Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer
File: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (raw, json)
Hash identifier: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=
Subject key identifier: 8B:AD:30:7C:D4:DF:11:01:4E:40:ED:DF:FF:D6:0F:9A:09:E6:E9:5C
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 46A631AF88F59404E860E7D1C94382E1E55E7502
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Thu 10 Jul 2025 21:21:15 +0000
Certificate not after: Thu 09 Jul 2026 21:26:15 +0000
Subordinate resources: IP: 2a13:9644:4000::/40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:a6:31:af:88:f5:94:04:e8:60:e7:d1:c9:43:82:e1:e5:5e:75:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jul 10 21:21:15 2025 GMT
Not After : Jul 9 21:26:15 2026 GMT
Subject: CN=8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:aa:f1:8c:34:0d:01:eb:65:f7:f3:f4:11:6a:
c4:7c:25:23:7a:da:f0:34:6d:81:8f:d0:ba:77:05:
f2:f0:d1:01:ef:9b:da:ff:07:62:77:9a:d7:c7:c2:
4d:9c:39:72:ea:70:32:e8:2b:54:ef:c5:be:be:60:
06:c6:cd:93:46:82:ab:91:59:e5:71:b2:17:96:5d:
4e:cc:a6:5d:5a:1b:09:21:99:ad:2d:6f:bf:a7:13:
5d:3f:79:4e:5b:ed:c6:56:30:44:55:54:71:1a:73:
43:b7:53:c4:bc:d3:2e:68:c9:e0:90:ea:85:02:0a:
10:6f:6a:55:e5:c9:30:27:4e:23:18:a4:bc:76:c6:
e1:5f:01:e3:33:0f:6e:8d:ce:20:3a:fc:e2:5f:6a:
40:1c:77:de:0a:cb:e5:45:1c:d7:f2:61:8c:3b:8b:
28:ae:89:5b:b8:b6:24:66:97:18:c0:e4:e2:30:d2:
08:c9:a5:97:c1:60:7c:0c:25:ae:4b:23:77:38:d9:
4e:9a:58:d2:ff:e6:18:cb:26:34:35:a0:c9:9e:89:
19:c3:92:72:40:95:0d:9f:09:85:cf:f1:19:b8:e1:
4c:5c:f5:5f:8a:d5:94:12:3f:20:20:59:25:2d:8b:
f3:88:d3:0b:64:5b:1e:3e:47:14:e6:24:eb:91:ef:
ff:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
8B:AD:30:7C:D4:DF:11:01:4E:40:ED:DF:FF:D6:0F:9A:09:E6:E9:5C
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:4000::/40
Signature Algorithm: sha256WithRSAEncryption
73:90:2b:01:78:5c:0f:9f:be:a2:84:9e:51:98:71:93:24:e9:
9b:9c:d7:d2:af:da:88:c2:7f:32:2d:e9:cc:d0:19:ef:32:70:
25:5d:72:39:06:4a:96:d6:4b:13:25:ce:46:7d:dd:61:ea:ae:
24:d0:fa:5b:01:40:90:72:bc:20:0c:16:72:4f:68:aa:20:36:
71:b8:fb:0d:cf:16:2b:3a:35:b3:34:89:b9:cc:9f:2e:24:8c:
3c:b9:e8:3a:73:6c:d4:44:8d:40:c8:2a:b8:8e:68:55:51:6d:
c6:75:cb:31:5b:01:96:0e:fa:87:81:39:6a:50:f7:0c:a2:57:
dc:f2:99:ef:5e:26:68:3c:80:bf:2b:06:78:3d:4a:d5:3e:6d:
6d:1a:86:83:f2:f4:24:59:7b:34:cf:94:bd:ed:c9:94:95:59:
53:bd:27:ba:03:d0:84:e5:ec:53:32:f7:63:d2:39:ac:c0:7b:
92:58:d7:08:99:16:f6:53:8c:0d:be:6c:b6:77:f7:8d:9c:44:
4b:63:6d:0c:0e:9b:bc:10:4a:57:84:6b:06:a7:a8:f1:8e:9d:
d9:41:cb:5a:3f:65:2e:8c:34:04:ff:fb:91:a5:e3:29:07:4a:
72:fc:aa:f7:fd:dd:e6:65:c5:89:eb:3e:a9:1c:69:40:99:6e:
b8:b4:b3:a4
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIURqYxr4j1lAToYOfRyUOC4eVedQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA3MTAyMTIxMTVaFw0yNjA3MDkyMTI2MTVaMDMxMTAvBgNV
BAMTKDhCQUQzMDdDRDRERjExMDE0RTQwRURERkZGRDYwRjlBMDlFNkU5NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSqvGMNA0B62X38/QRasR8JSN6
2vA0bYGP0Lp3BfLw0QHvm9r/B2J3mtfHwk2cOXLqcDLoK1Tvxb6+YAbGzZNGgquR
WeVxsheWXU7Mpl1aGwkhma0tb7+nE10/eU5b7cZWMERVVHEac0O3U8S80y5oyeCQ
6oUCChBvalXlyTAnTiMYpLx2xuFfAeMzD26NziA6/OJfakAcd94Ky+VFHNfyYYw7
iyiuiVu4tiRmlxjA5OIw0gjJpZfBYHwMJa5LI3c42U6aWNL/5hjLJjQ1oMmeiRnD
knJAlQ2fCYXP8Rm44Uxc9V+K1ZQSPyAgWSUti/OI0wtkWx4+RxTmJOuR7//NAgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSLrTB81N8RAU5A
7d//1g+aCebpXDAfBgNVHSMEGDAWgBTx0Fcv5ymRvTKFS6xxZnbr2tIqzjAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00MDBhLTRm
ZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4NTRCQUM3
MTY2NzZFQkRBRDIyQUNFLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGRCWEwt
Y3BrYjB5aFV1c2NXWjI2OXJTS3M0LmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvNjVlYWU3NDUtOGFjOS00ZTcxLWJjOTQtZmNiMjYxNzAzZjk2LzEv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS82NWVhZTc0NS04YWM5LTRlNzEtYmM5NC1mY2IyNjE3MDNmOTYv
MS84QkFEMzA3Q0Q0REYxMTAxNEU0MEVEREZGRkQ2MEY5QTA5RTZFOTVDLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqE5ZEQDANBgkqhkiG9w0BAQsFAAOCAQEAc5Ar
AXhcD5++ooSeUZhxkyTpm5zX0q/aiMJ/Mi3pzNAZ7zJwJV1yOQZKltZLEyXORn3d
YequJND6WwFAkHK8IAwWck9oqiA2cbj7Dc8WKzo1szSJucyfLiSMPLnoOnNs1ESN
QMgquI5oVVFtxnXLMVsBlg76h4E5alD3DKJX3PKZ714maDyAvysGeD1K1T5tbRqG
g/L0JFl7NM+Uve3JlJVZU70nugPQhOXsUzL3Y9I5rMB7kljXCJkW9lOMDb5stnf3
jZxES2NtDA6bvBBKV4RrBqeo8Y6d2UHLWj9lLow0BP/7kaXjKQdKcvyq9/3d5mXF
ies+qRxpQJluuLSzpA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:28:08 2025 by rpki-client