Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
File:                     faXTLVsJyTwbXj_Foqog10b8_tE.cer (raw, json)
Hash identifier:          KT0cIJouArcl9tMAObmR7bIN88EPN6wDqWWXkb6enIE=
Subject key identifier:   7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018F58223364F6E33AFC4189581776B114AE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 08 May 2024 12:16:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216070
                          IP: 2.57.240.0/22
                          IP: 31.14.10.0/24
                          IP: 37.140.247.0/24
                          IP: 37.153.158.0/24
                          IP: 37.156.5.0/24
                          IP: 45.87.120.0/23
                          IP: 45.88.12.0/22
                          IP: 45.135.180.0/22
                          IP: 45.144.172.0/22
                          IP: 46.102.237.0/24
                          IP: 62.192.152.0/24
                          IP: 77.81.65.0/24
                          IP: 77.81.88.0/24
                          IP: 77.81.100.0/23
                          IP: 77.81.182.0/24
                          IP: 79.110.227.0/24
                          IP: 85.204.18.0/24
                          IP: 85.204.22.0/24
                          IP: 86.105.4.0/24
                          IP: 86.107.50.0/23
                          IP: 86.107.100.0/23
                          IP: 86.107.168.0/24
                          IP: 89.34.106.0/24
                          IP: 89.34.202.0/24
                          IP: 89.34.219.0/24
                          IP: 89.35.73.0/24
                          IP: 89.35.119.0/24
                          IP: 89.35.129.0 -- 89.35.131.255
                          IP: 89.36.137.0/24
                          IP: 89.36.140.0/24
                          IP: 89.37.185.0/24
                          IP: 89.37.192.0/22
                          IP: 89.39.125.0/24
                          IP: 89.40.36.0/24
                          IP: 89.40.70.0/24
                          IP: 89.40.215.0/24
                          IP: 89.43.62.0/24
                          IP: 89.44.76.0/24
                          IP: 89.45.35.0/24
                          IP: 89.45.44.0/23
                          IP: 89.45.162.0/24
                          IP: 89.46.42.0/24
                          IP: 89.47.36.0/24
                          IP: 89.47.55.0/24
                          IP: 91.132.48.0/22
                          IP: 91.208.61.0/24
                          IP: 91.216.185.0/24
                          IP: 92.114.32.0/24
                          IP: 92.114.54.0/24
                          IP: 92.114.93.0/24
                          IP: 93.90.74.0/23
                          IP: 93.113.57.0/24
                          IP: 93.113.171.0/24
                          IP: 93.114.183.0/24
                          IP: 93.114.244.0/24
                          IP: 93.115.104.0/22
                          IP: 93.115.203.0/24
                          IP: 93.118.36.0/24
                          IP: 93.119.154.0/24
                          IP: 93.119.195.0/24
                          IP: 94.176.214.0/23
                          IP: 94.177.13.0/24
                          IP: 94.177.51.0/24
                          IP: 94.177.106.0/24
                          IP: 94.177.145.0/24
                          IP: 94.177.147.0/24
                          IP: 94.177.150.0/24
                          IP: 94.198.171.0/24
                          IP: 128.0.1.0/24
                          IP: 128.0.41.0/24
                          IP: 176.126.174.0/24
                          IP: 176.223.66.0/24
                          IP: 176.223.188.0/24
                          IP: 185.112.249.0/24
                          IP: 185.198.233.0 -- 185.198.235.255
                          IP: 185.212.119.0/24
                          IP: 188.64.142.0/24
                          IP: 188.208.103.0/24
                          IP: 188.208.110.0/24
                          IP: 188.212.121.0/24
                          IP: 188.213.0.0/24
