$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer File: 090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer (raw, json) Hash identifier: duvzFSF4RfqaxwQ7G43sYvoZ2HfHd8YLA9su+vFOFA8= Subject key identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 4602FCAC4116E55B798D8172E4CD1EFD4B840D6F Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Tue 19 Sep 2023 02:09:59 +0000 Certificate not after: Tue 17 Sep 2024 02:14:59 +0000 Subordinate resources: IP: 2a07:54c1:4200::/40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 01 Jun 2024 13:33:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:02:fc:ac:41:16:e5:5b:79:8d:81:72:e4:cd:1e:fd:4b:84:0d:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Sep 19 02:09:59 2023 GMT Not After : Sep 17 02:14:59 2024 GMT Subject: CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e3:97:e8:c9:d6:2f:28:66:f1:97:6a:e3:d1: 6f:ee:4f:9d:da:16:a1:71:ea:d5:90:e3:0a:81:ff: 51:75:c4:ea:0a:d8:4d:f7:0f:b1:39:77:e6:cb:1f: 90:59:8a:e7:23:5e:81:7d:b3:59:8d:79:4e:13:12: 6a:97:ef:97:89:8c:b4:49:c3:85:a3:47:cf:20:d9: b7:f0:7d:b5:11:99:53:2a:ce:c3:1c:55:6f:67:06: 56:79:26:05:89:1f:5f:81:42:1c:92:e6:2c:89:b4: 40:a7:77:95:32:2a:ae:82:3f:b2:f1:ce:e6:cd:57: a7:de:47:15:a7:a4:0e:ee:13:63:a7:80:e0:34:54: ff:82:b1:55:00:47:08:19:49:b1:50:76:47:c8:e6: 9b:84:ae:aa:19:ef:3d:dc:e3:18:cc:fd:22:e1:92: fa:1c:62:41:ab:48:dc:43:13:31:00:be:07:3b:c3: b6:ee:12:25:8a:14:72:62:27:46:5e:e9:bf:bb:83: 20:7e:24:fe:01:7f:f1:c9:86:5f:c8:a7:bd:22:c0: 70:10:01:9c:99:a3:e3:82:7a:5b:5d:e2:eb:68:fd: f5:4e:a9:0c:5d:6f:96:31:9e:e6:2e:76:88:b3:c1: 81:08:54:88:8a:7c:9d:56:45:07:08:f8:4e:d6:70: d0:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4200::/40 Signature Algorithm: sha256WithRSAEncryption 89:3b:e0:04:cc:b8:ef:44:41:14:78:e3:2b:d6:bf:46:d5:95: f3:fb:cb:e2:ad:c2:b4:09:41:20:48:5f:e1:97:ce:5f:cb:e8: f0:66:3f:81:e1:d8:7e:ed:40:fe:50:d6:82:22:95:34:92:e3: 58:1d:bd:8f:9a:39:1f:19:dd:52:c4:46:c1:83:43:5d:4a:92: 99:d2:be:cc:ee:8e:0f:80:52:64:2d:b0:63:78:1d:1e:dd:71: 6d:5b:cb:e5:63:ab:51:49:1c:c3:f7:41:1e:73:42:ef:f1:5b: 13:4f:e1:f5:ef:9d:43:0b:cb:55:f4:dc:74:61:18:e8:2a:84: 42:34:b8:61:fd:0a:e7:ff:0f:a9:b7:79:0e:be:9b:8e:76:21: 64:8d:57:b4:de:dc:74:be:a7:50:61:0c:43:fe:b5:18:fc:33: b8:9a:18:fe:75:99:ed:c7:71:cb:0e:3b:73:ca:0a:20:71:94: 70:d7:bd:d7:63:bb:94:c7:90:e1:76:1e:3e:f5:98:99:e6:ae: d6:d7:4a:a8:2c:da:ea:8c:44:c5:c9:32:95:7a:e4:07:7a:6c: 04:f7:57:e5:c9:c5:b6:0d:e6:53:3e:10:4f:17:0f:10:5f:c8: 61:19:68:a3:8b:22:d7:30:1d:c7:d3:21:91:3f:51:34:a2:cc: 38:a5:c7:0d -----BEGIN CERTIFICATE----- MIIGCTCCBPGgAwIBAgIURgL8rEEW5Vt5jYFy5M0e/UuEDW8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yMzA5MTkwMjA5NTlaFw0yNDA5MTcwMjE0NTlaMDMxMTAvBgNV BAMTKDA5MEZGREU0MEI2MDI5Q0Q3RkUzMUE2RURCNDY3RTFBNTM4NEIxRTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm45foydYvKGbxl2rj0W/uT53a FqFx6tWQ4wqB/1F1xOoK2E33D7E5d+bLH5BZiucjXoF9s1mNeU4TEmqX75eJjLRJ w4WjR88g2bfwfbURmVMqzsMcVW9nBlZ5JgWJH1+BQhyS5iyJtECnd5UyKq6CP7Lx zubNV6feRxWnpA7uE2OngOA0VP+CsVUARwgZSbFQdkfI5puErqoZ7z3c4xjM/SLh kvocYkGrSNxDEzEAvgc7w7buEiWKFHJiJ0Ze6b+7gyB+JP4Bf/HJhl/Ip70iwHAQ AZyZo+OCeltd4uto/fVOqQxdb5YxnuYudoizwYEIVIiKfJ1WRQcI+E7WcNDLAgMB AAGjggMTMIIDDzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQJD/3kC2ApzX/j Gm7bRn4aU4Sx4TAfBgNVHSMEGDAWgBRB9lfPNWTyM7l39ArKXkvRDh4vjjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC80MUY2NTdDRjM1NjRGMjMzQjk3N0Y0MEFD QTVFNEJEMTBFMUUyRjhFLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUF BzAChnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhh ZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi80MUY2NTdDRjM1NjRGMjMzQjk3 N0Y0MEFDQTVFNEJEMTBFMUUyRjhFLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1MGU4LzUv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS9kZTdkNTVmNy1lZTYwLTQwMDUtYmFkNy1iNDI4MThjZjUwZTgv NS8wOTBGRkRFNDBCNjAyOUNEN0ZFMzFBNkVEQjQ2N0UxQTUzODRCMUUxLm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH AQcBAf8EEjAQMA4EAgACMAgDBgAqB1TBQjANBgkqhkiG9w0BAQsFAAOCAQEAiTvg BMy470RBFHjjK9a/RtWV8/vL4q3CtAlBIEhf4ZfOX8vo8GY/geHYfu1A/lDWgiKV NJLjWB29j5o5HxndUsRGwYNDXUqSmdK+zO6OD4BSZC2wY3gdHt1xbVvL5WOrUUkc w/dBHnNC7/FbE0/h9e+dQwvLVfTcdGEY6CqEQjS4Yf0K5/8Pqbd5Dr6bjnYhZI1X tN7cdL6nUGEMQ/61GPwzuJoY/nWZ7cdxyw47c8oKIHGUcNe912O7lMeQ4XYePvWY meau1tdKqCza6oxExckylXrkB3psBPdX5cnFtg3mUz4QTxcPEF/IYRloo4si1zAd x9MhkT9RNKLMOKXHDQ== -----END CERTIFICATE-----Generated at Sat Jun 1 06:15:08 2024 by rpki-client on console-ams.rpki-client.org