Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer
File: kOphmXVeYwDwQCwqCO1DegpzAB4.cer (raw, json)
Hash identifier: NGBwzo2k9pJXlz2xiiUdOHdgfKA34ohW/WhQE1hYYGY=
Subject key identifier: 90:EA:61:99:75:5E:63:00:F0:40:2C:2A:08:ED:43:7A:0A:73:00:1E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7CECBD66064B921BAA1F60B0E8CF7850
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 04:17:28 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 94.127.16.0/21
IP: 109.68.216.0/21
IP: 2a00:1b28::/32
Validation: Failed, certificate revoked on Fri 09 Jan 2026 07:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ec:bd:66:06:4b:92:1b:aa:1f:60:b0:e8:cf:78:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:17:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90ea6199755e6300f0402c2a08ed437a0a73001e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:27:e6:c0:50:24:19:4d:fe:c9:b1:8b:8a:3f:
5f:45:69:19:f5:37:8d:2b:7c:60:e7:2a:f7:43:93:
3b:a3:02:fd:4c:2b:43:01:88:58:5c:18:78:c4:6f:
d2:f7:d9:4c:5b:b1:4d:e3:dc:ec:f2:43:91:f9:df:
b3:dd:54:9f:24:53:0c:36:5f:6a:c0:7a:91:58:52:
ac:3c:04:0f:88:63:fc:43:79:7d:a0:6d:56:a3:cd:
67:ca:e9:06:52:4e:a3:03:72:41:0f:85:b9:78:1e:
f0:b1:16:1f:6a:e6:1a:23:5c:e0:3d:70:b9:c4:94:
3f:58:ee:c1:d1:6c:54:a8:32:6c:2f:f8:05:e5:18:
fc:e4:88:73:ab:86:7b:dc:06:22:3b:01:82:a7:85:
25:0b:5c:21:eb:b5:7a:90:46:5b:11:8c:24:25:6d:
f7:1f:cf:9f:b2:36:27:fc:f5:94:28:a3:fe:7c:49:
86:47:ee:a5:9e:01:36:6f:01:a5:8c:40:39:ff:f9:
48:53:09:41:fc:d8:4a:c7:09:98:a4:81:33:ab:b4:
df:e1:12:a0:da:de:ab:97:99:88:d5:56:c3:3a:74:
ca:2f:76:58:26:c4:25:03:a9:ff:fb:38:5a:da:5e:
f7:68:bd:39:54:95:c4:1d:04:c1:bc:42:8a:48:36:
eb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EA:61:99:75:5E:63:00:F0:40:2C:2A:08:ED:43:7A:0A:73:00:1E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.16.0/21
109.68.216.0/21
IPv6:
2a00:1b28::/32
Signature Algorithm: sha256WithRSAEncryption
5c:a3:b6:57:30:e9:2b:ef:28:65:a3:16:a6:25:bd:06:b2:f5:
12:46:f1:ba:24:b8:c6:5d:93:a3:f6:3c:f0:a8:4c:84:8d:8e:
d7:cc:f5:1d:42:e2:9a:4c:65:92:f6:b9:d1:6c:c5:7c:41:4b:
bd:b6:ab:50:67:f1:09:8b:75:49:d7:59:b0:0f:25:36:94:00:
a7:0f:18:5a:dc:df:ad:66:8e:28:1e:dc:04:75:86:7e:35:9a:
02:01:d5:31:fb:11:07:ef:94:c4:f7:7d:25:e7:e2:6a:38:ff:
b9:31:42:a5:d2:30:da:a8:f6:7f:16:9a:a2:4f:26:55:b3:ac:
6e:75:33:69:84:fc:75:50:dc:97:48:e7:8a:20:f5:f3:34:c6:
c9:b6:da:d7:97:35:0b:f2:65:31:17:f5:34:73:73:9c:72:dc:
1c:4b:30:60:62:f0:84:73:13:da:b7:0d:45:0f:c5:c7:71:8b:
08:74:40:a1:f7:6b:aa:f8:05:e5:7b:7d:ba:26:72:b2:de:29:
31:ce:e9:7c:8b:41:a8:83:7b:53:bb:c1:04:35:6f:1d:7e:3b:
c0:4f:b6:00:eb:f6:1e:73:8f:78:90:8a:50:5e:89:71:1a:f9:
46:43:b9:b4:c0:74:cf:8c:a7:f6:32:71:02:8d:9c:ca:d9:2a:
87:a7:97:f2
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZt87L1mBkuSG6ofYLDoz3hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDQxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVhNjE5OTc1NWU2MzAwZjA0MDJjMmEwOGVkNDM3YTBhNzMwMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSfmwFAkGU3+ybGLij9fRWkZ9TeN
K3xg5yr3Q5M7owL9TCtDAYhYXBh4xG/S99lMW7FN49zs8kOR+d+z3VSfJFMMNl9q
wHqRWFKsPAQPiGP8Q3l9oG1Wo81nyukGUk6jA3JBD4W5eB7wsRYfauYaI1zgPXC5
xJQ/WO7B0WxUqDJsL/gF5Rj85Ihzq4Z73AYiOwGCp4UlC1wh67V6kEZbEYwkJW33
H8+fsjYn/PWUKKP+fEmGR+6lngE2bwGljEA5//lIUwlB/NhKxwmYpIEzq7Tf4RKg
2t6rl5mI1VbDOnTKL3ZYJsQlA6n/+zha2l73aL05VJXEHQTBvEKKSDbr9QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFJDqYZl1XmMA8EAsKgjtQ3oKcwAeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FiLzZkMmE4
Zi1jZjkwLTQ2ZmItODI1OS1jMzk4MDhkMDNhMTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIvNmQyYThm
LWNmOTAtNDZmYi04MjU5LWMzOTgwOGQwM2ExOC8xL2tPcGhtWFZlWXdEd1FDd3FD
TzFEZWdwekFCNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDXn8QAwQDbUTYMA0EAgACMAcDBQAqABsoMA0G
CSqGSIb3DQEBCwUAA4IBAQBco7ZXMOkr7yhloxamJb0GsvUSRvG6JLjGXZOj9jzw
qEyEjY7XzPUdQuKaTGWS9rnRbMV8QUu9tqtQZ/EJi3VJ11mwDyU2lACnDxha3N+t
Zo4oHtwEdYZ+NZoCAdUx+xEH75TE930l5+JqOP+5MUKl0jDaqPZ/FpqiTyZVs6xu
dTNphPx1UNyXSOeKIPXzNMbJttrXlzUL8mUxF/U0c3OcctwcSzBgYvCEcxPatw1F
D8XHcYsIdECh92uq+AXle326JnKy3ikxzul8i0Gog3tTu8EENW8dfjvAT7YA6/Ye
c494kIpQXolxGvlGQ7m0wHTPjKf2MnECjZzK2SqHp5fy
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:00:44 2026 by rpki-client