$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer File: 090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer (raw, json) Hash identifier: kph5Et94iuKgvFGuGY4r+3gE7WXDCZwMWJhIGcTzq9o= Subject key identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 2DB2F4FDA0E5B70F97F00A94574E1A40B711EDC1 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sat 17 Aug 2024 20:58:54 +0000 Certificate not after: Sat 16 Aug 2025 21:03:54 +0000 Subordinate resources: IP: 2a07:54c1:4200::/40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:b2:f4:fd:a0:e5:b7:0f:97:f0:0a:94:57:4e:1a:40:b7:11:ed:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Aug 17 20:58:54 2024 GMT Not After : Aug 16 21:03:54 2025 GMT Subject: CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e3:97:e8:c9:d6:2f:28:66:f1:97:6a:e3:d1: 6f:ee:4f:9d:da:16:a1:71:ea:d5:90:e3:0a:81:ff: 51:75:c4:ea:0a:d8:4d:f7:0f:b1:39:77:e6:cb:1f: 90:59:8a:e7:23:5e:81:7d:b3:59:8d:79:4e:13:12: 6a:97:ef:97:89:8c:b4:49:c3:85:a3:47:cf:20:d9: b7:f0:7d:b5:11:99:53:2a:ce:c3:1c:55:6f:67:06: 56:79:26:05:89:1f:5f:81:42:1c:92:e6:2c:89:b4: 40:a7:77:95:32:2a:ae:82:3f:b2:f1:ce:e6:cd:57: a7:de:47:15:a7:a4:0e:ee:13:63:a7:80:e0:34:54: ff:82:b1:55:00:47:08:19:49:b1:50:76:47:c8:e6: 9b:84:ae:aa:19:ef:3d:dc:e3:18:cc:fd:22:e1:92: fa:1c:62:41:ab:48:dc:43:13:31:00:be:07:3b:c3: b6:ee:12:25:8a:14:72:62:27:46:5e:e9:bf:bb:83: 20:7e:24:fe:01:7f:f1:c9:86:5f:c8:a7:bd:22:c0: 70:10:01:9c:99:a3:e3:82:7a:5b:5d:e2:eb:68:fd: f5:4e:a9:0c:5d:6f:96:31:9e:e6:2e:76:88:b3:c1: 81:08:54:88:8a:7c:9d:56:45:07:08:f8:4e:d6:70: d0:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4200::/40 Signature Algorithm: sha256WithRSAEncryption 34:08:bf:31:2f:e5:31:de:79:d2:ff:e6:35:aa:aa:20:6d:4f: a8:8f:88:15:b8:96:64:f8:a0:f6:c7:bb:09:f6:a2:59:ea:fd: 23:45:63:a5:e6:a0:79:90:4a:7f:4d:b3:73:50:c0:40:79:c5: ef:24:a7:41:39:68:a2:6c:bd:07:3a:0f:bd:9e:13:69:ed:c5: 57:77:ec:aa:ff:93:c6:f7:ce:b4:3d:ed:a4:08:c7:cf:94:6b: ae:79:0d:11:55:c9:b5:3d:1b:11:18:19:60:3d:01:44:3e:a0: 6d:9d:5e:93:14:f7:2e:ed:e0:15:bb:82:c8:78:91:31:d7:99: 9e:03:59:dd:b0:ed:ac:8b:f3:37:b9:50:d6:f4:41:f6:c8:3e: 3e:c5:cf:50:84:ab:64:38:7a:cb:7b:45:17:b1:35:00:33:e5: d1:ff:ac:8d:e2:17:a4:a7:be:3d:16:bf:31:cf:95:04:6f:c7: f1:5a:96:c6:e2:26:f9:a2:e6:9e:8b:0f:ea:cb:b0:88:fe:a9: c3:7c:be:5e:c4:3e:4c:84:0a:04:c4:62:60:19:14:c1:72:6b: 0b:b7:8b:4b:32:10:00:d0:2f:5b:37:48:dd:d2:14:03:f4:ae: 98:89:d8:cd:09:b4:0f:89:f1:c1:32:91:07:17:f8:b2:7b:73: fa:d7:71:4a -----BEGIN CERTIFICATE----- MIIGCTCCBPGgAwIBAgIULbL0/aDltw+X8AqUV04aQLcR7cEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDA4MTcyMDU4NTRaFw0yNTA4MTYyMTAzNTRaMDMxMTAvBgNV BAMTKDA5MEZGREU0MEI2MDI5Q0Q3RkUzMUE2RURCNDY3RTFBNTM4NEIxRTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm45foydYvKGbxl2rj0W/uT53a FqFx6tWQ4wqB/1F1xOoK2E33D7E5d+bLH5BZiucjXoF9s1mNeU4TEmqX75eJjLRJ w4WjR88g2bfwfbURmVMqzsMcVW9nBlZ5JgWJH1+BQhyS5iyJtECnd5UyKq6CP7Lx zubNV6feRxWnpA7uE2OngOA0VP+CsVUARwgZSbFQdkfI5puErqoZ7z3c4xjM/SLh kvocYkGrSNxDEzEAvgc7w7buEiWKFHJiJ0Ze6b+7gyB+JP4Bf/HJhl/Ip70iwHAQ AZyZo+OCeltd4uto/fVOqQxdb5YxnuYudoizwYEIVIiKfJ1WRQcI+E7WcNDLAgMB AAGjggMTMIIDDzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQJD/3kC2ApzX/j Gm7bRn4aU4Sx4TAfBgNVHSMEGDAWgBRB9lfPNWTyM7l39ArKXkvRDh4vjjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC80MUY2NTdDRjM1NjRGMjMzQjk3N0Y0MEFD QTVFNEJEMTBFMUUyRjhFLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUF BzAChnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhh ZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi80MUY2NTdDRjM1NjRGMjMzQjk3 N0Y0MEFDQTVFNEJEMTBFMUUyRjhFLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1MGU4LzUv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS9kZTdkNTVmNy1lZTYwLTQwMDUtYmFkNy1iNDI4MThjZjUwZTgv NS8wOTBGRkRFNDBCNjAyOUNEN0ZFMzFBNkVEQjQ2N0UxQTUzODRCMUUxLm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH AQcBAf8EEjAQMA4EAgACMAgDBgAqB1TBQjANBgkqhkiG9w0BAQsFAAOCAQEANAi/ MS/lMd550v/mNaqqIG1PqI+IFbiWZPig9se7CfaiWer9I0VjpeageZBKf02zc1DA QHnF7ySnQTloomy9BzoPvZ4Tae3FV3fsqv+TxvfOtD3tpAjHz5RrrnkNEVXJtT0b ERgZYD0BRD6gbZ1ekxT3Lu3gFbuCyHiRMdeZngNZ3bDtrIvzN7lQ1vRB9sg+PsXP UISrZDh6y3tFF7E1ADPl0f+sjeIXpKe+PRa/Mc+VBG/H8VqWxuIm+aLmnosP6suw iP6pw3y+XsQ+TIQKBMRiYBkUwXJrC7eLSzIQANAvWzdI3dIUA/SumInYzQm0D4nx wTKRBxf4sntz+tdxSg== -----END CERTIFICATE-----Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org