Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DXj57XHKOklrjVS5fxR5GNrbnFQ.cer
File: DXj57XHKOklrjVS5fxR5GNrbnFQ.cer (raw, json)
Hash identifier: oCS8RIVlTgkXYL/VLx8OlQdxZrhZdkQplrLF9BJq0L8=
Subject key identifier: 0D:78:F9:ED:71:CA:3A:49:6B:8D:54:B9:7F:14:79:18:DA:DB:9C:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019E2BA0BFB7288DD3439B0F373E76548A0F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/f7d0f0-a571-457c-9154-8e8675cb092f/1/DXj57XHKOklrjVS5fxR5GNrbnFQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/f7d0f0-a571-457c-9154-8e8675cb092f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 15 May 2026 12:33:35 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 149.232.240.0/23
IP: 164.40.239.0/24
IP: 2a14:9f00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:a0:bf:b7:28:8d:d3:43:9b:0f:37:3e:76:54:8a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 15 12:33:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d78f9ed71ca3a496b8d54b97f147918dadb9c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:15:b4:0f:53:63:a2:42:b0:ff:34:c9:6d:c3:
75:98:a0:ab:4a:c2:9f:7d:29:21:c3:fb:2e:40:83:
1d:5e:fc:5d:c2:81:af:a5:d0:bc:7e:ee:35:82:c0:
e7:ce:4f:d0:ff:d2:61:f9:cf:df:62:7e:d4:14:06:
6b:d4:00:12:5f:f0:fe:45:93:e0:92:43:6d:e1:23:
4e:dc:32:64:1c:34:18:f4:31:c3:e7:7b:a8:cd:27:
50:89:1b:dd:17:2a:26:c2:ec:29:b0:3c:82:c6:5f:
a9:9b:46:13:e2:e1:d5:ea:1a:2f:9e:89:87:f1:66:
a5:d3:9e:fd:be:82:32:6d:c9:ae:d8:79:3b:10:54:
6b:a6:98:8e:2f:ac:73:1e:03:7e:1e:da:19:8a:f4:
2a:31:ee:d7:1c:af:d0:e6:23:24:50:fe:bd:59:8a:
83:33:5e:ea:0c:dc:12:43:9a:d3:35:67:99:8a:49:
4b:7f:7c:36:38:c7:d5:07:73:08:8e:ad:f6:f4:69:
37:bf:c1:c8:7e:44:b9:cb:6e:f4:c3:ba:29:39:ee:
70:4e:e4:0a:2d:85:4c:53:4b:72:26:c4:67:77:ed:
fc:fb:62:f5:8f:2c:69:c8:f7:2c:d4:11:28:53:fa:
b4:85:5a:23:57:89:4e:3e:41:ce:0a:9f:bd:b6:2d:
cd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:78:F9:ED:71:CA:3A:49:6B:8D:54:B9:7F:14:79:18:DA:DB:9C:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f7d0f0-a571-457c-9154-8e8675cb092f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f7d0f0-a571-457c-9154-8e8675cb092f/1/DXj57XHKOklrjVS5fxR5GNrbnFQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.240.0/23
164.40.239.0/24
IPv6:
2a14:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
2b:76:4d:31:67:a9:0d:cf:87:68:a4:56:1c:b9:00:59:49:97:
40:a1:10:39:45:c7:1a:3c:c4:96:6d:75:d0:04:7c:34:41:6c:
d1:6e:94:3a:f4:d4:da:b3:46:1b:35:3c:de:ee:2a:73:09:b4:
0d:35:7c:f0:6f:c3:10:83:4f:37:3e:11:13:2e:ff:cc:6f:b4:
62:6c:e0:58:5e:c1:4c:c4:9f:38:6f:4e:44:b8:ff:86:cc:2f:
76:e3:3a:c9:2d:43:d6:e3:10:cb:c0:84:73:98:bb:94:fb:db:
bb:63:08:3c:31:3b:2f:25:d9:62:98:e6:27:b5:79:f4:2e:76:
ac:9b:19:4b:63:4f:a3:88:a0:58:61:ed:53:8e:8b:cc:ea:cb:
56:1f:ea:94:45:e4:31:0a:ec:43:ef:d7:cd:f1:5e:6c:2f:2b:
b1:3f:47:0a:d4:b3:d7:1c:d3:d2:15:c0:a4:26:42:df:15:26:
c3:8d:79:f8:ae:32:93:20:80:2e:6b:ae:b7:c5:37:97:46:64:
d6:f0:14:83:29:b2:43:27:35:0a:c0:b2:c5:ba:73:64:87:eb:
6d:96:2e:33:17:8a:b2:b9:72:30:d6:be:47:27:49:60:f9:50:
dd:52:9f:62:aa:cb:ef:f4:40:67:cc:9d:94:33:e3:1e:f4:7e:
c6:d2:a9:bf
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZ4roL+3KI3TQ5sPNz52VIoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTE1MTIzMzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc4ZjllZDcxY2EzYTQ5NmI4ZDU0Yjk3ZjE0NzkxOGRhZGI5YzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxW0D1NjokKw/zTJbcN1mKCrSsKf
fSkhw/suQIMdXvxdwoGvpdC8fu41gsDnzk/Q/9Jh+c/fYn7UFAZr1AASX/D+RZPg
kkNt4SNO3DJkHDQY9DHD53uozSdQiRvdFyomwuwpsDyCxl+pm0YT4uHV6hovnomH
8Wal0579voIybcmu2Hk7EFRrppiOL6xzHgN+HtoZivQqMe7XHK/Q5iMkUP69WYqD
M17qDNwSQ5rTNWeZiklLf3w2OMfVB3MIjq329Gk3v8HIfkS5y270w7opOe5wTuQK
LYVMU0tyJsRnd+38+2L1jyxpyPcs1BEoU/q0hVojV4lOPkHOCp+9ti3NBQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFA14+e1xyjpJa41UuX8UeRja25xUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2Y3ZDBm
MC1hNTcxLTQ1N2MtOTE1NC04ZTg2NzVjYjA5MmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvZjdkMGYw
LWE1NzEtNDU3Yy05MTU0LThlODY3NWNiMDkyZi8xL0RYajU3WEhLT2tscmpWUzVm
eFI1R05yYm5GUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBlejwAwQApCjvMA0EAgACMAcDBQMqFJ8AMA0G
CSqGSIb3DQEBCwUAA4IBAQArdk0xZ6kNz4dopFYcuQBZSZdAoRA5RccaPMSWbXXQ
BHw0QWzRbpQ69NTas0YbNTze7ipzCbQNNXzwb8MQg083PhETLv/Mb7RibOBYXsFM
xJ84b05EuP+GzC924zrJLUPW4xDLwIRzmLuU+9u7Ywg8MTsvJdlimOYntXn0Lnas
mxlLY0+jiKBYYe1TjovM6stWH+qUReQxCuxD79fN8V5sLyuxP0cK1LPXHNPSFcCk
JkLfFSbDjXn4rjKTIIAua663xTeXRmTW8BSDKbJDJzUKwLLFunNkh+ttli4zF4qy
uXIw1r5HJ0lg+VDdUp9iqsvv9EBnzJ2UM+Me9H7G0qm/
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:57:52 2026 by rpki-client