$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002f8ee6-abe7-4ae8-964c-788bb98c975c/1/B0A5A8ABB18AAA8DBD4783234511B53DBCA299BF.cer File: B0A5A8ABB18AAA8DBD4783234511B53DBCA299BF.cer (raw, json) Hash identifier: qnGfja2gp1Dt5eiLazr0XeABKN1iXqNbT2nfPewlL3k= Subject key identifier: B0:A5:A8:AB:B1:8A:AA:8D:BD:47:83:23:45:11:B5:3D:BC:A2:99:BF Authority key identifier: 1E:74:49:46:83:D8:D2:A4:E0:29:AA:D4:57:39:28:D2:A5:5F:A4:11 Certificate issuer: /CN=1E74494683D8D2A4E029AAD4573928D2A55FA411 Certificate serial: 48396FE50686F3646F36282FEC5DA354134AD18A Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/1E74494683D8D2A4E029AAD4573928D2A55FA411.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/d941fd11-c3d8-4774-b65a-c81a4907a460/1/B0A5A8ABB18AAA8DBD4783234511B53DBCA299BF.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/d941fd11-c3d8-4774-b65a-c81a4907a460/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sun 26 Apr 2026 10:43:49 +0000 Certificate not after: Sun 25 Apr 2027 10:48:49 +0000 Subordinate resources: IP: 2a13:c8c4:f400::/40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002f8ee6-abe7-4ae8-964c-788bb98c975c/1/1E74494683D8D2A4E029AAD4573928D2A55FA411.crl rsync://rsync.paas.rpki.ripe.net/repository/002f8ee6-abe7-4ae8-964c-788bb98c975c/1/1E74494683D8D2A4E029AAD4573928D2A55FA411.mft rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/1E74494683D8D2A4E029AAD4573928D2A55FA411.cer rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/ACB5DFF8A45DF5CDAFA2A95C715F10C5FE5F91A3.crl rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/ACB5DFF8A45DF5CDAFA2A95C715F10C5FE5F91A3.mft rsync://rpki.ripe.net/repository/DEFAULT/rLXf-KRd9c2voqlccV8Qxf5fkaM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 13:05:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:39:6f:e5:06:86:f3:64:6f:36:28:2f:ec:5d:a3:54:13:4a:d1:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1E74494683D8D2A4E029AAD4573928D2A55FA411 Validity Not Before: Apr 26 10:43:49 2026 GMT Not After : Apr 25 10:48:49 2027 GMT Subject: CN=B0A5A8ABB18AAA8DBD4783234511B53DBCA299BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:c1:dc:eb:41:b9:f9:1f:ab:98:6f:f4:09:17: 62:5d:ab:50:89:67:a2:ed:7e:96:8d:85:6f:68:b1: d0:ec:c5:9f:51:08:1e:b7:1d:9d:e0:5c:a5:d6:57: 07:0b:08:67:43:7a:76:bd:91:4f:18:3e:3c:83:a9: e5:a9:15:ed:e7:06:69:02:0f:7e:01:ea:66:fe:d1: 7c:d0:1e:c6:b4:cb:e4:76:29:01:a9:53:9a:78:22: 75:73:3a:9e:81:5c:49:8a:a0:99:7e:70:82:93:20: 43:68:9f:b0:db:90:fa:11:c9:7b:c1:b2:df:0c:05: 1d:2a:17:55:05:f7:34:ea:4a:6a:67:93:7f:b9:43: dd:f8:f5:84:74:0c:e3:34:a3:28:df:51:ec:26:78: 77:98:29:b3:0b:bc:01:0f:13:11:60:bf:92:5a:79: 53:d2:c9:d0:d0:96:69:d6:71:e5:f2:f3:c6:d9:93: c0:02:3f:4e:32:95:1e:09:f7:a8:f9:05:76:f3:e1: 07:41:88:9b:ab:bc:44:54:6d:c5:e4:67:a0:fc:6b: a5:07:76:59:4c:12:54:66:9c:bc:84:64:37:d4:a6: 5a:76:70:0c:8f:09:c1:8b:e2:20:0a:f1:7c:9f:82: 52:4d:98:56:3b:05:0c:ae:0e:39:71:ac:31:6d:c4: eb:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B0:A5:A8:AB:B1:8A:AA:8D:BD:47:83:23:45:11:B5:3D:BC:A2:99:BF X509v3 Authority Key Identifier: keyid:1E:74:49:46:83:D8:D2:A4:E0:29:AA:D4:57:39:28:D2:A5:5F:A4:11 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/002f8ee6-abe7-4ae8-964c-788bb98c975c/1/1E74494683D8D2A4E029AAD4573928D2A55FA411.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/1E74494683D8D2A4E029AAD4573928D2A55FA411.