$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.cer File: 2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.cer (raw, json) Hash identifier: YFT445HTBpLWAllug3yr1V8hUUUfQyHYb8tCR9mqqUU= Subject key identifier: 2F:A9:A8:9E:E8:A4:D0:3C:0C:E0:DD:35:0E:B3:39:95:DD:DC:52:97 Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC Certificate serial: 7322345C0789CFDDFE7966318ED0E6F406302DDF Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sat 10 Aug 2024 12:00:45 +0000 Certificate not after: Sat 09 Aug 2025 12:05:45 +0000 Subordinate resources: IP: 2a0b:4e07:1c00::/38 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.mft rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 20 Sep 2024 01:28:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:22:34:5c:07:89:cf:dd:fe:79:66:31:8e:d0:e6:f4:06:30:2d:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC Validity Not Before: Aug 10 12:00:45 2024 GMT Not After : Aug 9 12:05:45 2025 GMT Subject: CN=2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bf:ec:6e:85:38:1a:d6:db:91:b4:4c:c1:d7: bd:9a:9b:7f:d5:79:1c:48:63:f0:a8:81:43:6d:ab: 93:2c:7e:5d:d6:3d:b4:af:c5:61:3f:e1:13:76:01: ef:f9:c0:7a:d6:57:bd:d6:7c:55:6b:dd:e1:d7:58: 28:64:e6:28:49:ad:ac:90:3b:b7:35:5f:9c:71:eb: 6a:02:77:69:82:80:c4:84:19:8b:24:2d:94:67:50: 18:37:6a:7a:0d:e8:fd:73:db:e2:a5:ff:a5:17:8c: 77:82:4d:c5:33:11:72:b3:94:58:d6:76:a0:a7:9e: ba:d4:3a:1e:ce:fd:bb:b5:02:1e:b7:e9:85:33:c9: 7c:46:46:e8:f0:07:fb:43:38:d8:dd:3c:c1:75:50: f3:cd:d4:f2:15:c6:bb:b8:7f:89:6f:25:42:e6:8d: ab:f7:12:51:d8:f1:13:6d:39:26:08:22:6d:cf:5e: b3:4c:5c:24:a3:89:fc:7b:9c:af:ba:19:d4:5b:75: 24:61:14:51:e2:77:2a:9d:cf:f9:10:7c:de:55:f8: d1:82:92:30:01:ce:ec:fb:6d:a6:35:ba:39:3e:62: b3:3e:d7:84:f6:a8:d2:7b:28:d9:f9:4e:70:11:00: e5:ce:1d:20:f5:ca:a3:67:f3:a1:4f:44:a3:2b:6c: 4c:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2F:A9:A8:9E:E8:A4:D0:3C:0C:E0:DD:35:0E:B3:39:95:DD:DC:52:97 X509v3 Authority Key Identifier: keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:4e07:1c00::/38 Signature Algorithm: sha256WithRSAEncryption 46:b9:bc:92:9b:69:05:14:af:01:4c:9d:84:7e:fe:89:ad:59: 33:70:51:01:39:bc:6a:92:35:1d:37:0c:1e:65:77:d5:59:bb: 0e:b5:8f:79:23:11:0a:d8:25:d1:99:57:89:61:65:8a:f9:e6: 36:37:28:db:cb:95:19:13:fb:d3:03:09:a4:1c:a4:38:e3:a3: a9:65:c7:8d:c1:f8:6b:6a:a2:79:62:a0:c4:d6:ab:b2:51:7b: 33:24:b0:f2:0c:77:a2:45:8a:c8:0f:6e:79:84:90:61:b4:82: d4:8d:6b:d4:8f:00:06:53:b0:24:9e:62:89:32:78:4f:43:bb: 4b:9f:78:52:37:c1:3f:b8:45:81:52:68:b4:b1:37:69:a1:5b: e0:1a:a5:c7:6c:11:c4:13:70:14:9e:40:49:d4:35:11:dc:fe: