$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer File: CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer (raw, json) Hash identifier: 7vLkyUAQbxiLLTtLPTkxdYYdz3Z3gV7jT0yw/qUtZ6Q= Subject key identifier: CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 676D8FD951FA0F05B32B96433B14212DCD8DA529 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Fri 22 Sep 2023 16:55:17 +0000 Certificate not after: Fri 20 Sep 2024 17:00:17 +0000 Subordinate resources: IP: 2a07:54c1:3800::/40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 01 Jun 2024 06:46:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:6d:8f:d9:51:fa:0f:05:b3:2b:96:43:3b:14:21:2d:cd:8d:a5:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Sep 22 16:55:17 2023 GMT Not After : Sep 20 17:00:17 2024 GMT Subject: CN=CEE50F8654426B5A60EE8C52A9AE958F8D77B848 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:cc:5b:e1:25:7a:8f:ce:a2:02:e1:d1:af:f8: 6b:23:63:22:e2:03:22:0c:3b:e2:94:d3:66:d6:ce: 32:c9:99:08:84:5b:0c:0e:4d:f9:c1:ad:a9:32:1b: 20:ae:66:9b:63:82:e5:dc:9f:df:f4:a0:bd:61:12: 9f:48:45:e3:6b:75:d5:37:dc:9e:15:2b:b6:2c:2f: 75:5e:36:a9:41:4a:a6:c0:49:9d:f0:07:3a:25:f7: a8:27:1f:61:8e:31:94:ea:56:d8:95:95:f5:d8:49: 4e:27:e4:bd:d5:23:5b:33:cf:66:08:00:88:33:84: f3:6e:57:3b:f8:c5:94:e7:e4:fb:4b:6a:c0:c3:ad: 55:11:a9:3a:71:1d:e6:2e:e9:2c:11:4a:48:e0:f4: 58:b4:f1:71:46:51:2c:68:41:52:dc:c1:28:74:1d: dd:8b:69:ba:93:aa:ad:e8:90:b8:62:90:c9:db:0c: 81:32:9b:54:bc:58:25:9a:07:72:d4:14:10:bd:0e: 15:3b:fb:30:4a:ca:bc:15:19:1a:bf:3b:f6:f9:75: 1f:80:48:77:f2:29:96:25:96:f5:23:e9:43:f2:5e: 66:37:10:e1:ea:27:07:e0:93:a3:81:7b:a8:c9:38: 77:a7:ae:23:b9:85:36:48:8c:b4:15:9d:04:b3:53: d8:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:3800::/40 Signature Algorithm: sha256WithRSAEncryption 32:9e:59:68:85:dc:d4:1f:17:6d:6b:7f:1e:01:80:43:da:f1: da:eb:ac:bd:e0:f2:3e:95:41:e0:4d:6b:3e:19:ce:d3:a9:73: c9:ca:c7:c0:71:f3:f4:5b:8e:cd:a9:20:69:5e:d8:35:4f:25: 41:2b:04:56:04:29:34:09:bc:32:48:c2:b5:93:46:d6:e1:18: 6b:2a:3b:f5:18:e6:b9:71:f0:1a:8e:a7:df:4b:47:95:ba:b8: 91:24:53:79:71:12:34:ee:cb:eb:59:4a:51:85:9d:39:f8:12: f4:92:8d:3d:92:ff:a8:94:d5:1d:a9:70:9f:15:5a:12:bc:69: 69:03:6f:6b:c2:c7:84:f9:d0:70:54:03:0b:10:82:e0:4e:75: e2:ef:7a:be:21:8e:ad:b2:99:e1:f3:83:9c:f6:d4:0c:ac:95: 02:8c:66:93:ae:75:3e:3f:64:90:e1:03:fd:5f:e6:de:fc:00: 5c:69:7c:f6:79:c1:6d:02:0b:58:c7:79:0f:c3:64:f6:71:07: a0:f4:f1:d9:d8:24:eb:f2:df:d8:3e:61:3e:5c:f2:c1:45:86: 3e:ed:99:98:cd:db:ae:30:60:1c:05:ec:d6:28:3d:66:67:d8: 26:94:69:02:b2:cf:f4:ae:b4:4b:31:bb:f0:ff:63:3c:7c:fd: 95:d5:ba:dd -----BEGIN CERTIFICATE----- MIIGCTCCBPGgAwIBAgIUZ22P2VH6DwWzK5ZDOxQhLc2NpSkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yMzA5MjIxNjU1MTdaFw0yNDA5MjAxNzAwMTdaMDMxMTAvBgNV BAMTKENFRTUwRjg2NTQ0MjZCNUE2MEVFOEM1MkE5QUU5NThGOEQ3N0I4NDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjzFvhJXqPzqIC4dGv+GsjYyLi AyIMO+KU02bWzjLJmQiEWwwOTfnBrakyGyCuZptjguXcn9/0oL1hEp9IReNrddU3 3J4VK7YsL3VeNqlBSqbASZ3wBzol96gnH2GOMZTqVtiVlfXYSU4n5L3VI1szz2YI AIgzhPNuVzv4xZTn5PtLasDDrVURqTpxHeYu6SwRSkjg9Fi08XFGUSxoQVLcwSh0 Hd2LabqTqq3okLhikMnbDIEym1S8WCWaB3LUFBC9DhU7+zBKyrwVGRq/O/b5dR+A SHfyKZYllvUj6UPyXmY3EOHqJwfgk6OBe6jJOHenriO5hTZIjLQVnQSzU9hLAgMB AAGjggMTMIIDDzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTO5Q+GVEJrWmDu jFKprpWPjXe4SDAfBgNVHSMEGDAWgBRB9lfPNWTyM7l39ArKXkvRDh4vjjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC80MUY2NTdDRjM1NjRGMjMzQjk3N0Y0MEFD QTVFNEJEMTBFMUUyRjhFLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUF BzAChnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhh ZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi80MUY2NTdDRjM1NjRGMjMzQjk3 N0Y0MEFDQTVFNEJEMTBFMUUyRjhFLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvYmM5MGY0ZjYtZjJjNC00ODgyLTkxY2YtOWI4ZjBiMzhkN2RhLzEv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS9iYzkwZjRmNi1mMmM0LTQ4ODItOTFjZi05YjhmMGIzOGQ3ZGEv MS9DRUU1MEY4NjU0NDI2QjVBNjBFRThDNTJBOUFFOTU4RjhENzdCODQ4Lm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH AQcBAf8EEjAQMA4EAgACMAgDBgAqB1TBODANBgkqhkiG9w0BAQsFAAOCAQEAMp5Z aIXc1B8XbWt/HgGAQ9rx2uusveDyPpVB4E1rPhnO06lzycrHwHHz9FuOzakgaV7Y NU8lQSsEVgQpNAm8MkjCtZNG1uEYayo79RjmuXHwGo6n30tHlbq4kSRTeXESNO7L 61lKUYWdOfgS9JKNPZL/qJTVHalwnxVaErxpaQNva8LHhPnQcFQDCxCC4E514u96 viGOrbKZ4fODnPbUDKyVAoxmk651Pj9kkOED/V/m3vwAXGl89nnBbQILWMd5D8Nk 9nEHoPTx2dgk6/Lf2D5hPlzywUWGPu2ZmM3brjBgHAXs1ig9ZmfYJpRpArLP9K60 SzG78P9jPHz9ldW63Q== -----END CERTIFICATE-----Generated at Fri May 31 12:10:15 2024 by rpki-client on console-ams.rpki-client.org