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/d941fd11-c3d8-4774-b65a-c81a4907a460/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/d941fd11-c3d8-4774-b65a-c81a4907a460/1/B0A5A8ABB18AAA8DBD4783234511B53DBCA299BF.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:c8c4:f400::/40 Signature Algorithm: sha256WithRSAEncryption ba:40:40:7e:87:ed:4b:6f:53:32:b3:61:ae:28:2a:c2:a7:35: df:0e:84:a3:63:1d:ef:a4:4a:e1:4d:8d:66:4a:36:1b:99:c1: 36:d0:13:5c:d0:cb:57:72:b0:a5:7f:fb:fa:58:66:a0:01:53: 78:ac:fa:03:1a:54:23:5c:15:1c:a3:76:bd:65:a5:57:76:a2: bc:cf:1d:b4:b9:e6:a5:8f:6a:f9:0b:23:01:07:a9:bc:6d:ae: 3a:b3:ff:f0:d8:05:b8:2b:ad:0d:17:a1:eb:24:a1:65:83:7d: 36:e1:86:b4:fc:3b:59:c5:1d:c9:b4:33:81:93:c1:5b:12:03: 95:ff:80:c5:9b:3f:81:7a:0c:35:dd:54:ad:e7:7e:e3:d6:98: f5:d5:50:47:6f:f2:bb:1f:b5:e7:92:c5:77:fc:de:ed:c9:e4: 92:e6:8c:25:33:69:d3:6d:eb:cf:68:46:f7:e4:65:5a:7d:38: 87:36:ca:d7:97:75:2a:37:f9:53:f5:98:29:3f:fb:8c:85:56: b5:1b:21:50:a9:c1:18:e9:3f:f7:a8:1c:a9:ed:dc:77:90:8b: 02:61:43:3d:32:86:99:51:02:86:76:3c:0b:bc:61:fe:a6:0e: 4f:2d:4b:0b:d0:26:8d:df:25:22:f7:16:4a:95:6a:df:d7:4a: 73:6a:a8:ca -----BEGIN CERTIFICATE----- MIIGFDCCBPygAwIBAgIUSDlv5QaG82RvNigv7F2jVBNK0YowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUU3NDQ5NDY4M0Q4RDJBNEUwMjlBQUQ0NTczOTI4RDJB NTVGQTQxMTAeFw0yNjA0MjYxMDQzNDlaFw0yNzA0MjUxMDQ4NDlaMDMxMTAvBgNV BAMTKEIwQTVBOEFCQjE4QUFBOERCRDQ3ODMyMzQ1MTFCNTNEQkNBMjk5QkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwwdzrQbn5H6uYb/QJF2Jdq1CJ Z6LtfpaNhW9osdDsxZ9RCB63HZ3gXKXWVwcLCGdDena9kU8YPjyDqeWpFe3nBmkC D34B6mb+0XzQHsa0y+R2KQGpU5p4InVzOp6BXEmKoJl+cIKTIENon7DbkPoRyXvB st8MBR0qF1UF9zTqSmpnk3+5Q9349YR0DOM0oyjfUewmeHeYKbMLvAEPExFgv5Ja eVPSydDQlmnWceXy88bZk8ACP04ylR4J96j5BXbz4QdBiJurvERUbcXkZ6D8a6UH dllMElRmnLyEZDfUplp2cAyPCcGL4iAK8XyfglJNmFY7BQyuDjlxrDFtxOs3AgMB AAGjggMeMIIDGjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSwpairsYqqjb1H gyNFEbU9vKKZvzAfBgNVHSMEGDAWgBQedElGg9jSpOApqtRXOSjSpV+kETAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wMDJmOGVlNi1hYmU3LTRh ZTgtOTY0Yy03ODhiYjk4Yzk3NWMvMS8xRTc0NDk0NjgzRDhEMkE0RTAyOUFBRDQ1 NzM5MjhEMkE1NUZBNDExLmNybDCBngYIKwYBBQUHAQEEgZEwgY4wgYsGCCsGAQUF BzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5 LzZjNDNkM2E2LTdkMTMtNDg5NS05NTlkLTQxOWI5YTZlYjM0Yi80LzFFNzQ0OTQ2 ODNEOEQyQTRFMDI5QUFENDU3MzkyOEQyQTU1RkE0MTEuY2VyMIIBPwYIKwYBBQUH AQsEggExMIIBLTBfBggrBgEFBQcwBYZTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9kOTQxZmQxMS1jM2Q4LTQ3NzQtYjY1YS1jODFh NDkwN2E0NjAvMS8wgYsGCCsGAQUFBzAKhn9yc3luYzovL3JzeW5jLnBhYXMucnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Q5NDFmZDExLWMzZDgtNDc3NC1iNjVhLWM4 MWE0OTA3YTQ2MC8xL0IwQTVBOEFCQjE4QUFBOERCRDQ3ODMyMzQ1MTFCNTNEQkNB Mjk5QkYubWZ0MDwGCCsGAQUFBzANhjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJp cGUubmV0L25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO AjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoTyMT0MA0GCSqGSIb3DQEB CwUAA4IBAQC6QEB+h+1Lb1Mys2GuKCrCpzXfDoSjYx3vpErhTY1mSjYbmcE20BNc 0MtXcrClf/v6WGagAVN4rPoDGlQjXBUco3a9ZaVXdqK8zx20uealj2r5CyMBB6m8 ba46s//w2AW4K60NF6HrJKFlg3024Ya0/DtZxR3JtDOBk8FbEgOV/4DFmz+Begw1 3VSt537j1pj11VBHb/K7H7XnksV3/N7tyeSS5owlM2nTbevPaEb35GVafTiHNsrX l3UqN/lT9ZgpP/uMhVa1GyFQqcEY6T/3qByp7dx3kIsCYUM9MoaZUQKGdjwLvGH+ pg5PLUsL0CaN3yUi9xZKlWrf10pzaqjK -----END CERTIFICATE-----Generated at Wed May 13 05:55:45 2026 by rpki-client