Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
File: zy7ueKAITYMd4aJQAYPhZIlRbM8.cer (raw, json)
Hash identifier: H/gUKTePGgSK4QXaQ+ObryRg8YTBZJuEQw6qjIZ8xwY=
Subject key identifier: CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019D90B134FFCF88C9451EBCEA59149DDF53
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 15 Apr 2026 10:30:25 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 211215
IP: 45.95.8.0/24
IP: 164.5.216.0/21
IP: 2a0c:3300::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:b1:34:ff:cf:88:c9:45:1e:bc:ea:59:14:9d:df:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 15 10:30:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf2eee78a0084d831de1a2500183e16489516ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:10:cf:5e:ec:0a:66:56:4b:7b:d1:00:da:
d4:f6:bb:8b:c7:ef:de:a4:1b:c9:c5:91:dd:aa:fe:
97:ae:cb:77:ef:95:fa:bc:e0:88:fe:bc:7e:dc:af:
30:e4:54:82:e1:f4:10:82:ed:f7:2d:08:e3:a3:2a:
49:e8:9a:17:1c:0c:d8:ed:be:ae:f8:d4:fd:97:d0:
7e:24:bb:16:84:d0:ce:d9:53:ae:fc:a7:27:9e:51:
30:07:5f:7b:7e:b5:09:e4:77:88:cf:5c:ff:02:39:
18:56:9d:e8:3a:80:97:6e:51:8b:66:fb:1d:a9:a0:
6d:66:43:f7:49:69:ab:a3:6f:0e:3f:69:b8:53:75:
2d:09:33:85:09:cb:d9:7f:39:1f:fd:96:ed:09:15:
66:90:0f:08:c0:2c:35:19:a1:98:e1:64:aa:e2:94:
c1:8f:5b:c8:40:b9:8c:f4:ae:09:04:41:94:0b:97:
2b:5e:12:87:8c:c0:68:b1:b6:5f:42:98:7c:b9:ab:
90:3c:1f:43:f9:11:f7:16:82:f1:05:f4:72:88:c6:
e8:aa:f9:6e:a9:3a:da:27:02:7b:15:ce:db:45:6a:
aa:9d:9d:e9:26:53:96:e2:88:e7:4a:d6:3b:ed:f0:
0d:f4:65:f3:48:a0:18:64:9e:04:ec:d3:5f:ae:24:
89:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.8.0/24
164.5.216.0/21
IPv6:
2a0c:3300::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
211215
Signature Algorithm: sha256WithRSAEncryption
60:f9:80:10:d8:f3:50:c2:fc:1c:65:94:9a:b8:81:38:53:81:
2f:c9:48:ae:f9:dd:5e:5a:0b:67:48:06:25:1d:b6:b0:f8:93:
33:3d:cc:e9:95:44:b5:68:d6:92:4b:73:9a:49:4a:9f:2b:de:
7c:7b:82:f5:a8:19:b2:67:35:16:ea:e5:33:1f:08:df:2c:dd:
45:75:73:9a:d7:e0:86:b6:a7:14:15:a3:44:b0:f1:cd:7e:f0:
e9:f5:b9:f5:c1:69:06:bd:51:fb:b5:2f:00:1e:95:c9:0c:db:
95:a8:c5:c6:45:38:57:aa:b1:17:eb:69:34:a8:ba:d0:0b:94:
fb:64:73:0a:c6:cc:5b:94:38:65:43:e4:4e:0c:c4:17:b0:b3:
73:da:5b:32:9f:b2:04:f0:2c:17:f8:ac:84:24:83:ee:89:cd:
8c:a5:4f:da:93:b9:9e:f2:79:3f:83:86:ca:88:dc:fd:ea:09:
17:96:6a:14:66:a4:6d:49:d2:1b:82:12:5d:81:5a:47:34:89:
29:28:d6:06:ad:f1:9a:50:a1:1b:5d:d1:56:77:ae:2d:c2:44:
11:a9:bf:cc:26:4c:0a:d8:47:6f:6c:1e:47:9f:a5:89:d1:25:
96:6b:4b:ec:f1:ea:54:40:62:15:14:3e:ad:0f:4a:b2:4f:98:
bb:3a:ed:14
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZ2QsTT/z4jJRR686lkUnd9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNDE1MTAzMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJlZWU3OGEwMDg0ZDgzMWRlMWEyNTAwMTgzZTE2NDg5NTE2Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs50Qz17sCmZWS3vRANrU9ruLx+/e
pBvJxZHdqv6Xrst375X6vOCI/rx+3K8w5FSC4fQQgu33LQjjoypJ6JoXHAzY7b6u
+NT9l9B+JLsWhNDO2VOu/KcnnlEwB197frUJ5HeIz1z/AjkYVp3oOoCXblGLZvsd
qaBtZkP3SWmro28OP2m4U3UtCTOFCcvZfzkf/ZbtCRVmkA8IwCw1GaGY4WSq4pTB
j1vIQLmM9K4JBEGUC5crXhKHjMBosbZfQph8uauQPB9D+RH3FoLxBfRyiMboqvlu
qTraJwJ7Fc7bRWqqnZ3pJlOW4ojnStY77fAN9GXzSKAYZJ4E7NNfriSJjwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFM8u7nigCE2DHeGiUAGD4WSJUWzPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE5L2Q3ZTY2
MC02OTEyLTQzODAtYWI0Zi03MThiOWM0MGZkMjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkvZDdlNjYw
LTY5MTItNDM4MC1hYjRmLTcxOGI5YzQwZmQyNS8xL3p5N3VlS0FJVFlNZDRhSlFB
WVBoWklsUmJNOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQALV8IAwQDpAXYMA0EAgACMAcDBQAqDDMAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM5DzANBgkqhkiG9w0BAQsFAAOCAQEAYPmA
ENjzUML8HGWUmriBOFOBL8lIrvndXloLZ0gGJR22sPiTMz3M6ZVEtWjWkktzmklK
nyvefHuC9agZsmc1FurlMx8I3yzdRXVzmtfghranFBWjRLDxzX7w6fW59cFpBr1R
+7UvAB6VyQzblajFxkU4V6qxF+tpNKi60AuU+2RzCsbMW5Q4ZUPkTgzEF7Czc9pb
Mp+yBPAsF/ishCSD7onNjKVP2pO5nvJ5P4OGyojc/eoJF5ZqFGakbUnSG4ISXYFa
RzSJKSjWBq3xmlChG13RVneuLcJEEam/zCZMCthHb2weR5+lidEllmtL7PHqVEBi
FRQ+rQ9Ksk+YuzrtFA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:16:28 2026 by rpki-client