Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02fRY1tGs8InSyh1Bbu9fZFdyvU.cer
File:                     02fRY1tGs8InSyh1Bbu9fZFdyvU.cer (raw, json)
Hash identifier:          LkLt6L5VfqMXabY6GqqLGl2PYe50pB2rzOPpkcK0yOc=
Subject key identifier:   D3:67:D1:63:5B:46:B3:C2:27:4B:28:75:05:BB:BD:7D:91:5D:CA:F5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D496D84EDD20D721E632426B07A6F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f7/8a8b4c-8f12-4c8d-8be4-69b8d6b53e8c/1/02fRY1tGs8InSyh1Bbu9fZFdyvU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f7/8a8b4c-8f12-4c8d-8be4-69b8d6b53e8c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:51 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 35838
                          IP: 178.255.80.0/21
                          IP: 2a02:1788::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:49:6d:84:ed:d2:0d:72:1e:63:24:26:b0:7a:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d367d1635b46b3c2274b287505bbbd7d915dcaf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:83:68:70:fc:a3:46:ae:88:b4:8b:a5:c7:31:
                    73:bd:91:3f:0b:9a:5e:fc:d2:0c:bc:4f:9f:07:fd:
                    22:35:33:47:ce:d4:54:e0:26:2e:14:20:06:27:b9:
                    0c:35:40:15:ce:af:62:27:ae:b9:c0:79:58:84:29:
                    b1:1f:72:80:97:b1:f6:13:d0:f9:9b:ef:ec:fb:9e:
                    46:04:19:90:14:f7:9a:f0:76:70:a2:dc:36:9a:6c:
                    16:f5:ca:b5:9a:2e:15:1c:08:0c:dc:ae:7b:cb:e0:
                    fb:ff:37:ef:27:eb:91:3d:e6:bf:50:b5:5b:52:05:
                    ed:f9:14:76:19:86:a8:ca:2f:45:0e:b3:45:29:42:
                    97:81:0a:76:6c:b8:7d:49:79:5e:5e:49:c4:d1:c6:
                    27:a3:18:d3:06:f7:87:fa:f9:a8:a2:70:42:7a:dc:
                    6f:20:94:be:a8:08:75:b7:e4:03:7d:bf:82:84:26:
                    5e:c6:96:2e:5e:95:a3:a6:d0:00:73:24:8a:59:c2:
                    d8:41:5b:14:d1:b1:7d:c7:c0:2a:32:b5:e8:9f:68:
                    be:e9:1e:7d:6f:9c:50:ce:c4:c9:ea:92:b0:4a:d5:
                    38:22:67:a3:e8:f4:fd:9b:14:72:fe:6b:c3:44:54:
                    61:2a:c0:e0:08:e2:8a:d2:b3:c7:9b:d7:23:58:9b:
                    a3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:67:D1:63:5B:46:B3:C2:27:4B:28:75:05:BB:BD:7D:91:5D:CA:F5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8a8b4c-8f12-4c8d-8be4-69b8d6b53e8c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8a8b4c-8f12-4c8d-8be4-69b8d6b53e8c/1/02fRY1tGs8InSyh1Bbu9fZFdyvU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.80.0/21
                IPv6:
                  2a02:1788::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  35838

    Signature Algorithm: sha256WithRSAEncryption
         a3:05:ee:25:ee:61:84:d8:96:74:10:90:8a:93:5b:47:30:cd:
         26:8a:36:2a:73:7f:6b:10:47:bd:cf:09:4d:48:5b:69:46:99:
         28:09:e4:dc:db:a4:77:1a:49:7d:bf:3d:21:7f:fc:d3:0e:a5:
         32:d8:dc:72:65:3f:8e:89:49:ae:00:24:70:3b:45:e8:1d:21:
         63:1e:93:0f:3c:fd:8e:22:11:f9:09:98:76:ba:2b:6d:93:3f:
         b9:c8:f0:05:6a:dd:11:df:c7:26:ff:78:b7:d9:07:1b:6f:bb:
         13:67:5e:a5:24:1f:95:70:f5:a9:a0:9e:7f:11:fa:a2:ae:ed:
         48:df:70:fd:5c:4d:c5:5a:74:6a:c2:02:b7:5d:f5:57:5a:a3:
         fe:70:e5:aa:e6:35:a8:5e:d2:ca:02:a2:20:f9:64:50:23:3a:
         82:b1:b7:41:f8:13:83:76:02:68:36:7b:16:98:28:b3:1d:47:
         89:9f:37:b5:1d:2f:21:92:e6:1b:e1:6e:1c:0d:62:0b:2e:f5:
         76:b0:38:ed:26:56:c5:8d:0a:e2:5c:03:0c:d3:b6:71:30:75:
         09:53:05:44:22:5c:26:0d:d2:ea:0b:f3:c4:ba:d9:ca:f9:bd:
         36:46:a3:09:61:00:9a:8d:e9:eb:d9:e6:52:de:bb:ec:d7:28:
         93:d0:18:06
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzCbUlthO3SDXIeYyQmsHpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY3ZDE2MzViNDZiM2MyMjc0YjI4NzUwNWJiYmQ3ZDkxNWRjYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4INocPyjRq6ItIulxzFzvZE/C5pe
/NIMvE+fB/0iNTNHztRU4CYuFCAGJ7kMNUAVzq9iJ665wHlYhCmxH3KAl7H2E9D5
m+/s+55GBBmQFPea8HZwotw2mmwW9cq1mi4VHAgM3K57y+D7/zfvJ+uRPea/ULVb
UgXt+RR2GYaoyi9FDrNFKUKXgQp2bLh9SXleXknE0cYnoxjTBveH+vmoonBCetxv
IJS+qAh1t+QDfb+ChCZexpYuXpWjptAAcySKWcLYQVsU0bF9x8AqMrXon2i+6R59
b5xQzsTJ6pKwStU4Imej6PT9mxRy/mvDRFRhKsDgCOKK0rPHm9cjWJuj+QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNNn0WNbRrPCJ0sodQW7vX2RXcr1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y3LzhhOGI0
Yy04ZjEyLTRjOGQtOGJlNC02OWI4ZDZiNTNlOGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcvOGE4YjRj
LThmMTItNGM4ZC04YmU0LTY5YjhkNmI1M2U4Yy8xLzAyZlJZMXRHczhJblN5aDFC
YnU5ZlpGZHl2VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDsv9QMA0EAgACMAcDBQAqAheIMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCL/jANBgkqhkiG9w0BAQsFAAOCAQEAowXuJe5hhNiW
dBCQipNbRzDNJoo2KnN/axBHvc8JTUhbaUaZKAnk3NukdxpJfb89IX/80w6lMtjc
cmU/jolJrgAkcDtF6B0hYx6TDzz9jiIR+QmYdrorbZM/ucjwBWrdEd/HJv94t9kH
G2+7E2depSQflXD1qaCefxH6oq7tSN9w/VxNxVp0asICt131V1qj/nDlquY1qF7S
ygKiIPlkUCM6grG3QfgTg3YCaDZ7Fpgosx1HiZ83tR0vIZLmG+FuHA1iCy71drA4
7SZWxY0K4lwDDNO2cTB1CVMFRCJcJg3S6gvzxLrZyvm9NkajCWEAmo3p69nmUt67
7Ncok9AYBg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:55:41 2024 by rpki-client on console-ams.rpki-client.org