:23:d6:68:36:1b:47:f1:
11:f2:2f:12:f0:05:e4:cf:c2:1a:b9:48:45:8a:26:6f:25:36:
7b:ac:42:d4:9a:57:d7:dc:9a:84:59:10:10:f9:6b:0c:7f:66:
8f:6e:bf:18:bb:32:51:3c:7a:be:7b:a3:d4:34:eb:5c:bc:de:
08:a7:d2:a8:f0:2a:aa:fd:48:f6:1f:56:3f:2d:a1:b1:d9:5d:
2c:d0:c7:70:51:4c:d8:28:eb:64:0b:29:ac:04:6b:49:5c:e9:
df:ab:c0:ac
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZt4o0x7xo+fKlksQQK4nuJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODc5YmFhODllMjE0MTMzY2NmNjQ2MGYyNDIwNmFkMmM4NjY3MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8zE9zI/YuYU0Ycm61xe2MZcsrwg
ZqDlzxQ+39UL4MzCNjeqivLL16y16cxoQ5zGUbkZKGEafM0CRcKtWynuA3U474E2
/ecVv16W47nZlr3ZtxkToW8t4M+lFYHhGYSnlRcX6xbDEhduRWEzwRFu+2bwQzMZ
0+76YNghUDucEObVGgsfgh3+xXB8ddWF9BhKKLP1piCmE8NONAV5Bb5mS8l/qtqN
iVlMDaoYN/7pl9RLlxkiLOlwBDcoM3EIrImBamBo972dSoXxP53JWFLsZ8RmJr5h
zZ4jCnn9EKMwjy7HRX8hw0UggS+9fqKVofmaOyopH0oTQpn7P/JXT9nWiwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFPh5uqieIUEzzPZGDyQgatLIZnDrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzRjZWZh
Yi00Nzc1LTQyNTgtYjk3MS00ZmNmODRjODViNjMvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvNGNlZmFi
LTQ3NzUtNDI1OC1iOTcxLTRmY2Y4NGM4NWI2My8xLzEtSG02cUo0aFFUUE05a1lQ
SkNCcTBzaG1jT3MubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEF
BQcBBwEB/wQlMCMwEgQCAAEwDAMEArmBOAMEAcMcDjANBAIAAjAHAwUDKgSMADAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAruQwDQYJKoZIhvcNAQELBQADggEBAKgE
eNN207eEzPcTJUaGFIs4/nDPMKllbIdHEHl7FHge/6EU2zukOR4SPr2U0sLyY6VX
gchBvpa+3ecXPO8+9mbM0LaSf/d32ieYevkrDU7mXqvwo1zxgYhUWS35R4OEf3U6
lD/XrWSUmZY8Ouccm4IxXbpO/TD2WliQmN3fTMBTiZ/zHurvN0nWx8tu5weo+As2
yWK1o5HRKC9GI9ZoNhtH8RHyLxLwBeTPwhq5SEWKJm8lNnusQtSaV9fcmoRZEBD5
awx/Zo9uvxi7MlE8er57o9Q061y83gin0qjwKqr9SPYfVj8tobHZXSzQx3BRTNgo
62QLKawEa0lc6d+rwKw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:51:08 2026 by rpki-client