Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
File: JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer (raw, json)
Hash identifier: Ipv79CZq7zolwCXFGuz+sUvEBMFbawEJI1MM5kAyLs4=
Subject key identifier: 24:87:19:43:4B:6E:3B:60:7F:64:7B:B0:D5:8A:81:DC:1E:BF:DD:4D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7BA34C15E2F6D518BE40D45CE4FC3718
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 22:17:38 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 12879
AS: 43859
AS: 44113
AS: 60388
AS: 197292
IP: 185.31.108.0/22
IP: 212.73.96.0/19
IP: 2a00:b4a0::/32
IP: 2a01:70c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a3:4c:15:e2:f6:d5:18:be:40:d4:5c:e4:fc:37:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:17:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=248719434b6e3b607f647bb0d58a81dc1ebfdd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:eb:77:ec:89:df:5b:d2:1a:24:86:c7:89:
76:92:31:ba:c2:18:ac:14:06:2e:d8:0b:c9:78:ff:
0d:e5:77:0b:34:ae:ab:1f:3f:65:58:d3:68:0f:9a:
bc:3b:51:19:fe:cb:c2:83:a3:8c:39:c8:5c:96:8c:
a8:95:6c:f1:3e:ef:f2:5e:56:2b:2b:0f:3b:00:a8:
08:af:5c:31:45:68:e5:88:b9:2b:1c:73:ea:58:51:
02:be:ed:64:4c:d8:cc:e6:52:df:9c:f0:5a:f1:97:
6e:61:55:53:f7:50:fb:a5:10:e8:14:63:a7:a1:c7:
35:51:83:a0:9e:5b:b2:e1:67:37:0d:a6:5f:b2:4e:
6e:ef:f2:bf:74:1c:fa:33:4f:fc:9c:2d:64:62:9a:
71:bc:14:56:b2:54:16:5a:4d:fa:7c:6c:e4:4f:09:
e5:a1:7c:17:83:c2:94:44:7d:97:81:01:39:e6:ff:
7e:19:ea:05:7e:7b:c4:ca:60:e0:2c:c1:99:cc:e2:
9c:1f:ff:76:7b:49:49:c2:b9:b6:f4:04:3b:3b:c0:
c0:a5:bb:c2:b1:7a:39:b8:27:e2:6b:cf:4f:f5:49:
f0:02:57:78:d1:bc:71:4a:48:38:bd:a3:24:cf:5e:
85:69:18:94:f3:5f:44:40:88:f0:4f:a5:ee:01:36:
97:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:87:19:43:4B:6E:3B:60:7F:64:7B:B0:D5:8A:81:DC:1E:BF:DD:4D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.108.0/22
212.73.96.0/19
IPv6:
2a00:b4a0::/32
2a01:70c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12879
43859
44113
60388
197292
Signature Algorithm: sha256WithRSAEncryption
3c:4b:07:ca:30:35:01:d1:50:e7:0e:2b:23:39:2c:cc:73:e8:
3d:e1:65:8c:66:ad:44:3e:8a:f9:8d:0f:e1:38:7c:15:e0:1e:
38:71:d9:11:c6:44:48:01:0f:85:0f:ed:69:62:85:10:e7:31:
cc:6d:29:60:cf:d4:30:35:af:51:e3:06:3c:f2:9e:01:b6:8f:
3c:fa:d3:6e:3b:e3:b5:20:45:1f:37:76:a2:5d:1c:af:04:7d:
7e:11:d3:df:cc:15:00:95:c0:6c:9b:da:1e:92:6b:73:15:9d:
68:16:a9:54:29:f0:56:eb:0a:e7:68:3a:cb:19:92:1a:09:56:
54:c5:d6:90:8b:0a:47:9a:0f:21:42:c4:ec:ba:90:88:fa:18:
8f:cb:b7:9d:07:85:8c:85:36:7d:04:a8:aa:84:68:64:2f:2c:
c2:c5:e0:93:b4:9e:5c:9b:99:7b:2e:88:c6:d6:99:69:e1:a9:
fc:35:69:58:1c:53:83:b7:d1:db:b8:ee:49:7a:a0:21:4a:ff:
93:56:11:fa:57:0e:af:72:52:36:1e:cf:f6:e2:ac:0f:2e:36:
62:58:71:72:3d:a2:52:56:34:4a:96:f0:2a:da:83:1e:ce:44:
9f:b6:a7:72:4f:55:4c:4e:8f:09:b7:a5:59:13:6e:04:5a:1b:
1e:1d:4c:7d
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZt7o0wV4vbVGL5A1Fzk/DcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg3MTk0MzRiNmUzYjYwN2Y2NDdiYjBkNThhODFkYzFlYmZkZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/jrd+yJ31vSGiSGx4l2kjG6whis
FAYu2AvJeP8N5XcLNK6rHz9lWNNoD5q8O1EZ/svCg6OMOchcloyolWzxPu/yXlYr
Kw87AKgIr1wxRWjliLkrHHPqWFECvu1kTNjM5lLfnPBa8ZduYVVT91D7pRDoFGOn
occ1UYOgnluy4Wc3DaZfsk5u7/K/dBz6M0/8nC1kYppxvBRWslQWWk36fGzkTwnl
oXwXg8KURH2XgQE55v9+GeoFfnvEymDgLMGZzOKcH/92e0lJwrm29AQ7O8DApbvC
sXo5uCfia89P9UnwAld40bxxSkg4vaMkz16FaRiU819EQIjwT6XuATaX2wIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFCSHGUNLbjtgf2R7sNWKgdwev91NMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0LzcwZWI3
YS0xYWU0LTRiYmUtOGNlMC1mMzAyOGFlYTk5NzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvNzBlYjdh
LTFhZTQtNGJiZS04Y2UwLWYzMDI4YWVhOTk3Ny8xL0pJY1pRMHR1TzJCX1pIdXcx
WXFCM0I2XzNVMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUF
BwEHAQH/BCwwKjASBAIAATAMAwQCuR9sAwQF1ElgMBQEAgACMA4DBQAqALSgAwUA
KgFwwDAtBggrBgEFBQcBCAEB/wQeMBygGjAYAgIyTwIDAKtTAgMArFECAwDr5AID
AwKsMA0GCSqGSIb3DQEBCwUAA4IBAQA8SwfKMDUB0VDnDisjOSzMc+g94WWMZq1E
Por5jQ/hOHwV4B44cdkRxkRIAQ+FD+1pYoUQ5zHMbSlgz9QwNa9R4wY88p4Bto88
+tNuO+O1IEUfN3aiXRyvBH1+EdPfzBUAlcBsm9oekmtzFZ1oFqlUKfBW6wrnaDrL
GZIaCVZUxdaQiwpHmg8hQsTsupCI+hiPy7edB4WMhTZ9BKiqhGhkLyzCxeCTtJ5c
m5l7LojG1plp4an8NWlYHFODt9HbuO5JeqAhSv+TVhH6Vw6vclI2Hs/24qwPLjZi
WHFyPaJSVjRKlvAq2oMezkSftqdyT1VMTo8Jt6VZE24EWhseHUx9
-----END CERTIFICATE-----
Generated at Tue Mar 3 02:54:58 2026 by rpki-client