Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
File:                     jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer (raw, json)
Hash identifier:          nP0RaJxKaSKt6qOuy03FlAe40ccx4R2ubkFX3Vj8s+s=
Subject key identifier:   8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01902669F568039B4FAB1FE84EB456336250
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 17 Jun 2024 13:36:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 206756

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:26:69:f5:68:03:9b:4f:ab:1f:e8:4e:b4:56:33:62:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 17 13:36:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ce:79:94:1e:88:99:c8:de:23:e8:89:98:c8:
                    12:db:50:54:b3:3a:82:2f:bf:7e:fc:d1:15:a6:18:
                    c4:4b:7e:ae:c7:c7:21:82:1e:dd:7c:5b:1c:3c:38:
                    72:26:6b:20:30:e6:61:a7:86:5a:ef:0b:a5:54:21:
                    80:be:0d:fa:c4:4e:9b:69:20:fc:04:d2:06:4a:f2:
                    78:c3:3c:8c:66:b3:98:3d:fa:0c:68:8f:e5:b7:58:
                    b6:73:78:53:f8:a8:bd:69:18:17:9c:6c:1b:57:f1:
                    f9:38:5d:d9:5c:50:54:ea:bd:0a:f1:92:36:b4:bc:
                    73:c7:fc:8d:f2:86:db:3e:c3:1e:77:1b:83:b5:c5:
                    b3:26:9f:a2:92:ec:58:df:9b:9c:d7:3b:07:78:42:
                    d4:d3:ec:d8:43:32:7a:f8:4b:df:9f:5e:9e:ea:37:
                    1f:3d:0a:3f:67:84:e6:5c:44:3e:2b:cf:02:3c:51:
                    83:1d:5a:19:c5:b6:5b:dd:94:2f:91:47:df:78:db:
                    bd:a4:a1:c3:a4:83:a6:cb:87:84:28:f3:3f:b7:c7:
                    92:17:9b:49:43:68:f0:a0:3d:3f:cd:10:6b:77:c3:
                    1c:09:56:b8:d7:0c:cc:0a:f2:b1:fb:4f:4b:fa:4b:
                    71:b9:3e:3e:99:bd:15:d4:17:ab:07:f4:bb:b6:7d:
                    df:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206756

    Signature Algorithm: sha256WithRSAEncryption
         98:36:40:87:6a:85:78:74:b1:02:3d:ee:77:43:2d:9e:4f:da:
         63:44:4d:34:27:a9:72:dc:12:32:5b:fa:c3:57:94:04:6d:52:
         47:d5:d4:fb:ef:9d:b1:31:bf:0b:bb:6f:2a:70:ed:ce:ea:74:
         06:49:86:08:c7:1e:da:f4:ba:d5:f6:7e:ac:07:a4:cf:05:9e:
         4b:e9:b0:84:98:e2:5a:aa:36:33:9d:1c:3e:42:16:17:df:4b:
         2e:62:1e:e6:b8:07:72:24:50:19:1b:6c:09:bf:b4:bb:89:3f:
         f8:b8:d8:53:24:db:53:d5:bb:11:60:33:2b:c6:c2:34:d3:3b:
         f0:3d:e1:5f:e3:12:9c:27:88:a4:10:8a:b2:99:28:68:d9:85:
         34:43:ef:2b:62:97:22:b3:d2:5b:ff:aa:84:79:b1:c0:c5:b6:
         07:53:23:db:9f:ac:a0:ac:b6:4b:e9:66:ed:1f:3b:60:aa:90:
         48:76:fb:96:15:1e:03:fc:0c:70:0b:64:eb:95:74:c0:75:8c:
         0c:53:f9:37:58:7d:4b:76:50:a3:74:88:79:f1:7c:4e:29:e7:
         6e:3a:25:09:c1:5e:16:6f:47:29:10:6f:64:2e:f2:cb:df:f2:
         75:28:dd:e7:1f:ac:1c:d6:c2:f2:dc:da:ff:82:f3:81:28:7e:
         9a:74:c2:83
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZAmafVoA5tPqx/oTrRWM2JQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjE3MTMzNjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDljMDdlN2U4ZGU4NThiMmU2ODEzZDAwZjliMzk5MmRmNTM4MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs855lB6ImcjeI+iJmMgS21BUszqC
L79+/NEVphjES36ux8chgh7dfFscPDhyJmsgMOZhp4Za7wulVCGAvg36xE6baSD8
BNIGSvJ4wzyMZrOYPfoMaI/lt1i2c3hT+Ki9aRgXnGwbV/H5OF3ZXFBU6r0K8ZI2
tLxzx/yN8obbPsMedxuDtcWzJp+ikuxY35uc1zsHeELU0+zYQzJ6+Evfn16e6jcf
PQo/Z4TmXEQ+K88CPFGDHVoZxbZb3ZQvkUffeNu9pKHDpIOmy4eEKPM/t8eSF5tJ
Q2jwoD0/zRBrd8McCVa41wzMCvKx+09L+ktxuT4+mb0V1BerB/S7tn3fBQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFI2cB+fo3oWLLmgT0A+bOZLfU4J/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdiL2UxNGUy
YS1hMGVhLTQzZDktYjA1Zi1mMzYzYzUxMzg3MDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvZTE0ZTJh
LWEwZWEtNDNkOS1iMDVmLWYzNjNjNTEzODcwMi8xL2pad0g1LWplaFlzdWFCUFFE
NXM1a3Q5VGduOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMnpDANBgkqhkiG9w0BAQsFAAOCAQEAmDZAh2qFeHSx
Aj3ud0Mtnk/aY0RNNCepctwSMlv6w1eUBG1SR9XU+++dsTG/C7tvKnDtzup0BkmG
CMce2vS61fZ+rAekzwWeS+mwhJjiWqo2M50cPkIWF99LLmIe5rgHciRQGRtsCb+0
u4k/+LjYUyTbU9W7EWAzK8bCNNM78D3hX+MSnCeIpBCKspkoaNmFNEPvK2KXIrPS
W/+qhHmxwMW2B1Mj25+soKy2S+lm7R87YKqQSHb7lhUeA/wMcAtk65V0wHWMDFP5
N1h9S3ZQo3SIefF8TinnbjolCcFeFm9HKRBvZC7yy9/ydSjd5x+sHNbC8tza/4Lz
gSh+mnTCgw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:18:14 2024 by rpki-client on console-ams.rpki-client.org