$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/DD52D18E6EE12FA0659CA4CA9501A176AF074403.cer File: DD52D18E6EE12FA0659CA4CA9501A176AF074403.cer (raw, json) Hash identifier: azNJwZTfAN2141xKuXJ9/ZivVqcp0eYCDVrk+v7Ro4Y= Subject key identifier: DD:52:D1:8E:6E:E1:2F:A0:65:9C:A4:CA:95:01:A1:76:AF:07:44:03 Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC Certificate serial: 1FA11927EEA0CA9B78474E358F3D0AD41961C907 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/2/DD52D18E6EE12FA0659CA4CA9501A176AF074403.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/2/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sat 07 Sep 2024 14:02:53 +0000 Certificate not after: Sat 06 Sep 2025 14:07:53 +0000 Subordinate resources: IP: 2a0b:4e07:1000::/37 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.mft rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 20 Sep 2024 01:28:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:a1:19:27:ee:a0:ca:9b:78:47:4e:35:8f:3d:0a:d4:19:61:c9:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC Validity Not Before: Sep 7 14:02:53 2024 GMT Not After : Sep 6 14:07:53 2025 GMT Subject: CN=DD52D18E6EE12FA0659CA4CA9501A176AF074403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5e:91:d8:1c:c8:70:67:39:82:a6:80:74:4a: d0:a4:1c:98:f7:18:bc:db:81:ed:dc:1d:3f:2a:d8: 3b:6a:6b:08:72:a0:a0:e3:b1:f1:a0:ac:72:90:ee: 7e:3e:a1:50:89:55:82:df:62:d1:d6:47:84:53:27: 97:b0:37:8a:0d:fc:ac:7f:6c:b4:22:e2:8f:50:31: 40:e3:ef:ba:0e:4c:66:7b:dc:3e:2d:a9:9b:46:4f: 94:32:d5:f5:ea:86:99:8c:9c:f3:4c:d8:19:a0:3a: aa:bc:27:5d:be:b2:14:21:75:c6:99:a9:7c:d8:65: 22:9e:2c:42:6c:23:4e:20:9a:9a:4a:2e:12:ee:3b: 87:59:63:fb:13:4c:57:2f:d0:70:34:20:98:5d:90: 3c:47:af:3f:75:68:9b:bf:71:be:63:df:07:a8:0a: ed:19:bd:ff:d1:84:9e:ef:c3:ad:6a:07:7b:16:dc: 7b:5f:ca:96:ff:d0:78:4d:f0:51:09:43:ee:20:f0: b7:74:8a:40:44:ef:d5:1a:6b:80:ed:09:01:e5:a0: eb:79:74:f2:5a:0b:10:90:96:07:b8:f3:bf:12:fb: 16:fb:bb:d0:1c:be:39:f3:d8:0e:97:ac:81:90:42: 80:1c:90:a7:2d:7e:a2:08:90:fc:a3:0d:95:eb:02: 49:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DD:52:D1:8E:6E:E1:2F:A0:65:9C:A4:CA:95:01:A1:76:AF:07:44:03 X509v3 Authority Key Identifier: keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/2/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/2/DD52D18E6EE12FA0659CA4CA9501A176AF074403.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:4e07:1000::/37 Signature Algorithm: sha256WithRSAEncryption 65:09:88:b2:73:d4:eb:5c:2b:92:2e:c6:8e:48:47:4c:41:43: e1:0a:ee:bd:41:7e:ce:44:87:ee:d4:cf:b0:90:05:e3:b0:e6: d9:fd:be:47:3b:d0:ed:ec:1b:e8:d9:b7:b0:fc:be:e7:d4:32: f4:1d:68:35:7e:9a:31:38:c7:39:2d:7d:c9:b3:6c:3b:7b:91: 16:43:b6:e9:7f:56:47:17:40:6b:7b:ca:e1:ce:67:21:58:17: 