Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
File: 8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer (raw, json)
Hash identifier: eSrkEwtqCtHAhXHfDr6qbRzX40XQzoIg4waN26cAcnU=
Subject key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 136B11C6AEFDDD8CC809D163BA4407BEC287ACD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Sun 26 Apr 2026 15:29:10 +0000
Certificate not after: Sun 25 Apr 2027 15:34:10 +0000
Subordinate resources: IP: 2a14:7581:4000::/36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:6b:11:c6:ae:fd:dd:8c:c8:09:d1:63:ba:44:07:be:c2:87:ac:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 26 15:29:10 2026 GMT
Not After : Apr 25 15:34:10 2027 GMT
Subject: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:8c:a6:0b:53:f3:e3:6f:5b:4d:7f:83:43:
31:17:81:1b:08:9c:7f:cf:5c:5b:00:98:8d:ab:37:
c1:ae:b0:56:29:c2:87:53:4a:27:83:00:d3:fa:62:
9d:4a:b8:21:67:49:b3:4d:8a:dd:4f:86:49:5c:63:
b3:ff:d7:a3:27:53:63:97:37:b2:27:9f:1b:9d:71:
5d:98:42:e8:e7:83:a0:28:95:92:76:99:29:be:45:
c1:32:e6:60:e9:7e:1a:3a:06:e5:0d:34:be:bd:24:
c9:3d:bf:0d:d8:dc:bb:06:d7:91:f0:ec:88:72:8a:
78:46:e4:8d:6c:b5:68:1f:f0:b1:95:dd:93:1e:78:
a3:b9:ef:0e:0b:b1:d5:9c:25:a3:4c:ad:e6:6d:21:
d1:e1:83:41:48:a4:af:dc:d3:cf:04:fc:71:7d:d1:
13:0c:bd:24:65:7b:08:2d:65:5d:2d:ab:fb:90:96:
78:65:9f:79:3c:42:6d:d7:5c:ff:08:0a:b1:b7:33:
74:b2:4f:4b:09:e7:be:7b:d8:73:61:c4:28:26:3b:
ff:e6:51:16:cc:52:e2:f8:86:e3:de:f2:ba:c1:35:
e5:42:60:4e:d6:76:5e:63:64:4b:26:5c:54:5a:3b:
52:d4:62:c3:c5:71:ca:3c:a3:eb:71:6c:c3:82:47:
5c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:4000::/36
Signature Algorithm: sha256WithRSAEncryption
6b:54:c8:27:b0:d5:3a:53:98:60:d3:67:54:6e:5c:32:b9:37:
b2:d2:60:0f:ed:72:00:f8:34:47:b9:81:95:a0:12:bc:f1:72:
62:a7:55:4a:30:2f:b9:f8:27:25:a3:0c:2e:ee:bb:f1:5f:5e:
91:fa:27:e4:7e:e6:26:57:b0:c2:6b:47:b7:a3:95:01:bd:6f:
c7:74:aa:a0:f1:91:6d:e4:92:6e:c1:66:50:7f:63:4a:bb:7b:
b7:4d:d0:44:c4:4a:9c:d9:e9:2d:de:24:e4:40:07:3a:5b:7a:
0e:84:99:8d:d0:77:53:09:94:b9:0e:41:5c:66:a3:a5:ad:1c:
2a:9d:42:6a:01:c0:83:a4:ba:5f:63:a1:41:ba:a3:c2:13:a0:
68:bc:1c:59:01:4a:d9:16:c4:a1:c4:81:cb:1a:fe:d5:68:43:
89:c8:f8:58:f0:05:17:d5:28:56:9d:42:3c:6f:c4:29:b9:18:
08:c1:8f:5f:93:e9:34:2a:69:38:7e:10:b6:d4:ff:35:64:3c:
89:39:8e:b9:21:68:29:a3:bb:4a:cf:6a:bc:52:4b:90:55:2b:
bc:45:32:28:f5:00:9a:c4:df:a6:68:b3:4a:9c:72:17:9b:48:
a3:2f:4d:b4:5d:5c:c4:bc:4b:ff:51:73:ed:f3:4a:3d:ee:c7:
60:8b:a5:09
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUE2sRxq793YzICdFjukQHvsKHrNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MjYxNTI5MTBaFw0yNzA0MjUxNTM0MTBaMDMxMTAvBgNV
BAMTKDhFMDdEMzFDNjQ1MkY3QTZCMjRFNjNDRERDNDkwRTEyRTBBRkIzOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5K4ymC1Pz429bTX+DQzEXgRsI
nH/PXFsAmI2rN8GusFYpwodTSieDANP6Yp1KuCFnSbNNit1PhklcY7P/16MnU2OX
N7InnxudcV2YQujng6AolZJ2mSm+RcEy5mDpfho6BuUNNL69JMk9vw3Y3LsG15Hw
7IhyinhG5I1stWgf8LGV3ZMeeKO57w4LsdWcJaNMreZtIdHhg0FIpK/c088E/HF9
0RMMvSRlewgtZV0tq/uQlnhln3k8Qm3XXP8ICrG3M3SyT0sJ57572HNhxCgmO//m
URbMUuL4huPe8rrBNeVCYE7Wdl5jZEsmXFRaO1LUYsPFcco8o+txbMOCR1w7AgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSOB9McZFL3prJO
Y83cSQ4S4K+zjDAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB
OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT
ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4NzU1LzQv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUv
NC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0REQzQ5MEUxMkUwQUZCMzhDLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgQqFHWBQDANBgkqhkiG9w0BAQsFAAOCAQEAa1TI
J7DVOlOYYNNnVG5cMrk3stJgD+1yAPg0R7mBlaASvPFyYqdVSjAvufgnJaMMLu67
8V9ekfon5H7mJlewwmtHt6OVAb1vx3SqoPGRbeSSbsFmUH9jSrt7t03QRMRKnNnp
Ld4k5EAHOlt6DoSZjdB3UwmUuQ5BXGajpa0cKp1CagHAg6S6X2OhQbqjwhOgaLwc
WQFK2RbEocSByxr+1WhDicj4WPAFF9UoVp1CPG/EKbkYCMGPX5PpNCppOH4QttT/
NWQ8iTmOuSFoKaO7Ss9qvFJLkFUrvEUyKPUAmsTfpmizSpxyF5tIoy9NtF1cxLxL
/1Fz7fNKPe7HYIulCQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:06:05 2026 by rpki-client