Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B149F23A3E99C4760297DD7104B400C835D86D19.cer
File: B149F23A3E99C4760297DD7104B400C835D86D19.cer (raw, json)
Hash identifier: 3rLeGId68xk/9h4CEyfWQGCJiuEpM7i7blxpZGei/xI=
Subject key identifier: B1:49:F2:3A:3E:99:C4:76:02:97:DD:71:04:B4:00:C8:35:D8:6D:19
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2F407C5EAE45B1D75A6124CE77DFFB14452E1620
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/B149F23A3E99C4760297DD7104B400C835D86D19.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Fri 29 Aug 2025 09:40:42 +0000
Certificate not after: Fri 28 Aug 2026 09:45:42 +0000
Subordinate resources: IP: 2a14:7583:f400::/40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 13:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:40:7c:5e:ae:45:b1:d7:5a:61:24:ce:77:df:fb:14:45:2e:16:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 29 09:40:42 2025 GMT
Not After : Aug 28 09:45:42 2026 GMT
Subject: CN=B149F23A3E99C4760297DD7104B400C835D86D19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:aa:63:c9:1b:dd:90:e4:01:29:1e:9d:78:
e6:93:51:39:a4:b9:87:45:15:1d:70:84:64:8e:6a:
7f:18:c3:48:41:24:b0:71:0c:9b:6b:93:20:36:23:
d9:0a:49:74:f7:48:40:6a:a2:e8:bb:08:3d:98:c6:
be:2e:77:e1:55:64:f1:0e:32:0d:9c:00:a8:be:72:
c6:2e:33:e4:38:df:27:7c:c4:5b:3e:04:cd:60:d3:
0c:67:1d:86:e3:4c:ba:32:4d:77:87:80:7c:32:33:
a9:c1:a4:28:d4:b5:8b:ff:5a:7a:22:49:be:40:41:
2e:2d:42:a3:e5:fe:d5:8a:08:21:d6:77:33:e8:37:
d1:01:02:b7:fd:38:8e:cd:ab:58:ef:30:97:4f:f2:
ba:3e:06:5c:53:66:28:77:05:27:5b:01:e4:51:bc:
02:32:a7:c9:7e:00:c2:52:36:9a:2c:3f:b7:d4:0b:
49:b3:4d:73:5f:e0:a8:4a:4c:30:a4:88:74:12:d6:
6b:92:5d:ed:97:f7:b4:07:a8:1a:18:c2:c0:1f:18:
a8:3c:56:0d:e9:b9:6d:6c:25:cb:24:f9:76:e8:8c:
6e:cb:f7:c3:46:4d:d6:12:18:8e:d2:e7:25:a3:59:
77:c1:0f:d6:8a:00:61:85:9b:00:ff:5b:0d:23:84:
30:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
B1:49:F2:3A:3E:99:C4:76:02:97:DD:71:04:B4:00:C8:35:D8:6D:19
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/B149F23A3E99C4760297DD7104B400C835D86D19.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:f400::/40
Signature Algorithm: sha256WithRSAEncryption
17:f3:56:ba:17:c9:c2:31:d9:fb:ac:ab:0d:0b:55:b2:14:5a:
58:78:f5:66:55:f1:01:e3:00:aa:e7:3f:64:c8:af:4f:eb:db:
99:29:bd:dd:3a:b9:59:74:d8:f1:96:79:f7:3f:a5:d3:1b:ff:
8e:b3:ab:98:9d:d6:01:fc:16:aa:37:ef:27:bd:9b:2c:9d:91:
09:da:6e:2b:2f:25:05:75:dc:36:ff:03:f0:61:8c:98:97:dd:
a0:48:5f:5c:4a:aa:6d:9b:6c:7c:bc:e0:64:14:1d:0f:75:fe:
01:a5:9e:39:bc:05:48:3c:00:9c:86:13:9b:4c:53:2e:22:ff:
bc:54:0b:6d:5b:27:3f:9d:ac:ea:7f:ee:82:5e:c7:eb:04:81:
79:17:99:f3:32:61:0a:6c:a7:82:b1:54:b8:b3:76:8e:d4:d1:
d6:23:4b:6d:de:17:40:9d:42:88:02:f9:6e:a7:21:36:9b:b9:
10:3c:3a:ea:e9:60:f8:26:87:8c:f6:4b:39:e2:96:66:50:da:
d9:1b:d5:1b:7c:47:d0:43:f2:5e:51:37:06:85:1b:4b:82:b2:
4b:05:ca:41:d8:3f:24:41:41:83:8f:d3:b1:8e:17:b0:4c:8c:
70:49:63:fc:eb:d4:bd:bb:a6:d4:52:d6:3a:48:b8:f8:08:7b:
40:96:a1:f6
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUL0B8Xq5FsddaYSTOd9/7FEUuFiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA4MjkwOTQwNDJaFw0yNjA4MjgwOTQ1NDJaMDMxMTAvBgNV
BAMTKEIxNDlGMjNBM0U5OUM0NzYwMjk3REQ3MTA0QjQwMEM4MzVEODZEMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF+KpjyRvdkOQBKR6deOaTUTmk
uYdFFR1whGSOan8Yw0hBJLBxDJtrkyA2I9kKSXT3SEBqoui7CD2Yxr4ud+FVZPEO
Mg2cAKi+csYuM+Q43yd8xFs+BM1g0wxnHYbjTLoyTXeHgHwyM6nBpCjUtYv/Wnoi
Sb5AQS4tQqPl/tWKCCHWdzPoN9EBArf9OI7Nq1jvMJdP8ro+BlxTZih3BSdbAeRR
vAIyp8l+AMJSNposP7fUC0mzTXNf4KhKTDCkiHQS1muSXe2X97QHqBoYwsAfGKg8
Vg3puW1sJcsk+XbojG7L98NGTdYSGI7S5yWjWXfBD9aKAGGFmwD/Ww0jhDBtAgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSxSfI6PpnEdgKX
3XEEtADINdhtGTAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB
OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT
ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvOTgxZjk3ODItODk4ZS00YjgzLTk1ZTYtNGZmNGFiNzVjOWRjLzIv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS85ODFmOTc4Mi04OThlLTRiODMtOTVlNi00ZmY0YWI3NWM5ZGMv
Mi9CMTQ5RjIzQTNFOTlDNDc2MDI5N0RENzEwNEI0MDBDODM1RDg2RDE5Lm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqFHWD9DANBgkqhkiG9w0BAQsFAAOCAQEAF/NW
uhfJwjHZ+6yrDQtVshRaWHj1ZlXxAeMAquc/ZMivT+vbmSm93Tq5WXTY8ZZ59z+l
0xv/jrOrmJ3WAfwWqjfvJ72bLJ2RCdpuKy8lBXXcNv8D8GGMmJfdoEhfXEqqbZts
fLzgZBQdD3X+AaWeObwFSDwAnIYTm0xTLiL/vFQLbVsnP52s6n/ugl7H6wSBeReZ
8zJhCmyngrFUuLN2jtTR1iNLbd4XQJ1CiAL5bqchNpu5EDw66ulg+CaHjPZLOeKW
ZlDa2RvVG3xH0EPyXlE3BoUbS4KySwXKQdg/JEFBg4/TsY4XsEyMcElj/OvUvbum
1FLWOki4+Ah7QJah9g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 02:23:41 2025 by rpki-client