                          IP: 188.213.216.0/24
                          IP: 188.214.107.0/24
                          IP: 188.215.31.0/24
                          IP: 188.240.81.0/24
                          IP: 188.241.136.0/23
                          IP: 188.241.221.0/24
                          IP: 195.88.89.0/24
                          IP: 213.134.11.0/24
                          IP: 217.19.4.0/24
                          IP: 2a13:4980::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 13 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:58:22:33:64:f6:e3:3a:fc:41:89:58:17:76:b1:14:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May  8 12:16:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0d:39:65:09:6c:a2:7a:ce:93:51:42:36:e7:
                    19:64:10:98:9d:8f:f1:c0:45:c7:57:f3:a4:be:b5:
                    7c:19:31:cc:07:ab:c4:55:63:90:71:96:67:e3:d3:
                    6f:6c:08:20:72:2a:4a:4f:66:21:d8:c4:e9:01:af:
                    ed:e8:ae:42:3e:5d:f3:5a:45:c0:f2:74:a8:f3:75:
                    8e:67:c0:6d:96:d0:39:e0:e2:18:8a:00:05:1c:79:
                    03:52:d7:d6:ad:1e:a4:46:eb:55:55:78:a6:a3:fa:
                    d2:27:89:88:b0:13:a9:13:22:5b:a9:00:f7:b9:f6:
                    31:c9:e5:55:55:fd:81:ff:29:9e:2c:05:59:c7:c7:
                    e7:8c:10:f3:9c:be:73:26:53:3a:91:28:fe:93:35:
                    26:c1:5f:34:d1:e9:15:7c:46:f0:4b:c8:4e:de:98:
                    57:5c:4d:8c:99:30:44:a9:30:d4:f5:9b:ec:c6:53:
                    78:d3:78:6d:87:f4:3b:13:99:38:e1:93:69:af:4c:
                    de:ca:1b:34:32:03:03:b3:e9:91:9c:41:81:8d:8a:
                    95:26:b3:45:e3:a9:ee:b9:a4:6b:4e:33:f0:df:8e:
                    ec:78:48:13:2b:b7:52:e9:84:1e:a0:dc:b9:ae:bb:
                    7d:c2:dd:02:70:df:c4:44:7f:b5:e1:90:f4:e6:d7:
                    f9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.240.0/22
                  31.14.10.0/24
                  37.140.247.0/24
                  37.153.158.0/24
                  37.156.5.0/24
                  45.87.120.0/23
                  45.88.12.0/22
                  45.135.180.0/22
                  45.144.172.0/22
                  46.102.237.0/24
                  62.192.152.0/24
                  77.81.65.0/24
                  77.81.88.0/24
                  77.81.100.0/23
                  77.81.182.0/24
                  79.110.227.0/24
                  85.204.18.0/24
                  85.204.22.0/24
                  86.105.4.0/24
                  86.107.50.0/23
                  86.107.100.0/23
                  86.107.168.0/24
                  89.34.106.0/24
                  89.34.202.0/24
                  89.34.219.0/24
                  89.35.73.0/24
                  89.35.119.0/24
                  89.35.129.0-89.35.131.255
                  89.36.137.0/24
                  89.36.140.0/24
                  89.37.185.0/24
                  89.37.192.0/22
                  89.39.125.0/24
                  89.40.36.0/24
                  89.40.70.0/24
                  89.40.215.0/24
                  89.43.62.0/24
                  89.44.76.0/24
                  89.45.35.0/24
                  89.45.44.0/23
                  89.45.162.0/24
                  89.46.42.0/24
                  89.47.36.0/24
                  89.47.55.0/24
                  91.132.48.0/22
                  91.208.61.0/24
                  91.216.185.0/24
                  92.114.32.0/24
                  92.114.54.0/24
                  92.114.93.0/24
                  93.90.74.0/23
                  93.113.57.0/24
                  93.113.171.0/24
                  93.114.183.0/24
                  93.114.244.0/24
                  93.115.104.0/22
                  93.115.203.0/24
                  93.118.36.0/24
                  93.119.154.0/24
                  93.119.195.0/24
                  94.176.214.0/23
                  94.177.13.0/24
                  94.177.51.0/24
                  94.177.106.0/24
                  94.177.145.0/24
                  94.177.147.0/24
                  94.177.150.0/24
                  94.198.171.0/24
                  128.0.1.0/24
