Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
File: _SYdRTGeg3UYdDbaRL9bmtsESn8.cer (raw, json)
Hash identifier: TNopWuFOWCy7YtrRR1JwehSJWX/haDbomYRV0ykw3Wo=
Subject key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01985BE1DF3DD04D4379E4201869EE6EF9B1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 30 Jul 2025 15:09:46 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8758
AS: 20560
AS: 207733
IP: 31.24.8.0/21
IP: 37.46.144.0/22
IP: 77.74.96.0/21
IP: 80.89.208.0/20
IP: 83.150.0.0/18
IP: 84.254.80.0 -- 84.254.111.255
IP: 87.239.200.0/21
IP: 88.218.24.0/22
IP: 91.84.64.0/19
IP: 95.143.48.0/20
IP: 109.70.112.0/21
IP: 125.3.64.0/19
IP: 145.40.192.0/19
IP: 155.2.224.0/19
IP: 157.143.0.0/17
IP: 178.22.104.0/21
IP: 178.250.130.0/23
IP: 178.250.134.0/23
IP: 185.109.164.0/22
IP: 185.160.244.0/22
IP: 185.203.132.0/22
IP: 194.31.128.0/23
IP: 194.50.34.0/24
IP: 194.246.118.0/23
IP: 212.25.0.0/19
IP: 217.22.128.0/20
IP: 217.71.240.0/20
IP: 217.150.224.0/20
IP: 2001:8e0::/29
IP: 2a00:10c0::/32
IP: 2a01:bd00::/32
IP: 2a0c:bd40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:e1:df:3d:d0:4d:43:79:e4:20:18:69:ee:6e:f9:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 30 15:09:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:76:2a:fc:d7:6d:5c:e6:03:2c:b3:cf:83:45:
5c:46:4c:db:25:0c:5a:f5:c5:9f:1f:a6:5d:88:9c:
66:c1:e8:6a:23:6f:dc:77:09:a0:40:14:8b:b3:3a:
cd:44:76:56:b6:22:9a:9a:83:45:11:27:ac:23:32:
bf:ec:34:54:dc:ce:01:c1:32:fe:b0:93:bf:6e:8f:
2d:47:27:f5:b7:22:94:7c:88:f8:b5:2d:13:ff:60:
08:bf:9f:00:1a:d3:7e:87:2c:1e:85:08:e9:03:eb:
38:c2:d2:d5:26:99:99:df:20:e3:e7:f6:cb:dd:6f:
45:2a:1c:f5:89:20:69:18:55:54:15:aa:78:74:87:
7e:39:02:56:68:c7:e2:c0:c9:61:bf:f3:30:56:08:
58:c4:d7:47:b4:da:5f:57:3f:b0:a3:55:c3:e8:27:
75:37:ff:58:05:e5:a0:e4:8b:d6:f2:b4:9e:8c:6d:
2d:9e:9a:fb:54:ee:e4:1f:c1:97:cb:1b:51:3c:e5:
d9:a2:ab:71:fb:a3:6e:af:1d:59:6c:5b:47:a4:47:
64:62:5c:31:0b:4c:63:20:e2:a8:04:a7:85:62:7d:
84:62:f4:78:b2:a5:db:d0:4d:6c:0d:43:73:96:b2:
90:fe:be:0c:f9:73:86:aa:80:dc:36:b9:87:c4:79:
b5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
91.84.64.0/19
95.143.48.0/20
109.70.112.0/21
125.3.64.0/19
145.40.192.0/19
155.2.224.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
178.250.134.0/23
185.109.164.0/22
185.160.244.0/22
185.203.132.0/22
194.31.128.0/23
194.50.34.0/24
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
2a0c:bd40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8758
20560
207733
Signature Algorithm: sha256WithRSAEncryption
11:97:b1:96:8c:40:0e:f6:11:20:bf:a5:51:15:03:0a:f6:d6:
