Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
File: FYi9izG5XpysnzgSjZW4UvA9V4Q.cer (raw, json)
Hash identifier: LXfuEwjBQ5Upyr2Ela3L5eEfvI3mmMMkHyxcGAK94nw=
Subject key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196FC90C1F7B639549C65E9E913267B8B67
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 23 May 2025 09:54:27 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29164
AS: 43082
IP: 5.187.16.0/20
IP: 31.24.32.0/21
IP: 45.66.68.0/22
IP: 77.246.160.0/20
IP: 84.22.160.0/19
IP: 85.232.32.0/19
IP: 89.207.168.0/21
IP: 91.199.151.0/24
IP: 91.207.220.0/23
IP: 91.215.180.0/22
IP: 95.129.104.0/21
IP: 130.180.200.0/21
IP: 130.185.144.0/21
IP: 185.34.252.0/22
IP: 185.91.76.0/22
IP: 185.92.252.0/22
IP: 185.181.124.0/22
IP: 185.227.60.0/22
IP: 185.245.116.0/22
IP: 194.1.150.0/24
IP: 195.177.192.0/23
IP: 212.38.160.0/19
IP: 217.77.176.0/20
IP: 2a02:8c8::/32
IP: 2a02:17e0::/32
IP: 2a03:4160::/32
IP: 2a0d:31c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:90:c1:f7:b6:39:54:9c:65:e9:e9:13:26:7b:8b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 23 09:54:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:7c:7a:95:97:8a:bd:f9:01:8a:80:ae:de:
1b:11:25:4f:e1:40:62:bf:00:c2:e9:10:1b:45:32:
7b:3c:a0:9d:3e:91:82:76:e0:a1:25:ec:aa:a1:f8:
ab:65:dd:ef:34:e1:48:80:02:3c:49:ab:48:67:9f:
e1:a8:bd:72:87:bd:46:cc:90:bf:bf:2b:56:30:68:
8f:19:13:70:c2:ef:77:18:9d:cc:d1:dd:c5:c3:96:
e9:89:7a:db:7c:f7:46:20:c9:b7:c5:ff:33:89:cf:
56:dd:3d:53:2e:fe:9b:fd:9f:db:a6:77:b0:56:48:
e5:e5:94:9c:69:9f:ae:3e:d6:c1:da:ea:2b:16:90:
bc:84:62:ab:ff:5e:05:09:b2:c5:4b:8f:51:1f:ee:
04:49:6b:5f:2c:03:41:45:73:6b:fd:76:4f:77:81:
7d:61:c6:4f:5d:49:11:11:ce:90:7f:b4:66:ce:41:
aa:32:8f:a0:1d:08:12:57:38:69:72:20:45:e8:6c:
d8:32:e1:13:17:d2:92:56:f2:34:8b:02:2d:eb:af:
5d:00:fe:36:db:b2:39:fb:93:1a:1e:c8:32:6d:b2:
56:f6:a9:2d:10:38:5f:45:16:ea:d0:e1:0e:38:d9:
37:41:54:c3:03:12:48:1b:e4:df:45:1d:ba:6e:93:
5f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.16.0/20
31.24.32.0/21
45.66.68.0/22
77.246.160.0/20
84.22.160.0/19
85.232.32.0/19
89.207.168.0/21
91.199.151.0/24
91.207.220.0/23
91.215.180.0/22
95.129.104.0/21
130.180.200.0/21
130.185.144.0/21
185.34.252.0/22
185.91.76.0/22
185.92.252.0/22
185.181.124.0/22
185.227.60.0/22
185.245.116.0/22
194.1.150.0/24
195.177.192.0/23
212.38.160.0/19
217.77.176.0/20
IPv6:
2a02:8c8::/32
2a02:17e0::/32
2a03:4160::/32
2a0d:31c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29164
43082
Signature Algorithm: sha256WithRSAEncryption
1f:84:dd:d6:19:e9:49:c3:cb:d1:f8:1a:5f:fb:31:cf:db:76:
