Certificate

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/32F267CC5A6C13207B7228C9D0A849752F5036FF.cer
File:                     32F267CC5A6C13207B7228C9D0A849752F5036FF.cer (raw, json)
Hash identifier:          wtYBDBTeZuO8AAyP1XDwph6PJWJCdaH3yv696F2hoXk=
Subject key identifier:   32:F2:67:CC:5A:6C:13:20:7B:72:28:C9:D0:A8:49:75:2F:50:36:FF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5E29023EB366AC276B18040FBACF0DB612F1FBE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/5/32F267CC5A6C13207B7228C9D0A849752F5036FF.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/5/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Tue 28 May 2024 06:42:58 +0000
Certificate not after:    Tue 27 May 2025 06:47:58 +0000
Subordinate resources:    IP: 2a06:a005:d2d::/48
                          IP: 2a06:a005:1507::/48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:29:02:3e:b3:66:ac:27:6b:18:04:0f:ba:cf:0d:b6:12:f1:fb:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: May 28 06:42:58 2024 GMT
            Not After : May 27 06:47:58 2025 GMT
        Subject: CN=32F267CC5A6C13207B7228C9D0A849752F5036FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:0c:1d:6f:36:42:74:53:51:5a:e9:5c:54:cb:
                    1d:31:bc:9a:d9:90:aa:e0:9d:6e:af:f6:46:76:bf:
                    6f:ab:6d:bf:cc:81:9c:92:bc:8d:68:97:ed:2a:ad:
                    27:78:77:66:f5:3d:19:26:6a:b0:4a:44:07:db:2a:
                    e9:6d:ad:9e:7e:b3:5a:ec:4a:78:4c:b2:25:19:96:
                    e6:cb:c3:6a:9c:77:c2:39:4e:6a:2a:f0:ad:ac:69:
                    97:17:ed:22:7e:72:89:8a:2d:9e:56:4a:5d:52:69:
                    de:be:63:90:e7:11:b5:b2:a5:c5:85:31:81:2d:b4:
                    f5:ea:13:d5:58:55:72:ba:03:65:0e:1b:85:83:ac:
                    0b:24:35:41:ea:fe:1b:48:79:fc:73:e4:dd:25:92:
                    2c:ac:51:5f:6f:27:6d:a7:f4:1d:33:f7:c5:4a:5a:
                    c3:21:d5:9a:30:0e:0c:39:1f:57:49:38:3c:66:a4:
                    2e:c0:1d:d0:e7:94:08:c0:a8:26:ee:24:96:be:4c:
                    7f:84:9d:c1:06:86:28:a1:51:09:fb:cd:ef:ef:1d:
                    a9:fd:15:4e:2e:53:47:d8:04:e5:db:00:0a:b7:dd:
                    cb:f4:24:38:c6:b7:7f:72:05:65:f4:8a:10:90:43:
                    61:86:da:2e:d4:20:7b:85:e0:cb:c5:e2:b0:0b:dc:
                    c2:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                32:F2:67:CC:5A:6C:13:20:7B:72:28:C9:D0:A8:49:75:2F:50:36:FF
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/5/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/5/32F267CC5A6C13207B7228C9D0A849752F5036FF.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:d2d::/48
                  2a06:a005:1507::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:6a:77:b8:29:2d:53:bb:d6:7a:6d:11:b9:c2:d0:09:4b:93:
         c3:b6:1f:80:58:ca:c6:e6:4a:b0:c5:32:d7:51:ff:21:94:05:
         fd:60:57:69:29:b5:7c:cb:a7:77:ad:c9:a1:de:06:1f:0f:c6:
         ce:0a:0f:10:57:5b:fd:d6:1c:2a:4f:6f:23:c4:62:59:2f:9c:
         c6:03:9b:38:1c:34:ec:ef:0e:b6:6c:56:a8:d1:0e:a8:10:bb:
         1c:05:c2:59:28:78:df:2a:95:d2:01:57:78:9e:d3:5b:8a:5a:
         ed:47:b4:ea:36:cb:9f:ce:6b:77:c2:f5:16:11:f0:78:31:7c:
         94:18:2e:e7:67:9c:5e:d2:5a:62:ab:e5:f1:e8:85:42:92:25:
         26:e3:52:74:c2:b6:7f:90:02:13:94:69:63:c9:96:cd:40:0b:
         04:17:0f:ec:e1:90:6a:ed:c3:59:a3:e2:a6:bb:45:5b:7b:fe:
         6c:52:b4:5e:78:2b:09:e3:46:ab:04:19:8f:68:23:08:f6:dd:
         19:4c:54:8f:24:fa:80:c4:d3:4d:dc:0b:5c:94:aa:18:09:b3:
         47:21:7d:b7:bb:85:97:0c:6d:5a:54:b2:16:7d:ae:6e:55:40:
         7e:18:3c:99:2c:55:d5:61:d6:89:f6:4c:2c:38:5b:6b:1e:7b:
         2d:74:92:35
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgIUXikCPrNmrCdrGAQPus8NthLx++EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA1MjgwNjQyNThaFw0yNTA1MjcwNjQ3NThaMDMxMTAvBgNV
BAMTKDMyRjI2N0NDNUE2QzEzMjA3QjcyMjhDOUQwQTg0OTc1MkY1MDM2RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+DB1vNkJ0U1Fa6VxUyx0xvJrZ
kKrgnW6v9kZ2v2+rbb/MgZySvI1ol+0qrSd4d2b1PRkmarBKRAfbKultrZ5+s1rs
SnhMsiUZlubLw2qcd8I5Tmoq8K2saZcX7SJ+comKLZ5WSl1Sad6+Y5DnEbWypcWF
MYEttPXqE9VYVXK6A2UOG4WDrAskNUHq/htIefxz5N0lkiysUV9vJ22n9B0z98VK
WsMh1ZowDgw5H1dJODxmpC7AHdDnlAjAqCbuJJa+TH+EncEGhiihUQn7ze/vHan9
FU4uU0fYBOXbAAq33cv0JDjGt39yBWX0ihCQQ2GG2i7UIHuF4MvF4rAL3MIBAgMB
AAGjggLdMIIC2TAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQy8mfMWmwTIHty
KMnQqEl1L1A2/zAfBgNVHSMEGDAWgBR5lDjxsXYq7vijXPTmy66XaZvQIDAOBgNV
HQ8BAf8EBAMCAQYwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBraS1ycHMu
YXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJl
M2Y5ZC8yLzc5OTQzOEYxQjE3NjJBRUVGOEEzNUNGNEU2Q0JBRTk3Njk5QkQwMjAu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lWlE0OGJGMkt1NzRvMXowNXN1dWwy
bWIwQ0EuY2VyMIIBPwYIKwYBBQUHAQsEggExMIIBLTBfBggrBgEFBQcwBYZTcnN5
bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mMGY1YWNh
OS1kYzI4LTQ1OTItOTcxMi00MDg0ZGU5Yzk0MjEvNS8wgYsGCCsGAQUFBzAKhn9y
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2YwZjVh
Y2E5LWRjMjgtNDU5Mi05NzEyLTQwODRkZTljOTQyMS81LzMyRjI2N0NDNUE2QzEz
MjA3QjcyMjhDOUQwQTg0OTc1MkY1MDM2RkYubWZ0MDwGCCsGAQUFBzANhjBodHRw
czovL3JyZHAucGFhcy5ycGtpLnJpcGUubmV0L25vdGlmaWNhdGlvbi54bWwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIw
EgMHACoGoAUNLQMHACoGoAUVBzANBgkqhkiG9w0BAQsFAAOCAQEAGWp3uCktU7vW
em0RucLQCUuTw7YfgFjKxuZKsMUy11H/IZQF/WBXaSm1fMund63Jod4GHw/GzgoP
EFdb/dYcKk9vI8RiWS+cxgObOBw07O8OtmxWqNEOqBC7HAXCWSh43yqV0gFXeJ7T
W4pa7Ue06jbLn85rd8L1FhHweDF8lBgu52ecXtJaYqvl8eiFQpIlJuNSdMK2f5AC
E5RpY8mWzUALBBcP7OGQau3DWaPiprtFW3v+bFK0XngrCeNGqwQZj2gjCPbdGUxU
jyT6gMTTTdwLXJSqGAmzRyF9t7uFlwxtWlSyFn2ublVAfhg8mSxV1WHWifZMLDhb
ax57LXSSNQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:04:22 2024 by rpki-client on console-fra.rpki-client.org