Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer
File: 473F2085BBDEE25875BDA78FE4469ABD64842C90.cer (raw, json)
Hash identifier: oXUl6HgTztDy2E5m5to74pEpLKUOJVMBI7CkKFF8asI=
Subject key identifier: 47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 3DBDA52201CB263B15E717843D2D2A59033693F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Thu 11 Jun 2026 09:44:53 +0000
Certificate not after: Thu 10 Jun 2027 09:49:53 +0000
Subordinate resources: IP: 2a0f:1cc5:c00::/40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:bd:a5:22:01:cb:26:3b:15:e7:17:84:3d:2d:2a:59:03:36:93:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 11 09:44:53 2026 GMT
Not After : Jun 10 09:49:53 2027 GMT
Subject: CN=473F2085BBDEE25875BDA78FE4469ABD64842C90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:e9:36:05:11:a5:af:8f:d9:56:da:c9:47:
88:e4:8e:84:40:6f:0b:27:bd:6d:b9:98:6f:de:c3:
1b:15:59:1e:0f:df:dd:d7:cf:8a:c7:dd:2f:e9:1e:
c2:22:f3:e9:dc:e6:09:58:8f:6d:19:35:17:e2:6b:
06:10:0d:0b:5f:48:70:db:4a:49:92:cd:52:58:5f:
31:a0:2d:b2:10:91:ab:cb:ad:19:d2:3f:bd:cb:33:
b6:0d:b3:15:13:3f:44:6e:38:34:38:38:75:66:8a:
27:8a:70:7b:cd:2e:e5:1a:1f:dd:bd:1b:7d:7a:c6:
fa:39:6f:92:0b:9e:3b:fa:f3:f4:1b:80:88:e2:92:
71:a1:2d:f2:f2:6b:00:97:0b:db:55:f3:b3:0d:8f:
81:84:fc:b9:ab:ec:57:10:49:c0:6a:53:bf:1b:f6:
83:31:5a:3a:7d:14:c2:3d:af:00:7b:0a:66:d1:6a:
56:29:b8:dd:75:81:da:b9:41:9a:46:bd:1e:dc:8b:
d7:09:c2:a1:04:89:13:af:b7:b2:b5:89:e5:4e:3e:
80:be:dd:0a:f0:b3:2e:d2:43:83:08:5f:70:80:ad:
6b:7c:fd:33:b7:0e:af:45:30:2d:0e:08:1b:4d:41:
4b:44:7e:09:ba:03:8b:53:9a:96:bb:26:79:dd:f1:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:c00::/40
Signature Algorithm: sha256WithRSAEncryption
5c:6e:f5:b4:98:5b:6b:e5:62:dd:aa:6b:c3:1a:16:29:8a:04:
88:2d:45:ca:b3:1c:2b:c3:b6:af:00:b5:58:79:d6:5b:5f:f7:
52:89:f6:79:16:d3:d9:ae:32:6d:d2:8b:f1:bc:4c:4b:28:85:
26:07:e4:95:01:64:61:f2:92:bc:d0:90:42:73:3f:2c:48:cd:
e7:4c:9d:98:d9:d4:93:e5:19:48:e3:81:b2:cc:4a:ee:8c:b0:
ff:4a:cd:4c:6b:4c:26:36:ac:2f:7d:73:81:80:25:60:e5:a8:
5e:0f:60:1e:78:4b:d9:6d:f7:d7:86:de:31:2d:6c:1f:7d:97:
77:87:4f:b6:c3:1b:7b:7e:57:91:a4:1d:fe:3f:07:7e:fa:17:
2c:1c:3a:27:ec:c4:31:5a:08:32:0a:a4:06:e5:99:70:11:ae:
c6:40:1d:9b:52:67:b9:16:70:7f:d6:64:73:fa:93:6c:47:6b:
59:29:95:fe:b4:e2:bc:75:c7:e5:f7:bc:b2:92:0d:8b:28:57:
77:02:53:11:90:6e:c7:9a:4d:e4:75:d3:4d:ba:7b:c8:4b:5c:
d3:46:c4:99:e5:73:40:b7:d6:41:8a:d6:ae:74:6c:ff:f5:04:
64:f7:9d:9b:4a:9d:98:ae:ab:8a:c8:dd:1b:c7:df:70:af:de:
e4:04:92:61
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUPb2lIgHLJjsV5xeEPS0qWQM2k/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MTEwOTQ0NTNaFw0yNzA2MTAwOTQ5NTNaMDMxMTAvBgNV
BAMTKDQ3M0YyMDg1QkJERUUyNTg3NUJEQTc4RkU0NDY5QUJENjQ4NDJDOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/IOk2BRGlr4/ZVtrJR4jkjoRA
bwsnvW25mG/ewxsVWR4P393Xz4rH3S/pHsIi8+nc5glYj20ZNRfiawYQDQtfSHDb
SkmSzVJYXzGgLbIQkavLrRnSP73LM7YNsxUTP0RuODQ4OHVmiieKcHvNLuUaH929
G316xvo5b5ILnjv68/QbgIjiknGhLfLyawCXC9tV87MNj4GE/Lmr7FcQScBqU78b
9oMxWjp9FMI9rwB7CmbRalYpuN11gdq5QZpGvR7ci9cJwqEEiROvt7K1ieVOPoC+
3Qrwsy7SQ4MIX3CArWt8/TO3Dq9FMC0OCBtNQUtEfgm6A4tTmpa7Jnnd8eG1AgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHPyCFu97iWHW9
p4/kRpq9ZIQskDAfBgNVHSMEGDAWgBQb4kACGih/KYlz2eoo38gHNf1YADAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5
MzktOTVlOS0wMDc3YjgwYjRmMGUvMC8xQkUyNDAwMjFBMjg3RjI5ODk3M0Q5RUEy
OERGQzgwNzM1RkQ1ODAwLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRy1KQUFo
b29meW1KYzlucUtOX0lCelg5V0FBLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvZjgxMmQzZWYtYzVmYy00NWIwLTk1NGEtOGE1MjIxMGMyZTkwLzIv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9mODEyZDNlZi1jNWZjLTQ1YjAtOTU0YS04YTUyMjEwYzJlOTAv
Mi80NzNGMjA4NUJCREVFMjU4NzVCREE3OEZFNDQ2OUFCRDY0ODQyQzkwLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqDxzFDDANBgkqhkiG9w0BAQsFAAOCAQEAXG71
tJhba+Vi3aprwxoWKYoEiC1FyrMcK8O2rwC1WHnWW1/3Uon2eRbT2a4ybdKL8bxM
SyiFJgfklQFkYfKSvNCQQnM/LEjN50ydmNnUk+UZSOOBssxK7oyw/0rNTGtMJjas
L31zgYAlYOWoXg9gHnhL2W3314beMS1sH32Xd4dPtsMbe35XkaQd/j8HfvoXLBw6
J+zEMVoIMgqkBuWZcBGuxkAdm1JnuRZwf9Zkc/qTbEdrWSmV/rTivHXH5fe8spIN
iyhXdwJTEZBux5pN5HXTTbp7yEtc00bEmeVzQLfWQYrWrnRs//UEZPedm0qdmK6r
isjdG8ffcK/e5ASSYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:31:14 2026 by rpki-client