$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41CF30FBDC220B6E4A6FA67792B3B248EECF6570.cer File: 41CF30FBDC220B6E4A6FA67792B3B248EECF6570.cer (raw, json) Hash identifier: oZBr+vzb3/Z74Vcdt2zCEQAJgbxfmQMcdhCy2CZ0Kak= Subject key identifier: 41:CF:30:FB:DC:22:0B:6E:4A:6F:A6:77:92:B3:B2:48:EE:CF:65:70 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 63FF484E9D60EE7957A3B7D062D1ED3627FC79EB Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/41CF30FBDC220B6E4A6FA67792B3B248EECF6570.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Mon 24 Jun 2024 06:53:20 +0000 Certificate not after: Mon 23 Jun 2025 06:58:20 +0000 Subordinate resources: IP: 2a07:54c1:c500::/40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 03 Jul 2024 20:41:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:ff:48:4e:9d:60:ee:79:57:a3:b7:d0:62:d1:ed:36:27:fc:79:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Jun 24 06:53:20 2024 GMT Not After : Jun 23 06:58:20 2025 GMT Subject: CN=41CF30FBDC220B6E4A6FA67792B3B248EECF6570 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:32:2f:08:1f:b5:81:3a:f2:28:75:c3:b3:8e: b3:a3:ee:ea:14:ef:f8:a1:1c:88:c3:a0:a8:96:d3: 92:67:f3:c5:92:46:b8:17:df:40:fa:8d:9f:d3:38: fa:4e:61:79:a4:4b:b6:ee:e1:23:4a:8e:d2:f4:f7: cf:fe:7d:e2:1a:d8:4f:8d:f1:78:dd:13:42:c5:83: bb:9d:c4:0a:f4:02:af:fd:8d:47:68:83:2c:2e:c1: 10:b1:3c:fb:3f:70:0c:ef:20:17:c4:ce:9d:12:44: a3:97:71:e7:e0:e9:f7:3f:f5:a1:11:7a:82:d8:bb: 2e:c1:a5:77:89:7a:0a:aa:a3:81:b0:b0:e9:c8:3a: 40:76:b8:23:6d:5f:1d:82:2f:30:9e:c1:b0:30:0d: a1:02:5c:8b:08:d5:76:df:7d:fe:dc:8f:cf:3c:c2: 88:7f:ee:8f:71:b3:1d:3b:b5:26:b7:27:35:df:1f: 15:8e:bb:0a:ff:1a:7b:3b:75:35:8c:dd:ea:cf:74: a3:64:4f:3d:cf:2c:7a:1a:81:1b:f1:e1:c4:fa:70: 48:e4:b3:2e:ef:d1:9a:d1:5b:74:73:e0:52:7e:7f: 92:c9:83:af:a2:f1:bf:75:6f:30:24:b5:b3:59:6a: 8a:1c:53:51:67:cd:5b:b8:9e:a4:19:f5:c4:8a:9e: 71:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:CF:30:FB:DC:22:0B:6E:4A:6F:A6:77:92:B3:B2:48:EE:CF:65:70 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/41CF30FBDC220B6E4A6FA67792B3B248EECF6570.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:c500::/40 Signature Algorithm: sha256WithRSAEncryption 9f:bb:04:d6:89:d9:ce:44:27:8d:2d:76:3b:3b:64:3a:ff:a3: e1:cc:3f:f9:7e:ad:c6:39:51:da:dd:37:c2:9e:2d:c1:88:21: ec:6f:28:19:fa:5f:f1:7a:f1:6d:b9:ce:a9:ab:de:b2:69:c4: 24:96:69:a9:08:cc:c0:c9:b4:3c:86:c3:e0:51:da:c0:3e:88: c9:c9:6e:bc:5b:26:be:ca:8a:d7:6e:2c:9f:06:08:3d:aa:60: 