Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qFfj-rEefTOV3RA9ap-V2SJV9ks.cer
File: qFfj-rEefTOV3RA9ap-V2SJV9ks.cer (raw, json)
Hash identifier: GOvx77P+8A1UJlWp94f+4w3OeU7yRt1Myk3UzkrVenc=
Subject key identifier: A8:57:E3:FA:B1:1E:7D:33:95:DD:10:3D:6A:9F:95:D9:22:55:F6:4B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7CED4EA8DA40DCE9A5B89800BD8A3DC0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/qFfj-rEefTOV3RA9ap-V2SJV9ks.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 02 Jan 2026 04:18:05 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 41653
IP: 45.141.172.0/22
IP: 91.199.0.0/24
IP: 95.128.40.0/21
IP: 176.121.248.0/22
IP: 178.212.228.0/24
IP: 185.66.232.0/22
IP: 194.105.152.0/23
IP: 195.14.22.0/24
IP: 2a02:ec0::/32
IP: 2a0e:cec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ed:4e:a8:da:40:dc:e9:a5:b8:98:00:bd:8a:3d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:18:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a857e3fab11e7d3395dd103d6a9f95d92255f64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:b6:76:5d:aa:22:7f:03:be:52:16:f0:9f:
f6:d0:d7:30:ea:c1:4d:95:b7:bd:80:af:8b:70:8b:
de:bb:62:ce:27:15:5e:02:50:ce:b4:ba:ca:3a:56:
1b:26:4b:31:77:f0:71:ab:d6:b7:04:b2:d1:31:3d:
2c:66:b4:1b:dd:ef:03:50:24:3c:a2:12:8d:9a:16:
f9:ce:ee:2e:ce:be:31:d4:4f:3e:39:c9:db:9b:dd:
b6:b2:79:34:fa:79:7f:03:aa:e3:50:d5:d8:7c:f4:
d4:a7:78:a8:36:37:40:0d:8c:86:32:a3:51:21:fd:
37:77:df:a1:69:9f:ca:59:68:a0:40:3b:72:3d:33:
1b:8f:01:ca:23:13:5e:be:75:e6:5e:e6:c7:cd:ed:
28:39:6a:fa:1f:e7:f7:1e:3a:53:9b:fe:40:9c:d4:
f9:85:b4:76:b4:13:a9:e4:8f:ba:6b:21:d6:1a:eb:
1e:9b:b2:fe:18:16:b6:d8:ce:3d:f3:3d:9a:9f:a8:
a4:b3:d2:a0:2c:a1:fc:e5:60:1e:73:e5:ff:e8:31:
8e:a3:53:10:eb:03:b9:7f:fa:69:14:a7:d3:84:66:
c9:da:fc:b1:e4:49:86:04:0b:b9:d0:8c:c5:a7:d7:
76:aa:f6:3e:5d:05:d5:b3:e9:f5:8d:48:68:6f:4f:
37:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:57:E3:FA:B1:1E:7D:33:95:DD:10:3D:6A:9F:95:D9:22:55:F6:4B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/qFfj-rEefTOV3RA9ap-V2SJV9ks.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.172.0/22
91.199.0.0/24
95.128.40.0/21
176.121.248.0/22
178.212.228.0/24
185.66.232.0/22
194.105.152.0/23
195.14.22.0/24
IPv6:
2a02:ec0::/32
2a0e:cec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41653
Signature Algorithm: sha256WithRSAEncryption
32:fd:a4:0e:c9:3b:6e:1f:af:89:50:13:3f:50:a8:b0:f6:65:
