Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sx9k3lYY91wZ31E5U_ZGmHngh3M.cer
File: sx9k3lYY91wZ31E5U_ZGmHngh3M.cer (raw, json)
Hash identifier: nKdWMcBUrmMtK5TPS5iVlu51XO0TSaaQZObpCF2Uq20=
Subject key identifier: B3:1F:64:DE:56:18:F7:5C:19:DF:51:39:53:F6:46:98:79:E0:87:73
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019B7AC86FD82798151C7EA1C53F63DD1A0E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/70/3fa007-f344-467e-b712-1cce5b58f8e3/1/sx9k3lYY91wZ31E5U_ZGmHngh3M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/70/3fa007-f344-467e-b712-1cce5b58f8e3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 01 Jan 2026 18:18:34 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 209486
IP: 194.36.180.0/22
IP: 2a10:cc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c8:6f:d8:27:98:15:1c:7e:a1:c5:3f:63:dd:1a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b31f64de5618f75c19df513953f6469879e08773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:20:84:9f:22:cc:6c:00:00:a8:9d:8a:b6:
db:68:36:d8:e9:81:bc:49:cd:42:0d:b6:92:88:dc:
aa:90:9b:42:99:65:be:23:a4:cb:5a:2a:0b:56:79:
73:b9:bf:80:26:4f:1f:73:9c:1e:0d:fb:1c:58:de:
7d:99:2c:30:46:3f:21:7c:6f:c5:2f:af:78:b8:8a:
9d:11:ff:34:ce:a0:3b:2c:7e:bc:6a:d1:dc:0f:77:
6f:08:a6:33:1d:ff:7b:7a:9a:c7:12:54:e3:68:d0:
4d:a7:57:91:b1:08:74:03:82:b7:d7:3f:2f:0d:49:
01:05:7f:5b:a4:69:18:ec:6a:22:0f:39:e9:34:99:
ba:d5:26:25:27:e5:15:dc:a4:f6:14:de:f2:29:29:
d2:d0:31:55:40:62:db:9e:1a:21:52:86:7c:61:68:
77:d8:9b:ef:bd:79:cb:55:d6:5f:e1:45:2c:0e:8c:
1e:54:8f:d2:6f:38:0e:58:0f:92:02:5a:dd:9d:ce:
74:c3:92:ad:9b:f1:a9:d1:ec:14:c9:6f:5b:e5:0f:
30:0a:8c:62:05:58:c0:7e:87:96:71:e1:10:de:1f:
6f:59:95:52:ed:4f:69:ad:d4:65:34:45:3d:43:a9:
44:62:cb:4e:72:51:20:2c:bc:7b:0a:1e:33:fa:b1:
0e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1F:64:DE:56:18:F7:5C:19:DF:51:39:53:F6:46:98:79:E0:87:73
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3fa007-f344-467e-b712-1cce5b58f8e3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3fa007-f344-467e-b712-1cce5b58f8e3/1/sx9k3lYY91wZ31E5U_ZGmHngh3M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.180.0/22
IPv6:
2a10:cc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209486
Signature Algorithm: sha256WithRSAEncryption
30:db:cc:07:bd:36:50:57:78:03:c7:47:d0:52:fd:fa:02:cf:
ce:c3:3e:65:fe:03:1d:fb:3e:68:b5:3e:54:7d:79:14:b6:ed:
bb:f4:78:34:e8:44:4d:98:09:ac:99:11:c5:fa:ee:9c:4f:af:
ff:bb:1c:66:78:99:43:3b:4e:c2:53:e1:dd:77:69:69:b7:aa:
0a:a6:4b:ba:b6:08:32:c7:af:99:d2:14:3d:29:0a:fb:76:f3:
48:71:fd:6d:13:52:b5:10:bf:fa:f0:d8:39:7a:62:de:be:5d:
e2:1d:e4:ae:72:59:19:ba:5c:e1:d1:ce:ba:16:38:07:ac:2f:
e3:7b:38:20:a0:10:17:98:34:66:dd:b5:aa:e1:b1:e4:1d:16:
12:72:7f:e8:12:04:e4:ab:8c:d4:a9:ea:cd:b2:1d:43:d1:bd:
33:e1:75:7c:7c:e3:e9:50:1a:1b:65:f2:8c:7b:48:47:e2:67:
f3:03:7d:5c:99:b7:14:7e:49:19:29:3e:f8:03:b0:08:71:de:
98:c8:d6:84:51:c6:57:d5:fb:b8:e1:0e:82:4a:07:ac:b4:6c:
8a:95:cd:16:15:31:eb:10:cf:a3:44:e1:8c:57:d4:c5:f9:aa:
95:f2:5e:6b:88:f3:20:f1:43:12:cd:db:4a:58:c8:fe:c4:3e:
42:15:0b:d5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZt6yG/YJ5gVHH6hxT9j3RoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTgxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFmNjRkZTU2MThmNzVjMTlkZjUxMzk1M2Y2NDY5ODc5ZTA4NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHkghJ8izGwAAKidirbbaDbY6YG8
Sc1CDbaSiNyqkJtCmWW+I6TLWioLVnlzub+AJk8fc5weDfscWN59mSwwRj8hfG/F
L694uIqdEf80zqA7LH68atHcD3dvCKYzHf97eprHElTjaNBNp1eRsQh0A4K31z8v
DUkBBX9bpGkY7GoiDznpNJm61SYlJ+UV3KT2FN7yKSnS0DFVQGLbnhohUoZ8YWh3
2JvvvXnLVdZf4UUsDoweVI/SbzgOWA+SAlrdnc50w5Ktm/Gp0ewUyW9b5Q8wCoxi
BVjAfoeWceEQ3h9vWZVS7U9prdRlNEU9Q6lEYstOclEgLLx7Ch4z+rEO0QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLMfZN5WGPdcGd9ROVP2Rph54IdzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcwLzNmYTAw
Ny1mMzQ0LTQ2N2UtYjcxMi0xY2NlNWI1OGY4ZTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAvM2ZhMDA3
LWYzNDQtNDY3ZS1iNzEyLTFjY2U1YjU4ZjhlMy8xL3N4OWszbFlZOTF3WjMxRTVV
X1pHbUhuZ2gzTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCwiS0MA0EAgACMAcDBQMqEAzAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMyTjANBgkqhkiG9w0BAQsFAAOCAQEAMNvMB702UFd4
A8dH0FL9+gLPzsM+Zf4DHfs+aLU+VH15FLbtu/R4NOhETZgJrJkRxfrunE+v/7sc
ZniZQztOwlPh3XdpabeqCqZLurYIMsevmdIUPSkK+3bzSHH9bRNStRC/+vDYOXpi
3r5d4h3krnJZGbpc4dHOuhY4B6wv43s4IKAQF5g0Zt21quGx5B0WEnJ/6BIE5KuM
1KnqzbIdQ9G9M+F1fHzj6VAaG2XyjHtIR+Jn8wN9XJm3FH5JGSk++AOwCHHemMjW
hFHGV9X7uOEOgkoHrLRsipXNFhUx6xDPo0ThjFfUxfmqlfJea4jzIPFDEs3bSljI
/sQ+QhUL1Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:53:18 2026 by rpki-client