Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/668NIPmOOiBVDJltdCkmiPDSJ50.cer
File: 668NIPmOOiBVDJltdCkmiPDSJ50.cer (raw, json)
Hash identifier: 2RiLGHalJzBLIEJFMmaN08mAm6vUIoNqyJBfRccgo5E=
Subject key identifier: EB:AF:0D:20:F9:8E:3A:20:55:0C:99:6D:74:29:26:88:F0:D2:27:9D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E4AD95ECE300CED8D4B2427DD9F6EE390
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 21 May 2026 14:03:40 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 64.83.0.0/18
IP: 64.90.0.0/19
IP: 64.178.96.0/19
IP: 189.24.64.0/18
IP: 189.105.64.0/18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4a:d9:5e:ce:30:0c:ed:8d:4b:24:27:dd:9f:6e:e3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 21 14:03:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ebaf0d20f98e3a20550c996d74292688f0d2279d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:c4:7c:99:f8:74:7f:d1:77:23:cb:be:7c:
b1:7f:94:8f:56:26:8c:f0:2f:e7:34:aa:91:05:ba:
25:62:be:61:5b:1e:0a:38:9b:e3:fc:78:e9:60:72:
2e:3d:ed:82:0d:21:a2:49:81:41:46:98:57:37:16:
c1:60:1f:d4:78:18:f5:9d:86:64:06:ed:94:fe:fd:
15:0d:b3:b7:64:28:4c:8b:fa:54:82:88:4e:81:02:
84:71:79:0a:8f:83:78:8c:26:d8:54:cf:af:92:5c:
45:ef:2e:19:82:ba:b2:b6:cc:36:1f:d7:ea:75:2d:
59:a3:e0:3b:5d:45:22:ce:9b:76:71:98:22:45:52:
a4:b7:67:0d:8d:e2:86:d8:e6:da:38:01:5f:65:30:
c5:8f:e1:a6:13:37:b8:f1:a2:3f:53:d4:0e:37:d7:
ee:b9:c2:7c:c1:ae:9a:53:2b:3e:8d:a7:85:fa:5e:
b5:37:ce:79:39:5f:a1:08:f1:a0:54:ca:81:07:c4:
fe:12:b7:9f:bb:69:9d:ce:f2:5a:81:b6:1c:a8:2b:
2e:58:2d:14:9b:b6:e1:aa:25:36:7e:9a:fc:c6:dd:
5f:c2:c8:ff:ec:71:6c:bb:79:b7:98:42:d9:c1:87:
49:55:32:37:de:62:78:98:e5:09:48:9a:2f:d8:b7:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AF:0D:20:F9:8E:3A:20:55:0C:99:6D:74:29:26:88:F0:D2:27:9D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.83.0.0/18
64.90.0.0/19
64.178.96.0/19
189.24.64.0/18
189.105.64.0/18
Signature Algorithm: sha256WithRSAEncryption
65:2f:5f:3d:6d:98:65:82:f6:77:d4:85:a1:78:84:38:c6:64:
f4:99:80:51:01:95:1f:01:2e:fe:ec:7e:37:4a:d5:71:e6:61:
8a:e1:57:06:e3:48:31:0d:14:12:48:61:5f:b5:53:fe:b5:10:
36:a5:2e:e4:5b:62:6e:02:bf:a8:a4:b2:78:15:3f:b8:f6:c4:
04:a4:55:01:59:0e:fc:f7:74:f8:e2:11:21:96:13:48:71:38:
6f:f7:2b:fb:91:cd:cb:cf:60:db:60:70:69:ff:5f:ec:be:3b:
2d:58:41:fa:f5:a1:cb:66:28:89:82:51:48:9b:58:6e:79:ae:
d0:2d:d5:c4:e2:0b:7a:8e:e0:ea:d7:14:0a:fd:75:22:dc:df:
f0:a5:06:ad:f3:83:08:34:a6:1a:d1:e1:15:c0:a9:27:58:1b:
a2:90:69:86:ea:23:0c:61:7b:e5:61:79:93:77:a8:f9:3f:77:
88:3b:3e:2d:ce:0a:9c:14:e3:d9:ea:f4:0d:85:f7:56:31:78:
0e:d8:95:86:8d:79:50:80:c7:b6:e2:5f:e7:12:37:ab:96:b1:
80:0b:52:c4:61:58:c7:bf:d8:44:ca:64:fe:69:13:2c:0b:ae:
fb:4c:4d:57:55:f4:0c:35:77:99:d6:fb:ce:7d:12:5c:8f:bd:
eb:75:3f:67
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZ5K2V7OMAztjUskJ92fbuOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTIxMTQwMzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmFmMGQyMGY5OGUzYTIwNTUwYzk5NmQ3NDI5MjY4OGYwZDIyNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtbEfJn4dH/RdyPLvnyxf5SPViaM
8C/nNKqRBbolYr5hWx4KOJvj/HjpYHIuPe2CDSGiSYFBRphXNxbBYB/UeBj1nYZk
Bu2U/v0VDbO3ZChMi/pUgohOgQKEcXkKj4N4jCbYVM+vklxF7y4Zgrqytsw2H9fq
dS1Zo+A7XUUizpt2cZgiRVKkt2cNjeKG2ObaOAFfZTDFj+GmEze48aI/U9QON9fu
ucJ8wa6aUys+jaeF+l61N855OV+hCPGgVMqBB8T+Erefu2mdzvJagbYcqCsuWC0U
m7bhqiU2fpr8xt1fwsj/7HFsu3m3mELZwYdJVTI33mJ4mOUJSJov2LekUwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFOuvDSD5jjogVQyZbXQpJojw0iedMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE0L2QwYmUw
Ni1lZjVmLTQ0MTgtYWYxYy0zMjA5MzYyODhlOTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQvZDBiZTA2
LWVmNWYtNDQxOC1hZjFjLTMyMDkzNjI4OGU5NS8xLzY2OE5JUG1PT2lCVkRKbHRk
Q2ttaVBEU0o1MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUF
BwEHAQH/BCgwJjAkBAIAATAeAwQGQFMAAwQFQFoAAwQFQLJgAwQGvRhAAwQGvWlA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlL189bZhlgvZ31IWheIQ4xmT0mYBRAZUfAS7+
7H43StVx5mGK4VcG40gxDRQSSGFftVP+tRA2pS7kW2JuAr+opLJ4FT+49sQEpFUB
WQ7893T44hEhlhNIcThv9yv7kc3Lz2DbYHBp/1/svjstWEH69aHLZiiJglFIm1hu
ea7QLdXE4gt6juDq1xQK/XUi3N/wpQat84MINKYa0eEVwKknWBuikGmG6iMMYXvl
YXmTd6j5P3eIOz4tzgqcFOPZ6vQNhfdWMXgO2JWGjXlQgMe24l/nEjerlrGAC1LE
YVjHv9hEymT+aRMsC677TE1XVfQMNXeZ1vvOfRJcj73rdT9n
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:22:51 2026 by rpki-client