6b:ef:04:0f:37:b9:d3:42:87:5f:70:8a:50:b9:74:42:e9:7f: a6:e2:04:40:ec:fc:56:96:0a:b8:62:eb:bc:04:d9:25:52:a4: 52:ee:00:cb:8f:a5:bd:73:07:c3:84:68:c5:fa:8b:cd:1e:6f: 55:03:f5:6e:57:f6:5f:db:69:f6:ef:fb:69:1b:eb:f9:53:9e: c6:81:e4:1b:6a:1b:26:c6:2f:b3:b7:46:56:63:90:8f:62:e4: d7:8b:a0:cb:c0:89:eb:cc:2a:4c:86:92:48:41:69:b1:fb:1d: 77:70:03:e1:8f:1b:84:9f:d0:77:cb:9c:9a:e3:ac:e6:40:12: a7:2d:de:78:bc:ef:10:a4:b7:29:92:e1:0e:4a:82:79:41:61: 7a:05:26:11:15:ff:9f:0a:68:6e:39:5d:77:56:b7:ad:33:be: 50:c4:82:34 -----BEGIN CERTIFICATE----- MIIGCTCCBPGgAwIBAgIUY/9ITp1g7nlXo7fQYtHtNif8eeswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDA2MjQwNjUzMjBaFw0yNTA2MjMwNjU4MjBaMDMxMTAvBgNV BAMTKDQxQ0YzMEZCREMyMjBCNkU0QTZGQTY3NzkyQjNCMjQ4RUVDRjY1NzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxMi8IH7WBOvIodcOzjrOj7uoU 7/ihHIjDoKiW05Jn88WSRrgX30D6jZ/TOPpOYXmkS7bu4SNKjtL098/+feIa2E+N 8XjdE0LFg7udxAr0Aq/9jUdogywuwRCxPPs/cAzvIBfEzp0SRKOXcefg6fc/9aER eoLYuy7BpXeJegqqo4GwsOnIOkB2uCNtXx2CLzCewbAwDaECXIsI1Xbfff7cj888 woh/7o9xsx07tSa3JzXfHxWOuwr/Gns7dTWM3erPdKNkTz3PLHoagRvx4cT6cEjk sy7v0ZrRW3Rz4FJ+f5LJg6+i8b91bzAktbNZaoocU1FnzVu4nqQZ9cSKnnHRAgMB AAGjggMTMIIDDzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRBzzD73CILbkpv pneSs7JI7s9lcDAfBgNVHSMEGDAWgBRB9lfPNWTyM7l39ArKXkvRDh4vjjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC80MUY2NTdDRjM1NjRGMjMzQjk3N0Y0MEFD QTVFNEJEMTBFMUUyRjhFLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUF BzAChnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhh ZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi80MUY2NTdDRjM1NjRGMjMzQjk3 N0Y0MEFDQTVFNEJEMTBFMUUyRjhFLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvN2Y1ZDJhMWItY2FjYy00ZTIyLThhZjItOWYyMGE5MzI5YmNiLzIv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS83ZjVkMmExYi1jYWNjLTRlMjItOGFmMi05ZjIwYTkzMjliY2Iv Mi80MUNGMzBGQkRDMjIwQjZFNEE2RkE2Nzc5MkIzQjI0OEVFQ0Y2NTcwLm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH AQcBAf8EEjAQMA4EAgACMAgDBgAqB1TBxTANBgkqhkiG9w0BAQsFAAOCAQEAn7sE 1onZzkQnjS12OztkOv+j4cw/+X6txjlR2t03wp4twYgh7G8oGfpf8XrxbbnOqave smnEJJZpqQjMwMm0PIbD4FHawD6IycluvFsmvsqK124snwYIPapga+8EDze500KH X3CKULl0Qul/puIEQOz8VpYKuGLrvATZJVKkUu4Ay4+lvXMHw4RoxfqLzR5vVQP1 blf2X9tp9u/7aRvr+VOexoHkG2obJsYvs7dGVmOQj2Lk14ugy8CJ68wqTIaSSEFp sfsdd3AD4Y8bhJ/Qd8ucmuOs5kASpy3eeLzvEKS3KZLhDkqCeUFhegUmERX/nwpo bjldd1a3rTO+UMSCNA== -----END CERTIFICATE-----Generated at Wed Jul 3 03:43:08 2024 by rpki-client on console-fra.rpki-client.org