Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/33EDE0B0EE6D8AE9053E11C830DF759F85FB8157.cer
File: 33EDE0B0EE6D8AE9053E11C830DF759F85FB8157.cer (raw, json)
Hash identifier: pppUeRQh58grkEphEnJJxvOO/ZhqFVj8kSrwzhTa/bM=
Subject key identifier: 33:ED:E0:B0:EE:6D:8A:E9:05:3E:11:C8:30:DF:75:9F:85:FB:81:57
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 1D3AD5149B529D2512CAF39886AAA2B0127F2C6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/27ebde03-34df-4f2c-92fa-8fe1d083d15d/3/33EDE0B0EE6D8AE9053E11C830DF759F85FB8157.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/27ebde03-34df-4f2c-92fa-8fe1d083d15d/3/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Fri 22 Aug 2025 19:27:20 +0000
Certificate not after: Fri 21 Aug 2026 19:32:20 +0000
Subordinate resources: IP: 2a14:7580:ff90::/44
IP: 2a14:7583:2000::/36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3a:d5:14:9b:52:9d:25:12:ca:f3:98:86:aa:a2:b0:12:7f:2c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 22 19:27:20 2025 GMT
Not After : Aug 21 19:32:20 2026 GMT
Subject: CN=33EDE0B0EE6D8AE9053E11C830DF759F85FB8157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:af:dc:ba:38:70:f6:94:f5:03:64:36:89:33:
36:29:5c:64:60:bf:e2:37:45:1e:e9:92:f4:e1:b5:
54:cb:d8:8c:10:a7:8c:8d:35:54:61:06:c4:45:80:
b7:82:14:06:fe:fc:56:26:1d:8c:03:a1:9b:1a:b9:
11:97:31:7a:1d:57:cf:6a:9b:52:e8:53:f5:d4:ae:
15:36:9c:cc:40:00:d4:28:3c:75:0e:bb:58:32:60:
b5:cc:36:77:33:7b:bf:d1:67:56:ed:a6:fa:46:5b:
9b:8c:bb:e8:b8:fd:ef:96:8e:95:86:f0:4b:98:fb:
49:f0:5f:2e:0f:e7:bd:6c:be:dd:d4:00:ca:c2:ee:
b3:39:1c:28:e5:bb:0a:63:35:e3:4c:d0:88:5e:da:
e3:ce:7c:54:69:e8:5a:d8:d6:56:94:ca:f4:d0:e1:
8e:38:b1:60:6d:82:21:0c:5f:34:82:2c:7f:5f:8f:
c7:17:4d:b6:d2:63:7b:97:ee:4d:64:e5:c3:32:38:
2c:04:d9:80:4c:d1:db:19:f7:75:21:34:30:5f:e0:
1c:9b:78:36:62:e0:4d:2e:da:b7:4c:2a:ff:7d:2e:
66:8a:24:69:1f:88:06:a3:a7:65:eb:cc:05:d5:77:
d4:ed:e8:9e:bf:af:c3:a6:e6:86:78:90:a9:c5:9b:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
33:ED:E0:B0:EE:6D:8A:E9:05:3E:11:C8:30:DF:75:9F:85:FB:81:57
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/27ebde03-34df-4f2c-92fa-8fe1d083d15d/3/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/27ebde03-34df-4f2c-92fa-8fe1d083d15d/3/33EDE0B0EE6D8AE9053E11C830DF759F85FB8157.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff90::/44
2a14:7583:2000::/36
Signature Algorithm: sha256WithRSAEncryption