14:70:83:09:7f:9b:dc:14:18:54:14:c0:53:db:1a:0a:fc:ee: 0c:08:55:17:f5:ec:ed:0e:c0:56:d6:53:0b:77:33:49:75:a7: e4:c5:5c:43:17:e5:ca:ae:df:86:56:04:26:0b:e1:df:7f:9f: 08:5e:02:bf:d8:bd:77:29:58:40:2f:03:52:b6:45:ca:6c:a9: 4b:a2:bc:e1:b4:f5:53:e4:80:05:e1:5a:b7:c6:ad:54:ff:ac: 9d:3c:b0:8f:a1:b9:02:10:1d:27:21:51:8c:42:e1:41:be:b4: 1b:df:94:7f:48:31:32:d4:c8:04:81:54:93:39:b9:1e:99:ce: f6:b5:6c:11:6d:f0:0e:34:c4:b2:86:50:2d:f3:c9:50:5b:2a: 29:f2:99:9f:d5:e0:7e:3c:8b:35:7e:0b:87:bb:53:a7:0f:ca: 82:78:cc:60 -----BEGIN CERTIFICATE----- MIIGFDCCBPygAwIBAgIUH6EZJ+6gypt4R041jz0K1BlhyQcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE NTgzNDBCQzAeFw0yNDA5MDcxNDAyNTNaFw0yNTA5MDYxNDA3NTNaMDMxMTAvBgNV BAMTKERENTJEMThFNkVFMTJGQTA2NTlDQTRDQTk1MDFBMTc2QUYwNzQ0MDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6XpHYHMhwZzmCpoB0StCkHJj3 GLzbge3cHT8q2DtqawhyoKDjsfGgrHKQ7n4+oVCJVYLfYtHWR4RTJ5ewN4oN/Kx/ bLQi4o9QMUDj77oOTGZ73D4tqZtGT5Qy1fXqhpmMnPNM2BmgOqq8J12+shQhdcaZ qXzYZSKeLEJsI04gmppKLhLuO4dZY/sTTFcv0HA0IJhdkDxHrz91aJu/cb5j3weo Cu0Zvf/RhJ7vw61qB3sW3Htfypb/0HhN8FEJQ+4g8Ld0ikBE79Uaa4DtCQHloOt5 dPJaCxCQlge4878S+xb7u9Acvjnz2A6XrIGQQoAckKctfqIIkPyjDZXrAkkZAgMB AAGjggMeMIIDGjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTdUtGObuEvoGWc pMqVAaF2rwdEAzAfBgNVHSMEGDAWgBTRggdGarCn19HvPHzQLoC+1YNAvDAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wYzcwNDAxYy03ZjQxLTRh NmItOTQzNC1jYzgwZGNhMDkzZTYvMi9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE MDJFODBCRUQ1ODM0MEJDLmNybDCBngYIKwYBBQUHAQEEgZEwgY4wgYsGCCsGAQUF BzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5 LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4MTViYi8wL0QxODIwNzQ2 NkFCMEE3RDdEMUVGM0M3Q0QwMkU4MEJFRDU4MzQwQkMuY2VyMIIBPwYIKwYBBQUH AQsEggExMIIBLTBfBggrBgEFBQcwBYZTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9kODY5YjMzYi01MTIyLTRhYjgtYmI1OS05ODAy MmQ2MzkxYTAvMi8wgYsGCCsGAQUFBzAKhn9yc3luYzovL3JzeW5jLnBhYXMucnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Q4NjliMzNiLTUxMjItNGFiOC1iYjU5LTk4 MDIyZDYzOTFhMC8yL0RENTJEMThFNkVFMTJGQTA2NTlDQTRDQTk1MDFBMTc2QUYw NzQ0MDMubWZ0MDwGCCsGAQUFBzANhjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJp cGUubmV0L25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO AjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoLTgcQMA0GCSqGSIb3DQEB CwUAA4IBAQBlCYiyc9TrXCuSLsaOSEdMQUPhCu69QX7ORIfu1M+wkAXjsObZ/b5H O9Dt7Bvo2bew/L7n1DL0HWg1fpoxOMc5LX3Js2w7e5EWQ7bpf1ZHF0Bre8rhzmch WBcUcIMJf5vcFBhUFMBT2xoK/O4MCFUX9eztDsBW1lMLdzNJdafkxVxDF+XKrt+G VgQmC+Hff58IXgK/2L13KVhALwNStkXKbKlLorzhtPVT5IAF4Vq3xq1U/6ydPLCP obkCEB0nIVGMQuFBvrQb35R/SDEy1MgEgVSTObkemc72tWwRbfAONMSyhlAt88lQ Wyop8pmf1eB+PIs1fguHu1OnD8qCeMxg -----END CERTIFICATE-----Generated at Thu Sep 19 17:01:31 2024 by rpki-client on console-ams.rpki-client.org