Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qFfj-rEefTOV3RA9ap-V2SJV9ks.cer
File: qFfj-rEefTOV3RA9ap-V2SJV9ks.cer (raw, json)
Hash identifier: e2kzECMiYFLwHSM4a9YGWwg1qFYQhypHLiLuekR16TY=
Subject key identifier: A8:57:E3:FA:B1:1E:7D:33:95:DD:10:3D:6A:9F:95:D9:22:55:F6:4B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019763F83573F59F51F817B64AED26506F3B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/qFfj-rEefTOV3RA9ap-V2SJV9ks.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 12 Jun 2025 11:48:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41653
IP: 45.141.172.0/22
IP: 91.199.0.0/24
IP: 95.128.40.0/21
IP: 178.212.228.0/24
IP: 185.66.232.0/22
IP: 194.105.152.0/23
IP: 195.14.22.0/24
IP: 2a02:ec0::/32
IP: 2a0e:cec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:f8:35:73:f5:9f:51:f8:17:b6:4a:ed:26:50:6f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 12 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a857e3fab11e7d3395dd103d6a9f95d92255f64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:b6:76:5d:aa:22:7f:03:be:52:16:f0:9f:
f6:d0:d7:30:ea:c1:4d:95:b7:bd:80:af:8b:70:8b:
de:bb:62:ce:27:15:5e:02:50:ce:b4:ba:ca:3a:56:
1b:26:4b:31:77:f0:71:ab:d6:b7:04:b2:d1:31:3d:
2c:66:b4:1b:dd:ef:03:50:24:3c:a2:12:8d:9a:16:
f9:ce:ee:2e:ce:be:31:d4:4f:3e:39:c9:db:9b:dd:
b6:b2:79:34:fa:79:7f:03:aa:e3:50:d5:d8:7c:f4:
d4:a7:78:a8:36:37:40:0d:8c:86:32:a3:51:21:fd:
37:77:df:a1:69:9f:ca:59:68:a0:40:3b:72:3d:33:
1b:8f:01:ca:23:13:5e:be:75:e6:5e:e6:c7:cd:ed:
28:39:6a:fa:1f:e7:f7:1e:3a:53:9b:fe:40:9c:d4:
f9:85:b4:76:b4:13:a9:e4:8f:ba:6b:21:d6:1a:eb:
1e:9b:b2:fe:18:16:b6:d8:ce:3d:f3:3d:9a:9f:a8:
a4:b3:d2:a0:2c:a1:fc:e5:60:1e:73:e5:ff:e8:31:
8e:a3:53:10:eb:03:b9:7f:fa:69:14:a7:d3:84:66:
c9:da:fc:b1:e4:49:86:04:0b:b9:d0:8c:c5:a7:d7:
76:aa:f6:3e:5d:05:d5:b3:e9:f5:8d:48:68:6f:4f:
37:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:57:E3:FA:B1:1E:7D:33:95:DD:10:3D:6A:9F:95:D9:22:55:F6:4B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/qFfj-rEefTOV3RA9ap-V2SJV9ks.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.172.0/22
91.199.0.0/24
95.128.40.0/21
178.212.228.0/24
185.66.232.0/22
194.105.152.0/23
195.14.22.0/24
IPv6:
2a02:ec0::/32
2a0e:cec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41653
Signature Algorithm: sha256WithRSAEncryption
37:49:26:c6:ab:ea:b7:fb:e1:f7:84:55:2d:6d:ba:bc:fe:31:
b2:d0:d7:5f:6f:df:ab:ca:dc:18:32:d9:15:cc:4a:96:d0:40:
0c:2c:31:62:59:19:92:78:f4:c0:80:32:24:1b:97:a1:75:39:
f5:0e:a6:36:6f:79:10:c9:03:9d:d2:2a:f9:e5:cb:8b:f4:60:
90:7c:5c:05:41:23:f3:3a:6a:36:04:74:3c:65:a3:d0:fa:ca:
bf:1c:9e:65:80:e4:d9:71:d4:f9:1e:5a:16:7a:0f:df:d0:1f:
61:75:25:2b:b1:3b:d1:74:16:79:0d:f0:47:08:1c:05:b6:f1:
17:64:18:d5:8a:e6:0e:67:b1:42:83:30:bc:8a:f2:d3:2f:9e:
81:bb:a7:6a:ca:4c:b5:54:4a:6f:c5:38:49:87:0a:ca:6b:3c:
b2:59:a8:67:1e:17:ed:d4:cc:35:b1:de:d9:09:13:c3:26:5a:
5c:3a:99:b1:35:d5:79:54:13:58:87:09:17:25:de:bd:f8:67:
d9:aa:ce:f0:02:da:eb:65:90:a1:b6:47:a8:95:23:02:dc:99:
e1:76:0a:3f:1e:09:0f:38:d1:e8:1f:42:dc:5e:cc:3e:8a:6e:
0d:13:43:a5:80:b7:73:66:3e:44:fb:63:91:89:f2:a9:c0:35:
da:9a:50:2c
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZdj+DVz9Z9R+Be2Su0mUG87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjEyMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU3ZTNmYWIxMWU3ZDMzOTVkZDEwM2Q2YTlmOTVkOTIyNTVmNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukO2dl2qIn8DvlIW8J/20Ncw6sFN
lbe9gK+LcIveu2LOJxVeAlDOtLrKOlYbJksxd/Bxq9a3BLLRMT0sZrQb3e8DUCQ8
ohKNmhb5zu4uzr4x1E8+Ocnbm922snk0+nl/A6rjUNXYfPTUp3ioNjdADYyGMqNR
If03d9+haZ/KWWigQDtyPTMbjwHKIxNevnXmXubHze0oOWr6H+f3HjpTm/5AnNT5
hbR2tBOp5I+6ayHWGusem7L+GBa22M498z2an6iks9KgLKH85WAec+X/6DGOo1MQ
6wO5f/ppFKfThGbJ2vyx5EmGBAu50IzFp9d2qvY+XQXVs+n1jUhob083VQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFKhX4/qxHn0zld0QPWqfldkiVfZLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5L2M1MjJi
MC0wNzE4LTRiNzctYjhkNi0zYTZhMDZlMTg4YzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvYzUyMmIw
LTA3MTgtNGI3Ny1iOGQ2LTNhNmEwNmUxODhjMy8xL3FGZmotckVlZlRPVjNSQTlh
cC1WMlNKVjlrcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGCCsGAQUF
BwEHAQH/BEowSDAwBAIAATAqAwQCLY2sAwQAW8cAAwQDX4AoAwQAstTkAwQCuULo
AwQBwmmYAwQAww4WMBQEAgACMA4DBQAqAg7AAwUDKg7OwDAaBggrBgEFBQcBCAEB
/wQLMAmgBzAFAgMAorUwDQYJKoZIhvcNAQELBQADggEBADdJJsar6rf74feEVS1t
urz+MbLQ119v36vK3Bgy2RXMSpbQQAwsMWJZGZJ49MCAMiQbl6F1OfUOpjZveRDJ
A53SKvnly4v0YJB8XAVBI/M6ajYEdDxlo9D6yr8cnmWA5Nlx1PkeWhZ6D9/QH2F1
JSuxO9F0FnkN8EcIHAW28RdkGNWK5g5nsUKDMLyK8tMvnoG7p2rKTLVUSm/FOEmH
CsprPLJZqGceF+3UzDWx3tkJE8MmWlw6mbE11XlUE1iHCRcl3r34Z9mqzvAC2utl
kKG2R6iVIwLcmeF2Cj8eCQ840egfQtxezD6Kbg0TQ6WAt3NmPkT7Y5GJ8qnANdqa
UCw=
-----END CERTIFICATE-----
Generated at Thu Jun 19 11:06:47 2025 by rpki-client