Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.cer
File: 8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.cer (raw, json)
Hash identifier: djIhs3OfPQSwGDsx7shWcD9R2rVr/puCnq8IiFhI1dQ=
Subject key identifier: 8B:CE:7E:72:AB:BB:AD:00:53:63:93:A0:84:0B:BA:0A:BF:3A:A2:8E
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 4B548DF715F54100314361063716787B5E5851E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Sat 11 Apr 2026 19:23:55 +0000
Certificate not after: Sat 10 Apr 2027 19:28:55 +0000
Subordinate resources: IP: 2a0f:1cc5:1700::/40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:54:8d:f7:15:f5:41:00:31:43:61:06:37:16:78:7b:5e:58:51:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Apr 11 19:23:55 2026 GMT
Not After : Apr 10 19:28:55 2027 GMT
Subject: CN=8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:41:a8:3d:22:aa:1a:72:7f:87:99:c7:df:
8f:0e:76:02:05:a3:48:a4:47:48:6a:65:fe:c1:9b:
4e:5f:63:50:ec:7a:dd:85:33:10:f3:40:c5:f6:cd:
04:32:5f:6c:a6:c8:39:92:c9:69:f9:4c:7c:9d:3a:
57:94:ff:9e:97:eb:80:13:c3:58:c3:d8:ea:ae:a4:
2e:8d:81:72:96:4d:98:a7:3b:74:4c:8d:c9:9b:a5:
d3:6f:1a:2a:86:3e:f2:12:dd:40:b2:2f:4d:ea:5d:
37:36:d0:77:28:b1:c7:ea:c7:6a:ac:b7:d3:6d:83:
93:b5:ff:8e:9c:a3:0b:e6:bf:ee:1a:a2:0a:d9:e7:
0d:1b:3d:9c:62:40:1c:a0:da:8b:a1:b5:ca:c5:ae:
a5:ea:e7:b8:ae:d8:ff:01:50:b5:eb:df:e9:a2:19:
cd:75:a8:17:b0:89:e9:ea:70:5f:a4:2a:ac:29:ac:
15:a2:5a:19:d4:66:8b:08:9f:9d:cf:10:e1:47:43:
f4:2b:ad:aa:02:27:7b:a2:be:72:eb:d0:57:0b:80:
7b:eb:1c:82:96:f7:7a:a9:56:24:43:40:ca:5c:7a:
56:50:e3:50:82:6b:26:23:92:81:f0:68:e7:a4:e6:
98:01:f9:06:93:4f:29:27:c1:a5:64:8c:7a:78:73:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
8B:CE:7E:72:AB:BB:AD:00:53:63:93:A0:84:0B:BA:0A:BF:3A:A2:8E
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1700::/40
Signature Algorithm: sha256WithRSAEncryption
89:a3:73:e4:6f:4c:8e:92:90:e1:ac:63:d7:36:9c:1f:a7:de:
c7:ff:11:0c:8a:4e:bf:f7:24:e4:6e:6f:0d:90:72:95:3d:2e:
18:57:ee:ab:48:5c:f2:b3:8d:d7:a3:ca:75:dd:64:3b:e4:af:
d3:0a:aa:28:77:f7:1e:27:2b:6e:fd:a2:a0:6f:fd:a7:a0:e5:
aa:4a:e4:03:60:23:d8:bd:82:c3:86:25:3b:80:b5:98:a5:21:
5d:42:28:dc:54:54:92:ca:6b:16:cc:a9:b0:3b:98:84:23:16:
04:0a:e6:2e:1d:f2:f0:4e:99:52:ff:e7:64:12:79:1b:44:c5:
53:76:c7:2c:73:e2:23:3c:26:db:31:3c:2f:ec:5a:ca:0d:cc:
eb:22:c9:28:72:a2:5f:7f:26:32:16:68:a0:cb:ac:d8:ad:cc:
24:8b:be:e3:6f:d7:88:be:61:b2:b1:df:f5:72:d6:28:4e:ce:
36:e4:24:c6:44:06:a1:bb:61:75:56:db:e3:75:59:86:f0:f3:
25:52:15:e1:3f:e6:58:3d:79:3e:9e:80:b7:09:b6:aa:08:95:
d6:74:67:e8:3a:7b:bb:60:08:c5:a6:a7:e3:ac:0c:9c:71:57:
43:76:2b:d6:67:b1:a1:8b:97:3b:b1:1e:0e:01:36:b7:8a:d0:
1b:92:d3:c2
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUS1SN9xX1QQAxQ2EGNxZ4e15YUeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjA0MTExOTIzNTVaFw0yNzA0MTAxOTI4NTVaMDMxMTAvBgNV
BAMTKDhCQ0U3RTcyQUJCQkFEMDA1MzYzOTNBMDg0MEJCQTBBQkYzQUEyOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxxEGoPSKqGnJ/h5nH348OdgIF
o0ikR0hqZf7Bm05fY1Dset2FMxDzQMX2zQQyX2ymyDmSyWn5THydOleU/56X64AT
w1jD2OqupC6NgXKWTZinO3RMjcmbpdNvGiqGPvIS3UCyL03qXTc20Hcoscfqx2qs
t9Ntg5O1/46cowvmv+4aogrZ5w0bPZxiQByg2ouhtcrFrqXq57iu2P8BULXr3+mi
Gc11qBewienqcF+kKqwprBWiWhnUZosIn53PEOFHQ/QrraoCJ3uivnLr0FcLgHvr
HIKW93qpViRDQMpcelZQ41CCayYjkoHwaOek5pgB+QaTTyknwaVkjHp4c3idAgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSLzn5yq7utAFNj
k6CEC7oKvzqijjAfBgNVHSMEGDAWgBRBHi1BHWh7y0RJw99Fvu3AQQB9lDAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5
MzktOTVlOS0wMDc3YjgwYjRmMGUvMC80MTFFMkQ0MTFENjg3QkNCNDQ0OUMzREY0
NUJFRURDMDQxMDA3RDk0LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUVI0dFFS
MW9lOHRFU2NQZlJiN3R3RUVBZlpRLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMzA4ZjhiM2UtMDUxZS00YzQ0LTljYjUtN2I4MzMxZWY5YTA0LzEv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8zMDhmOGIzZS0wNTFlLTRjNDQtOWNiNS03YjgzMzFlZjlhMDQv
MS84QkNFN0U3MkFCQkJBRDAwNTM2MzkzQTA4NDBCQkEwQUJGM0FBMjhFLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqDxzFFzANBgkqhkiG9w0BAQsFAAOCAQEAiaNz
5G9MjpKQ4axj1zacH6fex/8RDIpOv/ck5G5vDZBylT0uGFfuq0hc8rON16PKdd1k
O+Sv0wqqKHf3Hicrbv2ioG/9p6DlqkrkA2Aj2L2Cw4YlO4C1mKUhXUIo3FRUkspr
FsypsDuYhCMWBArmLh3y8E6ZUv/nZBJ5G0TFU3bHLHPiIzwm2zE8L+xayg3M6yLJ
KHKiX38mMhZooMus2K3MJIu+42/XiL5hsrHf9XLWKE7ONuQkxkQGobthdVbb43VZ
hvDzJVIV4T/mWD15Pp6Atwm2qgiV1nRn6Dp7u2AIxaan46wMnHFXQ3Yr1mexoYuX
O7EeDgE2t4rQG5LTwg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:11:49 2026 by rpki-client