$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/B89BFA84DC5AFE05076A0800B960FEA22FC90D09.cer File: B89BFA84DC5AFE05076A0800B960FEA22FC90D09.cer (raw, json) Hash identifier: +211NswqdTIbrsjWWZ5Vwn6uEnCMrJ3uyiHrc7Amlqc= Subject key identifier: B8:9B:FA:84:DC:5A:FE:05:07:6A:08:00:B9:60:FE:A2:2F:C9:0D:09 Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03 Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503 Certificate serial: 1FD7840EBBB30833589FEDF1575DEB83EBEA0A9D Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/B89BFA84DC5AFE05076A0800B960FEA22FC90D09.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Fri 22 Mar 2024 20:14:29 +0000 Certificate not after: Fri 21 Mar 2025 20:19:29 +0000 Subordinate resources: IP: 2a0a:6044:7c00::/40 IP: 2a0a:6044:8000::/36 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:d7:84:0e:bb:b3:08:33:58:9f:ed:f1:57:5d:eb:83:eb:ea:0a:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503 Validity Not Before: Mar 22 20:14:29 2024 GMT Not After : Mar 21 20:19:29 2025 GMT Subject: CN=B89BFA84DC5AFE05076A0800B960FEA22FC90D09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:af:f7:d8:17:eb:67:3a:f9:44:51:d9:ec:4b: f5:3a:e2:70:da:13:3a:e5:49:ea:14:c7:e9:5e:5f: b0:d1:a5:3c:9a:26:19:03:e6:25:4f:be:6c:6a:d7: 16:72:1c:0b:82:ce:c5:f5:88:80:6e:47:2a:8c:d3: db:8b:f4:ed:10:65:80:cd:28:72:47:4e:19:6f:a1: 4c:fd:6e:94:3c:23:a2:a5:ef:31:f6:23:c2:65:4b: 33:7e:9e:19:c9:54:aa:3c:97:5f:6a:10:fc:0e:5e: a2:e6:43:63:a4:ac:ad:c1:d7:24:47:83:23:71:87: 78:0c:93:01:fe:7d:09:5b:79:93:f6:4f:ba:e3:6c: c2:7d:cc:fe:70:dc:27:37:0c:36:c2:05:d7:7d:42: fc:db:ff:9d:62:47:f0:a4:5f:4f:62:63:45:33:17: 62:ea:82:fa:64:36:f2:e0:b9:b4:97:82:2b:e9:b8: 2b:da:1f:5e:3a:40:16:24:04:d3:22:77:d5:1f:37: 8f:84:ef:e0:dd:0c:1c:25:9c:12:f8:f1:d0:19:71: 87:a4:e9:1a:20:a9:69:c1:cc:d5:5b:a6:97:33:df: b0:6c:82:4a:0b:9e:66:ad:8b:ea:82:3d:b8:96:67: 4b:a2:aa:e3:4b:be:96:33:2b:e9:8d:68:7d:08:20: a8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B8:9B:FA:84:DC:5A:FE:05:07:6A:08:00:B9:60:FE:A2:2F:C9:0D:09 X509v3 Authority Key Identifier: keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/B89BFA84DC5AFE05076A0800B960FEA22FC90D09.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6044:7c00::/40 2a0a:6044:8000::/36 Signature Algorithm: sha256WithRSAEncryption b7:89:b7:fa:9b:be:cd:ab:46:2b:71:e5:2e:f9:67:2e:48:54: 5f:4a:fc:e3:f1:97:17:41:f3:b3:78:7c:04:1a:93:d8:57:f6: ee:ed:31:58:b3:91:07:60:c9:f8:50:c5:d7:9a:7e:cc:3b:80: a1:3a:21:dc:d4:9c:93:ac:1b:1b:75:b5:56:f8:b8:dd:5e:ad: e4:15:2e:f0:32:ee:f6:ae:bb:6d:7c:a2:9a:61:d9:51:bf:8b: cf:53:6d:f5:04:c5:b7:a2:c2:58:4f:0f:cd:a7:9f:3f:d9:85: 01:05:1e:d8:07:c7:bb:9b:14:3e:05:0e:7d:f6:0b:5a:54:51: 10:29:6c:f4:3d:3d:8e:35:e3:47:e3:0d:85:d2:20:a2:b9:3b: d1:49:dc:95:e3:50:2f:34:2f:d1:cb:a8:8c:5a:35:b9:fc:26: 34:cf:7e:60:6b:20:37:c5:84:49:11:7b:96:0b:92:12:eb:e5: fc:98:17:d5:20:b8:dd:0e:b3:b3:80:1e:48:dd:c1:5b:87:f3: 95:a8:33:64:c8:da:d5:0f:7b:70:70:e1:0f:de:e3:55:66:16: c3:a5:ee:fb:a1:88:3f:69:b9:ab:d0:df:13:6c:8d:30:8f:4f: d0:df:83:0a:ad:5e:79:cc:aa:43:ba:6e:a2:50:51:ba:77:44: a4:98:90:3a -----BEGIN CERTIFICATE----- MIIGETCCBPmgAwIBAgIUH9eEDruzCDNYn+3xV13rg+vqCp0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD ODhGODUwMzAeFw0yNDAzMjIyMDE0MjlaFw0yNTAzMjEyMDE5MjlaMDMxMTAvBgNV BAMTKEI4OUJGQTg0REM1QUZFMDUwNzZBMDgwMEI5NjBGRUEyMkZDOTBEMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVr/fYF+tnOvlEUdnsS/U64nDa EzrlSeoUx+leX7DRpTyaJhkD5iVPvmxq1xZyHAuCzsX1iIBuRyqM09uL9O0QZYDN KHJHThlvoUz9bpQ8I6Kl7zH2I8JlSzN+nhnJVKo8l19qEPwOXqLmQ2OkrK3B1yRH gyNxh3gMkwH+fQlbeZP2T7rjbMJ9zP5w3Cc3DDbCBdd9Qvzb/51iR/CkX09iY0Uz F2LqgvpkNvLgubSXgivpuCvaH146QBYkBNMid9UfN4+E7+DdDBwlnBL48dAZcYek 6RogqWnBzNVbppcz37BsgkoLnmati+qCPbiWZ0uiquNLvpYzK+mNaH0IIKgnAgMB AAGjggMbMIIDFzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS4m/qE3Fr+BQdq CAC5YP6iL8kNCTAfBgNVHSMEGDAWgBRXqXRv5UPrPqDUSVNCRMk/yI+FAzAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1 NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC81N0E5NzQ2RkU1NDNFQjNFQTBENDQ5NTM0 MjQ0QzkzRkM4OEY4NTAzLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUF BzAChnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhh ZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi81N0E5NzQ2RkU1NDNFQjNFQTBE NDQ5NTM0MjQ0QzkzRkM4OEY4NTAzLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvNDkxYTQzYmMtNzZlYy00YWJlLWJhN2QtZTczZTkwZDY2MmNiLzEv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS80OTFhNDNiYy03NmVjLTRhYmUtYmE3ZC1lNzNlOTBkNjYyY2Iv MS9CODlCRkE4NERDNUFGRTA1MDc2QTA4MDBCOTYwRkVBMjJGQzkwRDA5Lm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUH AQcBAf8EGjAYMBYEAgACMBADBgAqCmBEfAMGBCoKYESAMA0GCSqGSIb3DQEBCwUA A4IBAQC3ibf6m77Nq0YrceUu+WcuSFRfSvzj8ZcXQfOzeHwEGpPYV/bu7TFYs5EH YMn4UMXXmn7MO4ChOiHc1JyTrBsbdbVW+LjdXq3kFS7wMu72rrttfKKaYdlRv4vP U231BMW3osJYTw/Np58/2YUBBR7YB8e7mxQ+BQ599gtaVFEQKWz0PT2ONeNH4w2F 0iCiuTvRSdyV41AvNC/Ry6iMWjW5/CY0z35gayA3xYRJEXuWC5IS6+X8mBfVILjd DrOzgB5I3cFbh/OVqDNkyNrVD3twcOEP3uNVZhbDpe77oYg/abmr0N8TbI0wj0/Q 34MKrV55zKpDum6iUFG6d0SkmJA6 -----END CERTIFICATE-----Generated at Thu Nov 21 18:06:09 2024 by rpki-client on console-fra.rpki-client.org