Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.cer
File: 8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.cer (raw, json)
Hash identifier: w8zKxfA/wV566zQWBTqSVBSy2ltkynHVLl+VpGmKALE=
Subject key identifier: 8B:CE:7E:72:AB:BB:AD:00:53:63:93:A0:84:0B:BA:0A:BF:3A:A2:8E
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 6C026B932B97435199661AB784321AB81C5D51D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Sat 28 Feb 2026 19:26:14 +0000
Certificate not after: Sat 27 Feb 2027 19:31:14 +0000
Subordinate resources: IP: 2a0f:1cc5:1700::/40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Mar 2026 23:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:02:6b:93:2b:97:43:51:99:66:1a:b7:84:32:1a:b8:1c:5d:51:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Feb 28 19:26:14 2026 GMT
Not After : Feb 27 19:31:14 2027 GMT
Subject: CN=8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:41:a8:3d:22:aa:1a:72:7f:87:99:c7:df:
8f:0e:76:02:05:a3:48:a4:47:48:6a:65:fe:c1:9b:
4e:5f:63:50:ec:7a:dd:85:33:10:f3:40:c5:f6:cd:
04:32:5f:6c:a6:c8:39:92:c9:69:f9:4c:7c:9d:3a:
57:94:ff:9e:97:eb:80:13:c3:58:c3:d8:ea:ae:a4:
2e:8d:81:72:96:4d:98:a7:3b:74:4c:8d:c9:9b:a5:
d3:6f:1a:2a:86:3e:f2:12:dd:40:b2:2f:4d:ea:5d:
37:36:d0:77:28:b1:c7:ea:c7:6a:ac:b7:d3:6d:83:
93:b5:ff:8e:9c:a3:0b:e6:bf:ee:1a:a2:0a:d9:e7:
0d:1b:3d:9c:62:40:1c:a0:da:8b:a1:b5:ca:c5:ae:
a5:ea:e7:b8:ae:d8:ff:01:50:b5:eb:df:e9:a2:19:
cd:75:a8:17:b0:89:e9:ea:70:5f:a4:2a:ac:29:ac:
15:a2:5a:19:d4:66:8b:08:9f:9d:cf:10:e1:47:43:
f4:2b:ad:aa:02:27:7b:a2:be:72:eb:d0:57:0b:80:
7b:eb:1c:82:96:f7:7a:a9:56:24:43:40:ca:5c:7a:
56:50:e3:50:82:6b:26:23:92:81:f0:68:e7:a4:e6:
98:01:f9:06:93:4f:29:27:c1:a5:64:8c:7a:78:73:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
8B:CE:7E:72:AB:BB:AD:00:53:63:93:A0:84:0B:BA:0A:BF:3A:A2:8E
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/308f8b3e-051e-4c44-9cb5-7b8331ef9a04/1/8BCE7E72ABBBAD00536393A0840BBA0ABF3AA28E.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1700::/40
Signature Algorithm: sha256WithRSAEncryption
8a:4c:fd:77:d2:ee:e5:a7:04:32:6d:8b:61:d0:ca:54:94:b1:
03:71:85:2b:18:7b:03:7d:4c:84:83:c3:9d:de:1e:27:57:ba:
37:b5:91:79:3a:0d:73:18:ac:00:ef:32:bf:60:39:15:8c:40:
a1:09:f2:ac:19:96:a7:cb:a4:a7:ee:b5:49:63:2a:0c:25:b1:
3f:fc:a9:00:09:96:32:c8:db:0d:17:2b:fc:09:85:22:54:f0:
80:34:74:df:cf:71:64:70:23:b3:aa:d3:48:1e:a8:30:0d:13:
03:1c:eb:98:b8:7a:b5:9c:6c:ad:5f:5d:d8:0f:7b:9b:41:39:
ff:83:c0:c0:cc:e7:fe:5a:67:44:b8:f3:bd:06:7e:54:07:e8:
15:c8:92:77:76:cf:25:a9:22:4f:9b:74:5e:6d:80:3f:ee:5f:
2b:cc:9f:56:48:0d:df:2c:2e:6a:d5:eb:98:70:42:dc:4c:9b:
e1:50:d7:c0:ef:f8:cc:13:bc:ce:1f:c2:85:25:4f:fa:5f:87:
fa:a6:aa:d2:53:ea:5e:65:51:f6:c0:06:df:ac:3a:6f:33:22:
65:4a:76:0f:0e:f7:6d:d7:35:60:0b:df:1d:d0:61:c6:7e:30:
26:f4:10:62:4a:73:64:6c:ac:87:f6:f9:7e:0d:b8:2a:b8:12:
ef:7b:31:e6
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUbAJrkyuXQ1GZZhq3hDIauBxdUdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjAyMjgxOTI2MTRaFw0yNzAyMjcxOTMxMTRaMDMxMTAvBgNV
BAMTKDhCQ0U3RTcyQUJCQkFEMDA1MzYzOTNBMDg0MEJCQTBBQkYzQUEyOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxxEGoPSKqGnJ/h5nH348OdgIF
o0ikR0hqZf7Bm05fY1Dset2FMxDzQMX2zQQyX2ymyDmSyWn5THydOleU/56X64AT
w1jD2OqupC6NgXKWTZinO3RMjcmbpdNvGiqGPvIS3UCyL03qXTc20Hcoscfqx2qs
t9Ntg5O1/46cowvmv+4aogrZ5w0bPZxiQByg2ouhtcrFrqXq57iu2P8BULXr3+mi
Gc11qBewienqcF+kKqwprBWiWhnUZosIn53PEOFHQ/QrraoCJ3uivnLr0FcLgHvr
HIKW93qpViRDQMpcelZQ41CCayYjkoHwaOek5pgB+QaTTyknwaVkjHp4c3idAgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSLzn5yq7utAFNj
k6CEC7oKvzqijjAfBgNVHSMEGDAWgBRBHi1BHWh7y0RJw99Fvu3AQQB9lDAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5
MzktOTVlOS0wMDc3YjgwYjRmMGUvMC80MTFFMkQ0MTFENjg3QkNCNDQ0OUMzREY0
NUJFRURDMDQxMDA3RDk0LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUVI0dFFS
MW9lOHRFU2NQZlJiN3R3RUVBZlpRLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMzA4ZjhiM2UtMDUxZS00YzQ0LTljYjUtN2I4MzMxZWY5YTA0LzEv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8zMDhmOGIzZS0wNTFlLTRjNDQtOWNiNS03YjgzMzFlZjlhMDQv
MS84QkNFN0U3MkFCQkJBRDAwNTM2MzkzQTA4NDBCQkEwQUJGM0FBMjhFLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqDxzFFzANBgkqhkiG9w0BAQsFAAOCAQEAikz9
d9Lu5acEMm2LYdDKVJSxA3GFKxh7A31MhIPDnd4eJ1e6N7WReToNcxisAO8yv2A5
FYxAoQnyrBmWp8ukp+61SWMqDCWxP/ypAAmWMsjbDRcr/AmFIlTwgDR0389xZHAj
s6rTSB6oMA0TAxzrmLh6tZxsrV9d2A97m0E5/4PAwMzn/lpnRLjzvQZ+VAfoFciS
d3bPJakiT5t0Xm2AP+5fK8yfVkgN3ywuatXrmHBC3Eyb4VDXwO/4zBO8zh/ChSVP
+l+H+qaq0lPqXmVR9sAG36w6bzMiZUp2Dw73bdc1YAvfHdBhxn4wJvQQYkpzZGys
h/b5fg24KrgS73sx5g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:20:51 2026 by rpki-client