8f:5b:27:66:ad:ac:0a:f3:b0:14:b5:51:c5:1e:67:e3:03:d5:
1d:22:9c:dc:11:91:75:c5:c5:eb:0c:73:c5:2c:b2:05:80:7b:
88:62:be:b2:68:93:23:ac:d4:71:ec:74:22:07:89:51:d8:19:
8f:8a:af:78:58:5b:56:3f:27:c6:a5:a2:7d:d6:a1:7e:32:2c:
70:53:74:66:9e:01:3c:d8:7a:72:98:f5:68:7a:75:48:e2:db:
6a:8f:99:64:7f:b5:fd:22:94:bb:54:cd:52:44:80:8d:0f:f3:
ad:6a:a6:fd:3f:7d:ed:62:c7:fc:03:a6:c9:51:b4:65:0a:d9:
3b:55:2c:0c:e9:9f:da:25:a9:01:54:ff:ae:54:b9:98:6c:aa:
b1:99:5e:f0:be:3a:49:cd:75:a9:21:0b:63:b3:7a:3c:c3:ed:
5a:41:78:ed:7f:92:08:c0:c9:7d:52:fd:de:36:0b:b2:57:4c:
e3:0c:64:79:d7:e1:e6:a6:0f:4f:bd:c8:7f:b8:12:bf:c9:36:
4e:a2:ff:1f:5c:3b:fd:11:66:d8:1b:6f:82:89:f3:46:e4:d4:
48:28:e8:7b:db:fc:8f:f3:21:15:e5:76:42:87:db:13:52:33:
55:5f:4b:54
-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgISAZhb4d890E1DeeQgGGnubvmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzMwMTUwOTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDI2MWQ0NTMxOWU4Mzc1MTg3NDM2ZGE0NGJmNWI5YWRiMDQ0YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HYq/NdtXOYDLLPPg0VcRkzbJQxa
9cWfH6ZdiJxmwehqI2/cdwmgQBSLszrNRHZWtiKamoNFESesIzK/7DRU3M4BwTL+
sJO/bo8tRyf1tyKUfIj4tS0T/2AIv58AGtN+hywehQjpA+s4wtLVJpmZ3yDj5/bL
3W9FKhz1iSBpGFVUFap4dId+OQJWaMfiwMlhv/MwVghYxNdHtNpfVz+wo1XD6Cd1
N/9YBeWg5IvW8rSejG0tnpr7VO7kH8GXyxtRPOXZoqtx+6Nurx1ZbFtHpEdkYlwx
C0xjIOKoBKeFYn2EYvR4sqXb0E1sDUNzlrKQ/r4M+XOGqoDcNrmHxHm1TQIDAQAB
o4IDezCCA3cwHQYDVR0OBBYEFP0mHUUxnoN1GHQ22kS/W5rbBEp/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIxLzU4MmIx
Ny1mNDZmLTQxZWItOGZkNC1lYjUwOTNiMjMxYzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEvNTgyYjE3
LWY0NmYtNDFlYi04ZmQ0LWViNTA5M2IyMzFjMS8xL19TWWRSVEdlZzNVWWREYmFS
TDlibXRzRVNuOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHxBggrBgEF
BQcBBwEB/wSB4TCB3jCBtwQCAAEwgbADBAMfGAgDBAIlLpADBANNSmADBARQWdAD
BAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAMEAljaGAMEBVtUQAMEBF+PMAMEA21G
cAMEBX0DQAMEBZEowAMEBZsC4AMEB52PAAMEA7IWaAMEAbL6ggMEAbL6hgMEArlt
pAMEArmg9AMEArnLhAMEAcIfgAMEAMIyIgMEAcL2dgMEBdQZAAMEBNkWgAMEBNlH
8AMEBNmW4DAiBAIAAjAcAwUDIAEI4AMFACoAEMADBQAqAb0AAwUDKgy9QDAiBggr
BgEFBQcBCAEB/wQTMBGgDzANAgIiNgICUFACAwMrdTANBgkqhkiG9w0BAQsFAAOC
AQEAEZexloxADvYRIL+lURUDCvbWj1snZq2sCvOwFLVRxR5n4wPVHSKc3BGRdcXF
6wxzxSyyBYB7iGK+smiTI6zUcex0IgeJUdgZj4qveFhbVj8nxqWifdahfjIscFN0
Zp4BPNh6cpj1aHp1SOLbao+ZZH+1/SKUu1TNUkSAjQ/zrWqm/T997WLH/AOmyVG0
ZQrZO1UsDOmf2iWpAVT/rlS5mGyqsZle8L46Sc11qSELY7N6PMPtWkF47X+SCMDJ
fVL93jYLsldM4wxkedfh5qYPT73If7gSv8k2TqL/H1w7/RFm2BtvgonzRuTUSCjo
e9v8j/MhFeV2QofbE1IzVV9LVA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:51:40 2025 by rpki-client