e3:e2:6a:43:fe:28:40:7a:ed:77:3f:cd:e7:05:2a:cb:1c:fb: 7d:fa:9a:ad:cb:90:ec:c4:c0:5e:6c:56:62:01:90:f3:28:fc: c4:12:9e:12:a5:5c:bb:d2:22:93:08:3e:a7:0f:b2:d3:01:25: 7d:e4:a2:22:24:97:37:f5:09:6a:28:0b:2c:ae:43:90:53:cb: 40:4b:e3:9f:c4:f3:a1:05:cc:f3:80:cf:e2:4f:25:bf:04:ce: c0:74:e0:75 -----BEGIN CERTIFICATE----- MIIGFDCCBPygAwIBAgIUcyI0XAeJz93+eWYxjtDm9AYwLd8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE NTgzNDBCQzAeFw0yNDA4MTAxMjAwNDVaFw0yNTA4MDkxMjA1NDVaMDMxMTAvBgNV BAMTKDJGQTlBODlFRThBNEQwM0MwQ0UwREQzNTBFQjMzOTk1REREQzUyOTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHv+xuhTga1tuRtEzB172am3/V eRxIY/CogUNtq5Msfl3WPbSvxWE/4RN2Ae/5wHrWV73WfFVr3eHXWChk5ihJrayQ O7c1X5xx62oCd2mCgMSEGYskLZRnUBg3anoN6P1z2+Kl/6UXjHeCTcUzEXKzlFjW dqCnnrrUOh7O/bu1Ah636YUzyXxGRujwB/tDONjdPMF1UPPN1PIVxru4f4lvJULm jav3ElHY8RNtOSYIIm3PXrNMXCSjifx7nK+6GdRbdSRhFFHidyqdz/kQfN5V+NGC kjABzuz7baY1ujk+YrM+14T2qNJ7KNn5TnARAOXOHSD1yqNn86FPRKMrbEzFAgMB AAGjggMeMIIDGjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQvqaie6KTQPAzg 3TUOszmV3dxSlzAfBgNVHSMEGDAWgBTRggdGarCn19HvPHzQLoC+1YNAvDAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wYzcwNDAxYy03ZjQxLTRh NmItOTQzNC1jYzgwZGNhMDkzZTYvMi9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE MDJFODBCRUQ1ODM0MEJDLmNybDCBngYIKwYBBQUHAQEEgZEwgY4wgYsGCCsGAQUF BzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5 LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4MTViYi8wL0QxODIwNzQ2 NkFCMEE3RDdEMUVGM0M3Q0QwMkU4MEJFRDU4MzQwQkMuY2VyMIIBPwYIKwYBBQUH AQsEggExMIIBLTBfBggrBgEFBQcwBYZTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS81MzFlOTcyMC0wYjYyLTQzYTgtOGUxZi0yMzA2 ODRlYWY5YWYvMS8wgYsGCCsGAQUFBzAKhn9yc3luYzovL3JzeW5jLnBhYXMucnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzMWU5NzIwLTBiNjItNDNhOC04ZTFmLTIz MDY4NGVhZjlhZi8xLzJGQTlBODlFRThBNEQwM0MwQ0UwREQzNTBFQjMzOTk1RERE QzUyOTcubWZ0MDwGCCsGAQUFBzANhjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJp cGUubmV0L25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO AjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioLTgccMA0GCSqGSIb3DQEB CwUAA4IBAQBGubySm2kFFK8BTJ2Efv6JrVkzcFEBObxqkjUdNwweZXfVWbsOtY95 IxEK2CXRmVeJYWWK+eY2Nyjby5UZE/vTAwmkHKQ446OpZceNwfhraqJ5YqDE1quy UXszJLDyDHeiRYrID255hJBhtILUjWvUjwAGU7AknmKJMnhPQ7tLn3hSN8E/uEWB Umi0sTdpoVvgGqXHbBHEE3AUnkBJ1DUR3P7j4mpD/ihAeu13P83nBSrLHPt9+pqt y5DsxMBebFZiAZDzKPzEEp4SpVy70iKTCD6nD7LTASV95KIiJJc39QlqKAssrkOQ U8tAS+OfxPOhBczzgM/iTyW/BM7AdOB1 -----END CERTIFICATE-----Generated at Thu Sep 19 17:01:31 2024 by rpki-client on console-ams.rpki-client.org