Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0AEr-PVySEpvYGhWLKmRnG2lRG8.cer
File:                     0AEr-PVySEpvYGhWLKmRnG2lRG8.cer (raw, json)
Hash identifier:          QXfEm8GDwAFC1hNe2bL3/vg/yB2uHRnGrLfqGlOmMr4=
Subject key identifier:   D0:01:2B:F8:F5:72:48:4A:6F:60:68:56:2C:A9:91:9C:6D:A5:44:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8011B7705FB9DF71DA78A0FB939E2FC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/0AEr-PVySEpvYGhWLKmRnG2lRG8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:29:24 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 194.24.230.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 11:40:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:1b:77:05:fb:9d:f7:1d:a7:8a:0f:b9:39:e2:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d0012bf8f572484a6f6068562ca9919c6da5446f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ce:a8:e9:e1:3d:4f:40:da:cc:95:00:9b:4f:
                    6d:7c:2d:39:66:99:d0:35:48:b5:32:1d:a6:0a:ba:
                    1d:77:85:14:99:39:7e:79:06:dd:27:4b:a4:ea:7a:
                    e2:a9:c8:b3:af:60:4f:92:0b:9b:15:19:fb:62:ca:
                    9a:ed:21:68:2c:0d:73:b6:e7:26:02:26:5f:bc:0f:
                    2b:63:55:c1:07:7e:60:0a:e6:e7:ff:c5:88:b9:39:
                    f3:fa:6d:5e:fb:fb:2a:08:1b:45:06:07:c7:b7:99:
                    87:65:64:6d:40:77:d7:46:40:da:99:04:cf:23:b5:
                    e2:1e:2e:00:19:81:9b:a3:d1:af:45:a1:ac:5c:d2:
                    ad:ec:81:6d:90:f9:d1:9b:84:2c:a6:6a:19:02:b7:
                    31:a9:6b:01:2d:a3:25:ba:1a:81:4f:d9:e1:45:c9:
                    26:a7:3c:5c:f3:d1:8c:94:a2:42:7e:8a:7c:04:87:
                    36:02:07:ee:82:90:fd:61:c8:6d:39:36:00:50:46:
                    46:21:55:ed:b9:2a:c3:64:5e:c7:1b:43:5b:92:e6:
                    fa:63:f2:71:69:0f:c4:20:4f:11:30:7b:23:96:eb:
                    98:88:22:7f:e3:c7:29:8a:a3:0e:d5:ca:e5:84:3f:
                    5f:d3:bc:52:97:1a:4a:de:c9:c0:9e:72:8f:62:49:
                    ee:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:01:2B:F8:F5:72:48:4A:6F:60:68:56:2C:A9:91:9C:6D:A5:44:6F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/0AEr-PVySEpvYGhWLKmRnG2lRG8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.24.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:36:bf:fc:c8:9e:28:b9:fc:55:f3:22:75:91:b0:cf:b7:e1:
         d2:f7:bb:72:28:ff:ef:af:69:af:ae:5e:9b:02:f8:52:06:a6:
         20:ac:a1:70:c6:7d:c7:7d:42:02:8c:b6:67:e3:59:54:36:09:
         a8:60:81:a8:53:9c:3a:9e:00:bf:ca:d2:20:44:55:0d:74:73:
         6f:a9:58:ea:5a:0d:83:4c:d0:ba:54:59:96:85:49:c6:1b:4c:
         6c:39:60:a7:83:d2:75:46:d8:e9:fd:ca:41:29:e6:1f:ff:27:
         d7:d5:9f:33:cb:75:40:af:39:74:7f:2c:8e:f2:f8:3d:f9:48:
         f4:5f:49:a6:62:6e:3b:63:d5:5e:cc:c2:6b:4a:33:10:77:8e:
         e5:72:bc:37:bc:a0:5d:2c:2e:cf:75:00:32:a1:47:f6:c6:e5:
         58:95:3b:4e:e0:1c:ac:05:8a:9f:c1:76:2b:40:7e:69:cb:ac:
         5d:da:ee:96:60:c7:b4:8b:3a:ef:dc:44:d1:a9:8d:9a:f3:95:
         d5:89:49:16:00:f1:86:3f:9a:50:63:a8:e4:ae:8e:9d:3d:00:
         02:f2:71:6e:f3:43:3d:05:30:18:f9:cc:52:c1:2d:70:12:f6:
         d8:4b:a8:ce:d6:60:f7:d4:f2:d4:a4:9b:42:e9:78:1e:0d:c2:
         f8:0f:5a:47
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzIARt3Bfud9x2nig+5OeL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAxMmJmOGY1NzI0ODRhNmY2MDY4NTYyY2E5OTE5YzZkYTU0NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c6o6eE9T0DazJUAm09tfC05ZpnQ
NUi1Mh2mCrodd4UUmTl+eQbdJ0uk6nriqcizr2BPkgubFRn7Ysqa7SFoLA1ztucm
AiZfvA8rY1XBB35gCubn/8WIuTnz+m1e+/sqCBtFBgfHt5mHZWRtQHfXRkDamQTP
I7XiHi4AGYGbo9GvRaGsXNKt7IFtkPnRm4QspmoZArcxqWsBLaMluhqBT9nhRckm
pzxc89GMlKJCfop8BIc2AgfugpD9YchtOTYAUEZGIVXtuSrDZF7HG0Nbkub6Y/Jx
aQ/EIE8RMHsjluuYiCJ/48cpiqMO1crlhD9f07xSlxpK3snAnnKPYknuwQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNABK/j1ckhKb2BoViypkZxtpURvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0LzU1ZWI5
Ni1mMTIxLTRjZjQtYWM5NC04NDc3YjY2MzhmMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvNTVlYjk2
LWYxMjEtNGNmNC1hYzk0LTg0NzdiNjYzOGYzMS8xLzBBRXItUFZ5U0VwdllHaFdM
S21SbkcybFJHOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwhjmMA0GCSqGSIb3DQEBCwUAA4IBAQAMNr/8
yJ4oufxV8yJ1kbDPt+HS97tyKP/vr2mvrl6bAvhSBqYgrKFwxn3HfUICjLZn41lU
NgmoYIGoU5w6ngC/ytIgRFUNdHNvqVjqWg2DTNC6VFmWhUnGG0xsOWCng9J1Rtjp
/cpBKeYf/yfX1Z8zy3VArzl0fyyO8vg9+Uj0X0mmYm47Y9VezMJrSjMQd47lcrw3
vKBdLC7PdQAyoUf2xuVYlTtO4BysBYqfwXYrQH5py6xd2u6WYMe0izrv3ETRqY2a
85XViUkWAPGGP5pQY6jkro6dPQAC8nFu80M9BTAY+cxSwS1wEvbYS6jO1mD31PLU
pJtC6XgeDcL4D1pH
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:39:07 2024 by rpki-client on console-ams.rpki-client.org