5b:4a:c5:c8:c3:7f:4e:59:4c:9b:a5:67:fd:d2:77:c5:ec:15:
d9:42:69:31:99:20:f9:98:81:37:87:09:db:26:87:52:30:69:
e5:dd:c2:9b:1f:cd:18:03:11:b3:01:81:06:1d:37:9d:2d:4c:
d7:08:83:4d:5e:2a:20:b7:53:23:23:3d:38:88:b3:4b:83:f5:
96:21:7a:56:1e:fd:5d:83:ff:f6:1e:de:9d:fd:cd:94:08:8e:
fa:55:48:4c:5d:b8:d5:54:a4:39:c9:88:d3:d6:46:40:9c:5c:
49:43:94:2d:c2:8e:7c:3d:72:1f:56:d2:9a:46:b4:25:2c:bc:
8e:c6:c5:14:4a:91:2e:4f:b5:52:1f:a0:61:b5:58:ac:5b:08:
da:1f:cd:23:25:0e:93:5f:6d:a0:08:db:5b:b3:11:74:56:51:
fa:0d:3e:85:54:b1:7b:26:fa:65:a3:f8:3f:61:15:00:44:84:
1e:a6:a6:a9:af:ea:11:91:18:9f:ea:e9:35:29:54:72:a5:fb:
63:e3:0a:77:9e:6d:c9:48:33:74:ea:88:2f:5d:65:2e:ce:95:
f3:71:f2:78:df:a6:49:2f:33:82:7b:fc:39:7b:f8:6a:36:e7:
bb:16:59:08:75:c8:2e:0f:88:c6:42:39:35:f4:44:9b:94:4e:
08:10:43:0c
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIUHTrVFJtSnSUSyvOYhqqisBJ/LGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA4MjIxOTI3MjBaFw0yNjA4MjExOTMyMjBaMDMxMTAvBgNV
BAMTKDMzRURFMEIwRUU2RDhBRTkwNTNFMTFDODMwREY3NTlGODVGQjgxNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTr9y6OHD2lPUDZDaJMzYpXGRg
v+I3RR7pkvThtVTL2IwQp4yNNVRhBsRFgLeCFAb+/FYmHYwDoZsauRGXMXodV89q
m1LoU/XUrhU2nMxAANQoPHUOu1gyYLXMNncze7/RZ1btpvpGW5uMu+i4/e+WjpWG
8EuY+0nwXy4P571svt3UAMrC7rM5HCjluwpjNeNM0Ihe2uPOfFRp6FrY1laUyvTQ
4Y44sWBtgiEMXzSCLH9fj8cXTbbSY3uX7k1k5cMyOCwE2YBM0dsZ93UhNDBf4Byb
eDZi4E0u2rdMKv99LmaKJGkfiAajp2XrzAXVd9Tt6J6/r8Om5oZ4kKnFm4bHAgMB
AAGjggLsMIIC6DAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQz7eCw7m2K6QU+
Ecgw33WfhfuBVzAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB
OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT
ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMjdlYmRlMDMtMzRkZi00ZjJjLTkyZmEtOGZlMWQwODNkMTVkLzMv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8yN2ViZGUwMy0zNGRmLTRmMmMtOTJmYS04ZmUxZDA4M2QxNWQv
My8zM0VERTBCMEVFNkQ4QUU5MDUzRTExQzgzMERGNzU5Rjg1RkI4MTU3Lm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUH
AQcBAf8EGzAZMBcEAgACMBEDBwQqFHWA/5ADBgQqFHWDIDANBgkqhkiG9w0BAQsF
AAOCAQEAW0rFyMN/TllMm6Vn/dJ3xewV2UJpMZkg+ZiBN4cJ2yaHUjBp5d3Cmx/N
GAMRswGBBh03nS1M1wiDTV4qILdTIyM9OIizS4P1liF6Vh79XYP/9h7enf3NlAiO
+lVITF241VSkOcmI09ZGQJxcSUOULcKOfD1yH1bSmka0JSy8jsbFFEqRLk+1Uh+g
YbVYrFsI2h/NIyUOk19toAjbW7MRdFZR+g0+hVSxeyb6ZaP4P2EVAESEHqamqa/q
EZEYn+rpNSlUcqX7Y+MKd55tyUgzdOqIL11lLs6V83HyeN+mSS8zgnv8OXv4ajbn
uxZZCHXILg+IxkI5NfREm5ROCBBDDA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:41:47 2025 by rpki-client