89:78:0c:d0:87:b5:7d:77:55:88:a2:b1:af:2a:98:fb:3d:7e:
10:b6:28:55:cb:a0:96:bb:02:5f:fc:a4:20:c4:52:04:cc:27:
2d:59:c9:1a:3a:53:79:0b:03:32:dc:dd:bf:8f:ad:0c:0e:18:
28:2a:af:6b:27:f9:39:92:7b:44:c7:7c:0c:55:94:bf:2e:03:
70:bb:0f:6e:cb:ca:d0:9d:9f:04:b0:8a:01:46:3c:bb:7a:55:
46:18:d0:3b:30:95:3b:5a:a4:88:69:a7:36:db:59:86:be:9c:
17:16:ca:29:de:78:e9:4c:e1:09:18:9f:0f:02:68:26:df:19:
3d:d1:dd:e8:2d:9a:91:ff:31:40:8a:7e:66:d8:5f:d4:d8:f2:
65:87:b6:28:4a:24:f3:90:1a:5b:66:c1:d2:bd:61:72:e3:21:
88:2f:c8:c5:20:8f:26:11:ef:15:48:ce:68:3d:f2:98:54:46:
ad:f6:3f:59:f4:23:b9:39:7c:8e:e1:9c:43:b1:f4:6b:5b:83:
97:a5:cc:05:d8:e3:f0:df:c2:3e:d5:ac:ae:14:d4:52:5b:c5:
5e:71:5c:e0:1c:9b:08:77:f5:56:0b:a5:36:66:64:ad:cf:17:
80:01:3e:51
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAZb8kMH3tjlUnGXp6RMme4tnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTIzMDk1NDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTg4YmQ4YjMxYjk1ZTljYWM5ZjM4MTI4ZDk1Yjg1MmYwM2Q1Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX98epWXir35AYqArt4bESVP4UBi
vwDC6RAbRTJ7PKCdPpGCduChJeyqofirZd3vNOFIgAI8SatIZ5/hqL1yh71GzJC/
vytWMGiPGRNwwu93GJ3M0d3Fw5bpiXrbfPdGIMm3xf8zic9W3T1TLv6b/Z/bpnew
Vkjl5ZScaZ+uPtbB2uorFpC8hGKr/14FCbLFS49RH+4ESWtfLANBRXNr/XZPd4F9
YcZPXUkREc6Qf7RmzkGqMo+gHQgSVzhpciBF6GzYMuETF9KSVvI0iwIt669dAP42
27I5+5MaHsgybbJW9qktEDhfRRbq0OEOONk3QVTDAxJIG+TfRR26bpNftwIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFBWIvYsxuV6crJ84Eo2VuFLwPVeEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwL2QxYWEy
ZS1iODE5LTQyMWMtODQ1Ni1iNWFlODM5ZjMwZTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvZDFhYTJl
LWI4MTktNDIxYy04NDU2LWI1YWU4MzlmMzBlMi8xL0ZZaTlpekc1WHB5c256Z1Nq
Wlc0VXZBOVY0US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHLBggrBgEF
BQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAQFuxADBAMfGCADBAItQkQDBARN9qAD
BAVUFqADBAVV6CADBANZz6gDBABbx5cDBAFbz9wDBAJb17QDBANfgWgDBAOCtMgD
BAOCuZADBAK5IvwDBAK5W0wDBAK5XPwDBAK5tXwDBAK54zwDBAK59XQDBADCAZYD
BAHDscADBAXUJqADBATZTbAwIgQCAAIwHAMFACoCCMgDBQAqAhfgAwUAKgNBYAMF
AyoNMcAwHgYIKwYBBQUHAQgBAf8EDzANoAswCQICcewCAwCoSjANBgkqhkiG9w0B
AQsFAAOCAQEAH4Td1hnpScPL0fgaX/sxz9t2iXgM0Ie1fXdViKKxryqY+z1+ELYo
VcuglrsCX/ykIMRSBMwnLVnJGjpTeQsDMtzdv4+tDA4YKCqvayf5OZJ7RMd8DFWU
vy4DcLsPbsvK0J2fBLCKAUY8u3pVRhjQOzCVO1qkiGmnNttZhr6cFxbKKd546Uzh
CRifDwJoJt8ZPdHd6C2akf8xQIp+Zthf1NjyZYe2KEok85AaW2bB0r1hcuMhiC/I
xSCPJhHvFUjOaD3ymFRGrfY/WfQjuTl8juGcQ7H0a1uDl6XMBdjj8N/CPtWsrhTU
UlvFXnFc4BybCHf1VgulNmZkrc8XgAE+UQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 20:04:31 2025 by rpki-client