ea:f5:19:7f:1a:02:31:c3:fe:d6:77:f0:05:fc:6d:8b:8b:cc:
4f:34:ac:d1:ae:e0:f2:ab:2d:0b:23:d3:4d:28:94:6e:54:54:
98:f1:4c:0c:60:4d:9f:b3:13:41:81:78:69:81:88:1c:7b:45:
d9:7d:0b:53:cc:59:35:6d:28:6d:a1:10:06:c4:47:29:bf:31:
55:97:c4:86:ac:a9:8f:f4:00:0d:9f:1a:0d:ae:6c:7e:79:19:
9f:9a:81:cd:d6:0e:7a:d9:56:c3:40:b5:d6:c8:f0:4a:68:02:
26:a6:e1:93:72:9a:5d:ed:36:20:3a:97:11:ec:d8:90:cc:b4:
d0:0a:fd:df:94:67:75:f4:0d:f8:c0:84:01:38:eb:8b:a3:07:
72:39:b3:83:86:c8:e0:4a:2b:62:52:a8:63:3d:9e:ce:8b:c6:
ba:00:b3:f4:bd:b3:5d:0f:80:21:14:26:1f:8d:fd:f8:39:9c:
3c:6f:ce:ac:c4:c6:36:9e:1e:1c:5d:df:5d:0a:e1:56:6f:96:
0b:dc:43:db:ed:ad:91:f5:7d:88:39:3f:73:0b:a2:b1:d5:55:
75:87:3c:60:47:96:dd:49:04:b4:86:c7:c9:54:04:48:3e:1b:
52:d8:e2:d8
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZt87U6o2kDc6aW4mAC9ij3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDQxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU3ZTNmYWIxMWU3ZDMzOTVkZDEwM2Q2YTlmOTVkOTIyNTVmNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukO2dl2qIn8DvlIW8J/20Ncw6sFN
lbe9gK+LcIveu2LOJxVeAlDOtLrKOlYbJksxd/Bxq9a3BLLRMT0sZrQb3e8DUCQ8
ohKNmhb5zu4uzr4x1E8+Ocnbm922snk0+nl/A6rjUNXYfPTUp3ioNjdADYyGMqNR
If03d9+haZ/KWWigQDtyPTMbjwHKIxNevnXmXubHze0oOWr6H+f3HjpTm/5AnNT5
hbR2tBOp5I+6ayHWGusem7L+GBa22M498z2an6iks9KgLKH85WAec+X/6DGOo1MQ
6wO5f/ppFKfThGbJ2vyx5EmGBAu50IzFp9d2qvY+XQXVs+n1jUhob083VQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFKhX4/qxHn0zld0QPWqfldkiVfZLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5L2M1MjJi
MC0wNzE4LTRiNzctYjhkNi0zYTZhMDZlMTg4YzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvYzUyMmIw
LTA3MTgtNGI3Ny1iOGQ2LTNhNmEwNmUxODhjMy8xL3FGZmotckVlZlRPVjNSQTlh
cC1WMlNKVjlrcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUF
BwEHAQH/BFAwTjA2BAIAATAwAwQCLY2sAwQAW8cAAwQDX4AoAwQCsHn4AwQAstTk
AwQCuULoAwQBwmmYAwQAww4WMBQEAgACMA4DBQAqAg7AAwUDKg7OwDAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMAorUwDQYJKoZIhvcNAQELBQADggEBADL9pA7JO24f
r4lQEz9QqLD2Zer1GX8aAjHD/tZ38AX8bYuLzE80rNGu4PKrLQsj000olG5UVJjx
TAxgTZ+zE0GBeGmBiBx7Rdl9C1PMWTVtKG2hEAbERym/MVWXxIasqY/0AA2fGg2u
bH55GZ+agc3WDnrZVsNAtdbI8EpoAiam4ZNyml3tNiA6lxHs2JDMtNAK/d+UZ3X0
DfjAhAE464ujB3I5s4OGyOBKK2JSqGM9ns6LxroAs/S9s10PgCEUJh+N/fg5nDxv
zqzExjaeHhxd310K4VZvlgvcQ9vtrZH1fYg5P3MLorHVVXWHPGBHlt1JBLSGx8lU
BEg+G1LY4tg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:34 2026 by rpki-client