Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
File:                     syznolxromOxucmrdrjS3DoNaAY.cer (raw, json)
Hash identifier:          kATCdPCKThBkug7KAYzHw7x6Kaj+WOBStEFL9YwSJQQ=
Subject key identifier:   B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018F3A3EFA1E3AFB83FCF158169E650EEDE8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 May 2024 16:59:16 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 214999

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 04 Jun 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:3e:fa:1e:3a:fb:83:fc:f1:58:16:9e:65:0e:ed:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May  2 16:59:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:06:a7:91:9b:4d:95:cb:f0:e6:a5:39:36:26:
                    3a:db:39:98:c0:ca:e0:bf:5c:4b:02:1a:cc:07:b0:
                    a1:5a:85:a3:32:39:ae:43:24:eb:80:2f:ee:26:b4:
                    92:81:6c:74:e6:e4:a1:7a:6a:a9:cf:d8:28:af:a6:
                    71:c2:5c:8f:5a:ec:f1:dc:69:d5:be:89:4f:b6:12:
                    e8:2f:2c:30:9f:6e:30:ab:0a:cb:e8:d9:01:b7:98:
                    27:66:ca:4a:50:5a:6f:23:a1:d3:46:ae:47:18:cb:
                    f7:af:bf:ac:59:9c:25:bd:d8:44:7a:31:d7:7c:dc:
                    d9:02:97:ba:71:1c:6e:c0:79:03:9b:c9:91:11:a1:
                    dc:41:3f:a0:8d:e4:ec:3c:37:1a:00:dc:7f:15:32:
                    f6:ec:9b:d3:a9:b2:01:83:e9:59:c0:a3:c2:6c:7c:
                    94:a8:f8:2b:8d:4f:e6:f9:0d:8c:2a:db:c5:2e:3d:
                    8f:a1:be:df:db:65:f1:93:8d:bf:78:64:2d:b5:8b:
                    0d:f6:7d:f4:61:91:33:dc:8a:d6:be:c0:f2:dd:cd:
                    ec:0d:a1:91:74:b7:ff:95:f2:f9:a5:dd:4a:fc:a9:
                    08:97:98:cd:07:e4:ec:cb:0b:c3:74:78:cb:f1:5a:
                    34:3d:db:e5:dc:9e:21:e8:c1:80:d0:cb:cb:b4:34:
                    39:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214999

    Signature Algorithm: sha256WithRSAEncryption
         27:3d:93:02:53:7a:cb:b0:16:99:02:df:06:d4:17:f9:1e:77:
         51:48:56:3d:43:cb:7b:27:83:b5:d8:62:db:72:85:74:df:38:
         19:87:5b:e4:6c:d4:03:83:77:5f:b8:a1:4a:7f:86:b9:24:5f:
         5a:25:05:1a:06:2c:3c:19:e3:e3:4c:1a:b9:d1:6f:18:de:9d:
         e8:0d:d6:4a:3a:7e:37:ea:ce:36:9c:8a:fe:bc:6e:93:5d:d1:
         57:1a:92:2e:6d:0a:d2:36:11:36:7b:f3:c6:f5:14:14:37:f0:
         54:39:6f:39:6e:1c:b6:fb:57:ef:fe:28:ea:3f:7b:56:25:77:
         1d:89:4f:11:07:55:6d:aa:07:b4:c0:04:f4:0b:70:18:74:c8:
         6d:57:50:1b:af:26:86:3c:a6:a4:83:2f:8d:68:6b:67:f0:67:
         08:71:70:29:e9:32:e2:6f:48:2c:b4:69:1e:a6:2b:d5:79:a0:
         ba:1e:7b:13:7d:07:63:48:3f:ce:8a:bc:d0:b9:81:12:74:0e:
         b4:eb:b0:4d:97:4f:58:dd:bf:58:c2:10:ba:cd:d4:0b:d8:90:
         13:28:de:bd:14:b3:64:60:21:5e:4d:e9:66:ba:78:af:a7:80:
         d1:01:a7:a7:06:63:dd:2c:a8:97:35:5a:47:f0:33:6d:18:61:
         f5:21:40:4e
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY86PvoeOvuD/PFYFp5lDu3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTAyMTY1OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJjZTdhMjVjNmJhMjYzYjFiOWM5YWI3NmI4ZDJkYzNhMGQ2ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQankZtNlcvw5qU5NiY62zmYwMrg
v1xLAhrMB7ChWoWjMjmuQyTrgC/uJrSSgWx05uShemqpz9gor6ZxwlyPWuzx3GnV
volPthLoLywwn24wqwrL6NkBt5gnZspKUFpvI6HTRq5HGMv3r7+sWZwlvdhEejHX
fNzZApe6cRxuwHkDm8mREaHcQT+gjeTsPDcaANx/FTL27JvTqbIBg+lZwKPCbHyU
qPgrjU/m+Q2MKtvFLj2Pob7f22Xxk42/eGQttYsN9n30YZEz3IrWvsDy3c3sDaGR
dLf/lfL5pd1K/KkIl5jNB+TsywvDdHjL8Vo0Pdvl3J4h6MGA0MvLtDQ5XQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLMs56Jca6JjsbnJq3a40tw6DWgGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3L2EzYTY1
My1hZWZhLTQ4Y2QtYWFjNy0zNDAzYTg0Mjk3YjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvYTNhNjUz
LWFlZmEtNDhjZC1hYWM3LTM0MDNhODQyOTdiMS8xL3N5em5vbHhyb21PeHVjbXJk
cmpTM0RvTmFBWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNH1zANBgkqhkiG9w0BAQsFAAOCAQEAJz2TAlN6y7AW
mQLfBtQX+R53UUhWPUPLeyeDtdhi23KFdN84GYdb5GzUA4N3X7ihSn+GuSRfWiUF
GgYsPBnj40waudFvGN6d6A3WSjp+N+rONpyK/rxuk13RVxqSLm0K0jYRNnvzxvUU
FDfwVDlvOW4ctvtX7/4o6j97ViV3HYlPEQdVbaoHtMAE9AtwGHTIbVdQG68mhjym
pIMvjWhrZ/BnCHFwKeky4m9ILLRpHqYr1Xmguh57E30HY0g/zoq80LmBEnQOtOuw
TZdPWN2/WMIQus3UC9iQEyjevRSzZGAhXk3pZrp4r6eA0QGnpwZj3SyolzVaR/Az
bRhh9SFATg==
-----END CERTIFICATE-----