                  128.0.41.0/24
                  176.126.174.0/24
                  176.223.66.0/24
                  176.223.188.0/24
                  185.112.249.0/24
                  185.198.233.0-185.198.235.255
                  185.212.119.0/24
                  188.64.142.0/24
                  188.208.103.0/24
                  188.208.110.0/24
                  188.212.121.0/24
                  188.213.0.0/24
                  188.213.216.0/24
                  188.214.107.0/24
                  188.215.31.0/24
                  188.240.81.0/24
                  188.241.136.0/23
                  188.241.221.0/24
                  195.88.89.0/24
                  213.134.11.0/24
                  217.19.4.0/24
                IPv6:
                  2a13:4980::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216070

    Signature Algorithm: sha256WithRSAEncryption
         66:86:47:03:f7:44:b0:7f:51:de:63:3c:ca:e7:ef:bf:d2:14:
         36:58:0f:7b:6d:3a:c2:85:0d:76:6b:81:fe:71:6d:1d:cc:bd:
         a4:39:e8:67:7d:9d:a0:38:ce:42:d4:1f:e3:a1:17:92:fb:91:
         99:6c:24:c9:58:aa:84:16:fb:ff:c8:74:5f:29:41:0f:11:9e:
         6f:0c:05:ae:e0:f4:c4:5b:42:0a:84:b4:08:2e:90:67:8a:58:
         62:50:38:ae:b9:a5:ad:30:d1:0c:5a:7c:54:43:18:f6:b0:83:
         07:b1:05:b2:c2:6e:ea:91:c3:94:fb:2e:88:ba:c9:79:5f:65:
         39:13:ae:88:5e:ef:3f:86:21:45:34:3e:04:19:dd:6d:95:fe:
         bb:52:d0:38:62:ed:ba:aa:f7:16:26:2d:c9:15:66:fc:f5:95:
         14:73:09:2b:f4:f9:13:e1:0d:7c:ff:69:2f:bb:6a:67:fd:fd:
         21:00:4c:31:ad:6f:57:e9:5c:42:c9:06:e8:15:e4:b4:75:a8:
         55:92:e2:b7:2d:f9:dd:22:bd:a0:86:84:ef:26:65:85:e7:bc:
         30:b8:d8:de:5d:f2:35:c7:d1:70:08:5e:9d:e3:16:65:da:8c:
         ca:7b:02:29:ce:c7:ad:e8:37:25:bf:9d:27:19:11:ee:7a:40:
         d1:ea:bd:9b
-----BEGIN CERTIFICATE-----
MIIH0zCCBrugAwIBAgISAY9YIjNk9uM6/EGJWBd2sRSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTA4MTIxNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGE1ZDMyZDViMDljOTNjMWI1ZTNmYzVhMmFhMjBkNzQ2ZmNmZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg05ZQlsonrOk1FCNucZZBCYnY/x
wEXHV/OkvrV8GTHMB6vEVWOQcZZn49NvbAggcipKT2Yh2MTpAa/t6K5CPl3zWkXA
8nSo83WOZ8BtltA54OIYigAFHHkDUtfWrR6kRutVVXimo/rSJ4mIsBOpEyJbqQD3
ufYxyeVVVf2B/ymeLAVZx8fnjBDznL5zJlM6kSj+kzUmwV800ekVfEbwS8hO3phX
XE2MmTBEqTDU9ZvsxlN403hth/Q7E5k44ZNpr0zeyhs0MgMDs+mRnEGBjYqVJrNF
46nuuaRrTjPw347seEgTK7dS6YQeoNy5rrt9wt0CcN/ERH+14ZD05tf5mQIDAQAB
o4IE3zCCBNswHQYDVR0OBBYEFH2l0y1bCck8G14/xaKqINdG/P7RMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2LzRiMThm
Yi1kM2VkLTRiMjctOWJkMC1lNTgzOWY0M2U1ODMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYvNGIxOGZi
LWQzZWQtNGIyNy05YmQwLWU1ODM5ZjQzZTU4My8xL2ZhWFRMVnNKeVR3YlhqX0Zv
cW9nMTBiOF90RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICXAYIKwYB
BQUHAQcBAf8EggJLMIICRzCCAjQEAgABMIICLAMEAgI58AMEAB8OCgMEACWM9wME
ACWZngMEACWcBQMEAS1XeAMEAi1YDAMEAi2HtAMEAi2QrAMEAC5m7QMEAD7AmAME
AE1RQQMEAE1RWAMEAU1RZAMEAE1RtgMEAE9u4wMEAFXMEgMEAFXMFgMEAFZpBAME
AVZrMgMEAVZrZAMEAFZrqAMEAFkiagMEAFkiygMEAFki2wMEAFkjSQMEAFkjdzAM
AwQAWSOBAwQCWSOAAwQAWSSJAwQAWSSMAwQAWSW5AwQCWSXAAwQAWSd9AwQAWSgk
AwQAWShGAwQAWSjXAwQAWSs+AwQAWSxMAwQAWS0jAwQBWS0sAwQAWS2iAwQAWS4q
AwQAWS8kAwQAWS83AwQCW4QwAwQAW9A9AwQAW9i5AwQAXHIgAwQAXHI2AwQAXHJd
AwQBXVpKAwQAXXE5AwQAXXGrAwQAXXK3AwQAXXL0AwQCXXNoAwQAXXPLAwQAXXYk
AwQAXXeaAwQAXXfDAwQBXrDWAwQAXrENAwQAXrEzAwQAXrFqAwQAXrGRAwQAXrGT
AwQAXrGWAwQAXsarAwQAgAABAwQAgAApAwQAsH6uAwQAsN9CAwQAsN+8AwQAuXD5
MAwDBAC5xukDBAK5xugDBAC51HcDBAC8QI4DBAC80GcDBAC80G4DBAC81HkDBAC8
1QADBAC81dgDBAC81msDBAC81x8DBAC88FEDBAG88YgDBAC88d0DBADDWFkDBADV
hgsDBADZEwQwDQQCAAIwBwMFAyoTSYAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQID
A0wGMA0GCSqGSIb3DQEBCwUAA4IBAQBmhkcD90Swf1HeYzzK5++/0hQ2WA97bTrC
hQ12a4H+cW0dzL2kOehnfZ2gOM5C1B/joReS+5GZbCTJWKqEFvv/yHRfKUEPEZ5v
DAWu4PTEW0IKhLQILpBnilhiUDiuuaWtMNEMWnxUQxj2sIMHsQWywm7qkcOU+y6I
usl5X2U5E66IXu8/hiFFND4EGd1tlf67UtA4Yu26qvcWJi3JFWb89ZUUcwkr9PkT
4Q18/2kvu2pn/f0hAEwxrW9X6VxCyQboFeS0dahVkuK3LfndIr2ghoTvJmWF57ww
uNjeXfI1x9FwCF6d4xZl2ozKewIpzset6Dclv50nGRHuekDR6r2b
-----END CERTIFICATE-----
Generated at Sun May 12 21:36:35 2024 by rpki-client on console-ams.rpki-client.org