$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer File: 32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer (raw, json) Hash identifier: wek+983bGhL1rzAGEQfUwkdPjxaB107zXZnMxNclcBQ= Subject key identifier: 32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4 Authority key identifier: CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50 Certificate issuer: /CN=CDC014669D381152AFB94B76936268BFF73E7D50 Certificate serial: 414FC5178E0FEC82BC7965DB5A3F141CA8E25FB6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Tue 30 Jan 2024 06:28:17 +0000 Certificate not after: Tue 28 Jan 2025 06:33:17 +0000 Subordinate resources: IP: 2a11:29c0:9eb0::/44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.mft rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 May 2024 14:16:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:4f:c5:17:8e:0f:ec:82:bc:79:65:db:5a:3f:14:1c:a8:e2:5f:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDC014669D381152AFB94B76936268BFF73E7D50 Validity Not Before: Jan 30 06:28:17 2024 GMT Not After : Jan 28 06:33:17 2025 GMT Subject: CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e9:4b:30:66:12:c0:23:59:3a:27:84:ed:86: bd:71:5f:91:9f:2c:11:51:a3:97:54:de:51:02:19: 71:22:f2:5e:0d:4f:4e:9d:82:db:3d:96:3f:b5:37: 23:6e:4c:c6:fb:ea:f0:af:d9:5d:1e:7f:7e:86:34: 93:56:d5:cb:8a:d9:7a:aa:56:ef:8a:79:6e:30:17: 86:b5:af:50:2b:1a:d8:44:ff:1b:6f:82:ee:23:e8: fe:4f:b2:ed:d0:40:90:f8:1c:da:2e:fb:ad:2e:37: 1f:00:a1:83:98:be:60:f3:51:5c:c2:1d:6c:67:06: bd:26:aa:f3:4d:86:c6:93:9b:4f:f7:48:4d:03:c3: 3a:be:3f:f0:c3:fa:27:2b:6a:cf:5b:6c:b6:ce:8d: a3:b1:38:52:c3:97:fe:6d:02:1c:04:18:5c:b7:ad: d2:dd:e4:a2:d1:24:35:0c:15:ca:dd:01:7d:90:2e: dc:32:2a:29:8c:0a:b6:87:c4:a4:5e:f8:9c:85:6d: 13:c8:5b:84:bb:65:2d:10:62:74:f2:ff:0b:c7:1d: 7a:5e:65:d0:0d:cf:05:46:ce:ef:cc:4e:c5:c9:ed: f1:95:e6:8a:da:8b:7f:89:7a:61:d8:56:da:40:de: a0:79:91:9c:b3:7b:5f:a4:9d:dd:4f:63:4f:a6:79: 96:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4 X509v3 Authority Key Identifier: keyid:CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:29c0:9eb0::/44 Signature Algorithm: sha256WithRSAEncryption 49:b0:ca:7a:66:96:98:a8:88:b7:61:40:39:70:07:cc:45:2d: f9:65:d4:7b:34:91:38:7a:ad:5b:be:d9:b9:f6:27:ee:6b:5c: 69:77:fa:3b:08:02:23:be:45:66:cb:64:4f:7c:95:d4:c7:f9: 96:68:d9:96:93:e0:b6:82:56:d9:62:81:96:da:a8:56:dc:c7: 43:13:57:85:06:de:0a:e5:4a:c7:a9:90:64:d7:00:ae:1c:68: 09:4d:e0:8a:2a:09:64:99:e3:ae:58:15:b1:77:dd:27:b5:27: 59:d5:68:36:02:eb:24:70:95:65:58:75:f0:e6:08:ba:b1:ae: b4:39:b2:72:c3:17:58:a5:50:73:4d:4d:0c:8f:23:c7:5e:e4: 