Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
File:                     0BugE7webYbw1tWOr6VOJ_raNEQ.cer (raw, json)
Hash identifier:          ZXvNGdnImA/RbZa1hV3XPY49EbxXqlilcbWwrtIp/hM=
Subject key identifier:   D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26C1F468BFFEE7952074226BA0DE23F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:28:35 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 45.86.92.0/22
                          IP: 78.24.120.0/21
                          IP: 93.92.17.0 -- 93.92.23.255
                          IP: 2a0f:69c0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6c:1f:46:8b:ff:ee:79:52:07:42:26:ba:0d:e2:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:28:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c6:cc:4f:4c:0b:77:ed:5f:3b:29:6e:9e:ab:
                    ab:14:05:ad:71:c6:50:86:56:d0:b0:12:b8:72:6a:
                    1a:29:f1:eb:e8:cc:08:4a:67:30:eb:1f:b5:ef:f7:
                    dd:e8:df:b9:1b:25:32:25:8d:0d:7c:8c:6f:85:2d:
                    30:9c:45:f2:9c:8e:32:71:63:5c:f8:23:76:d7:a6:
                    7c:d9:d6:8e:72:2c:63:be:42:f1:0e:aa:02:9a:24:
                    95:82:6e:05:60:0b:72:fb:d9:f6:bd:7a:7a:bb:eb:
                    8b:24:b8:a5:62:7f:f2:e6:00:b4:75:78:8a:45:00:
                    5a:28:7f:fc:30:20:d7:34:ed:c3:8d:d3:12:23:b7:
                    36:5c:91:ca:e6:39:76:1a:2f:cb:11:83:bb:86:ab:
                    a3:bf:b9:89:49:32:d4:0d:4c:e8:40:c0:eb:6e:f3:
                    83:54:07:45:10:ba:fe:d0:a4:b9:63:85:24:d6:71:
                    60:33:70:ce:70:26:25:93:27:8b:c0:47:a4:f3:b0:
                    46:44:67:aa:7e:bb:3a:78:97:f4:49:38:cf:1c:67:
                    a2:51:d0:d5:03:7e:17:86:04:d2:1e:36:4c:34:82:
                    66:84:5d:94:5b:05:f9:80:6b:1b:8c:c7:9c:b6:87:
                    38:85:e5:01:bf:94:dc:ae:71:4e:4a:dc:c5:b1:07:
                    fb:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.92.0/22
                  78.24.120.0/21
                  93.92.17.0-93.92.23.255
                IPv6:
                  2a0f:69c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         19:1d:ef:2e:48:7b:78:8b:b4:2a:b3:af:1d:1d:68:f7:0f:c0:
         a8:85:ff:e2:0c:f2:6a:5d:db:cd:66:5b:1f:a0:2e:e3:7b:bd:
         2c:0e:c3:2e:a3:a8:5f:79:6b:77:ed:02:89:90:ec:69:34:dd:
         a9:89:84:82:9c:af:ef:1f:f6:e9:9d:53:d0:26:16:cf:f7:cf:
         4b:16:1b:7d:26:72:7b:b6:29:1e:e4:27:db:f8:05:f8:79:df:
         3a:fd:c3:b8:4a:2f:00:05:3e:c3:c3:c4:3e:f8:cd:ea:3d:0e:
         c0:fa:db:90:ab:90:75:29:c0:86:5e:69:8e:a1:9d:e2:63:13:
         68:6c:38:43:4f:54:12:fb:97:00:dd:13:e3:17:c6:e2:53:e6:
         5e:84:db:e0:47:e6:66:de:39:85:93:7d:83:c4:e9:2f:20:ff:
         b7:07:43:29:e9:4d:74:4d:fc:09:5a:73:92:bf:39:1e:95:1f:
         bb:c0:af:37:8f:ce:f1:3d:61:b7:56:dd:b3:98:86:c6:e9:d1:
         01:6c:54:35:05:96:61:eb:83:00:4b:a9:c7:d6:b5:a9:76:c5:
         bf:e9:57:55:e8:ec:a3:6f:9c:78:3a:3f:ef:08:ed:86:25:e0:
         62:c9:00:46:5c:68:ab:d8:ac:24:dc:15:e6:20:9d:62:ff:5c:
         bd:11:1f:8c
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYzCbB9Gi//ueVIHQia6DeI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyODM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFiYTAxM2JjMWU2ZDg2ZjBkNmQ1OGVhZmE1NGUyN2ZhZGEzNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsbMT0wLd+1fOylunqurFAWtccZQ
hlbQsBK4cmoaKfHr6MwISmcw6x+17/fd6N+5GyUyJY0NfIxvhS0wnEXynI4ycWNc
+CN216Z82daOcixjvkLxDqoCmiSVgm4FYAty+9n2vXp6u+uLJLilYn/y5gC0dXiK
RQBaKH/8MCDXNO3DjdMSI7c2XJHK5jl2Gi/LEYO7hqujv7mJSTLUDUzoQMDrbvOD
VAdFELr+0KS5Y4Uk1nFgM3DOcCYlkyeLwEek87BGRGeqfrs6eJf0STjPHGeiUdDV
A34XhgTSHjZMNIJmhF2UWwX5gGsbjMectoc4heUBv5TcrnFOStzFsQf7LwIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFNAboBO8Hm2G8NbVjq+lTif62jREMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E1MjJh
NTJmLTY1MzQtNDE2NS1hNmE3LWVmOWY3NGVmOTQzMS8xLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUy
MmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvRDAxQkEwMTNCQzFF
NkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgME
Ai1WXAMEA04YeDAMAwQAXVwRAwQDXVwQMA0EAgACMAcDBQMqD2nAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZHe8uSHt4i7Qqs68dHWj3D8Cohf/iDPJqXdvNZlsfoC7je70s
DsMuo6hfeWt37QKJkOxpNN2piYSCnK/vH/bpnVPQJhbP989LFht9JnJ7tike5Cfb
+AX4ed86/cO4Si8ABT7Dw8Q++M3qPQ7A+tuQq5B1KcCGXmmOoZ3iYxNobDhDT1QS
+5cA3RPjF8biU+ZehNvgR+Zm3jmFk32DxOkvIP+3B0Mp6U10TfwJWnOSvzkelR+7
wK83j87xPWG3Vt2zmIbG6dEBbFQ1BZZh64MAS6nH1rWpdsW/6VdV6Oyjb5x4Oj/v
CO2GJeBiyQBGXGir2Kwk3BXmIJ1i/1y9ER+M
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:04:31 2024 by rpki-client on console-ams.rpki-client.org