39:34:3c:13:a9:72:b5:4b:9e:5d:65:61:da:42:a6:b6:18:4b: cb:b8:94:09:27:38:a5:46:a3:6d:df:a9:37:a0:bc:73:b4:04: 60:59:c1:8b:dd:2f:cc:d2:1c:88:02:96:c6:5b:80:6b:cb:8d: fc:22:8f:74:a3:44:ab:53:cb:a9:97:34:54:a3:5c:7d:3e:3a: a3:df:8a:d6:96:81:8c:b2:d4:63:12:b4:dd:55:fa:9e:54:4d: d3:5d:43:09:eb:78:99:05:47:07:dd:07:ef:e3:f9:ec:42:49: 1f:48:36:dd -----BEGIN CERTIFICATE----- MIIGFTCCBP2gAwIBAgIUQU/FF44P7IK8eWXbWj8UHKjiX7YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZG NzNFN0Q1MDAeFw0yNDAxMzAwNjI4MTdaFw0yNTAxMjgwNjMzMTdaMDMxMTAvBgNV BAMTKDMyMzk4QTE0MDZBMUMxRDMyM0NBNjNDQjMyMEZGRDFFQjREMUIwQzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/6UswZhLAI1k6J4Tthr1xX5Gf LBFRo5dU3lECGXEi8l4NT06dgts9lj+1NyNuTMb76vCv2V0ef36GNJNW1cuK2Xqq Vu+KeW4wF4a1r1ArGthE/xtvgu4j6P5Psu3QQJD4HNou+60uNx8AoYOYvmDzUVzC HWxnBr0mqvNNhsaTm0/3SE0Dwzq+P/DD+icras9bbLbOjaOxOFLDl/5tAhwEGFy3 rdLd5KLRJDUMFcrdAX2QLtwyKimMCraHxKRe+JyFbRPIW4S7ZS0QYnTy/wvHHXpe ZdANzwVGzu/MTsXJ7fGV5orai3+JemHYVtpA3qB5kZyze1+knd1PY0+meZZnAgMB AAGjggMfMIIDGzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQyOYoUBqHB0yPK Y8syD/0etNGwxDAfBgNVHSMEGDAWgBTNwBRmnTgRUq+5S3aTYmi/9z59UDAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1 NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi9DREMwMTQ2NjlEMzgxMTUyQUZCOTRCNzY5 MzYyNjhCRkY3M0U3RDUwLmNybDCBngYIKwYBBQUHAQEEgZEwgY4wgYsGCCsGAQUF BzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5 LzgxMTE1YmM2LTEwZjYtNGFmMy1iYTA5LThiNjg3YTU2ZmJmNS8wL0NEQzAxNDY2 OUQzODExNTJBRkI5NEI3NjkzNjI2OEJGRjczRTdENTAuY2VyMIIBPwYIKwYBBQUH AQsEggExMIIBLTBfBggrBgEFBQcwBYZTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS8xYmY4ZTk3Ny03Mjc4LTQ2Y2YtYWJkMS05OWNk MWZkMmJlNGUvOC8wgYsGCCsGAQUFBzAKhn9yc3luYzovL3JzeW5jLnBhYXMucnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5LzFiZjhlOTc3LTcyNzgtNDZjZi1hYmQxLTk5 Y2QxZmQyYmU0ZS84LzMyMzk4QTE0MDZBMUMxRDMyM0NBNjNDQjMyMEZGRDFFQjRE MUIwQzQubWZ0MDwGCCsGAQUFBzANhjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJp cGUubmV0L25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO AjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoRKcCesDANBgkqhkiG9w0B AQsFAAOCAQEASbDKemaWmKiIt2FAOXAHzEUt+WXUezSROHqtW77ZufYn7mtcaXf6 OwgCI75FZstkT3yV1Mf5lmjZlpPgtoJW2WKBltqoVtzHQxNXhQbeCuVKx6mQZNcA rhxoCU3giioJZJnjrlgVsXfdJ7UnWdVoNgLrJHCVZVh18OYIurGutDmycsMXWKVQ c01NDI8jx17kOTQ8E6lytUueXWVh2kKmthhLy7iUCSc4pUajbd+pN6C8c7QEYFnB i90vzNIciAKWxluAa8uN/CKPdKNEq1PLqZc0VKNcfT46o9+K1paBjLLUYxK03VX6 nlRN011DCet4mQVHB90H7+P57EJJH0g23Q== -----END CERTIFICATE-----Generated at Thu May 16 23:40:42 2024 by rpki-client on console-ams.rpki-client.org