Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0RIqXLBkP3NsfseWGAmiWThmjw4.cer
File:                     0RIqXLBkP3NsfseWGAmiWThmjw4.cer (raw, json)
Hash identifier:          1dweFFun7fuWV/TJS+qA5b1Bff+Mu/Y/euTIe3DGacE=
Subject key identifier:   D1:12:2A:5C:B0:64:3F:73:6C:7E:C7:96:18:09:A2:59:38:66:8F:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC9BCFB191A1926CDF7AA6667C502C547
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/0RIqXLBkP3NsfseWGAmiWThmjw4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 10:34:14 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 60354
                          IP: 185.251.112.0/22
                          IP: 2a0c:1940::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:fb:19:1a:19:26:cd:f7:aa:66:67:c5:02:c5:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 10:34:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d1122a5cb0643f736c7ec7961809a25938668f0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:22:2e:e9:b0:79:16:2c:37:95:ce:4e:aa:67:
                    36:38:0b:0f:7b:91:1a:91:0c:33:34:61:e2:80:0a:
                    a5:b7:35:59:1b:3a:4b:86:1f:9a:70:d8:0a:b8:fd:
                    c7:a4:bb:d9:e4:7b:4d:f2:66:30:ea:04:df:45:6f:
                    85:32:e9:34:bb:12:18:8e:2c:27:b9:8c:2c:84:c3:
                    f7:0c:97:33:76:dd:4e:79:6c:4f:98:a0:7c:82:05:
                    74:a2:69:cf:48:41:9b:ef:52:5e:09:30:2d:3d:91:
                    2e:1c:03:19:81:44:62:d4:9d:30:67:57:94:41:e4:
                    a6:a1:19:0f:ed:25:c8:e6:91:08:33:10:9d:43:7e:
                    73:6b:18:e6:b8:88:f8:65:9f:25:b2:55:84:8a:2f:
                    08:b5:d1:02:c5:29:47:fa:db:c9:b2:ed:c7:cb:9e:
                    e1:50:03:99:4e:bc:f2:a3:5c:b0:05:80:f0:4f:c6:
                    12:38:82:fa:4a:5a:d2:74:d3:4d:9b:d2:6b:3c:d8:
                    a4:c7:fe:b2:8b:26:9d:6f:a7:54:3c:98:e6:ac:aa:
                    44:2a:3f:80:f4:56:24:af:74:d4:e0:ce:52:3d:58:
                    58:fd:cf:37:9a:eb:a3:37:f6:5e:ea:63:35:79:19:
                    fc:d5:86:42:50:a6:1d:18:60:fb:5c:f3:8f:14:f6:
                    25:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:12:2A:5C:B0:64:3F:73:6C:7E:C7:96:18:09:A2:59:38:66:8F:0E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/0RIqXLBkP3NsfseWGAmiWThmjw4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.251.112.0/22
                IPv6:
                  2a0c:1940::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  60354

    Signature Algorithm: sha256WithRSAEncryption
         09:3b:08:8a:1c:56:87:ae:18:94:c6:7e:3e:dd:82:45:21:60:
         17:94:7f:ac:60:dd:95:7a:f7:6a:df:a5:6b:b8:cf:a1:67:b1:
         be:fc:3b:18:35:0b:8b:61:32:87:b2:f8:c5:20:db:06:be:77:
         50:28:f3:dc:8d:4a:f9:75:8d:f0:9e:32:6c:ab:f7:c9:75:28:
         41:77:b5:b0:61:ae:f7:34:0d:c2:a9:00:58:f6:89:0a:8d:25:
         83:76:8e:f1:40:fd:fb:b0:31:e4:c1:c0:9f:72:d9:be:be:e3:
         28:ba:cd:67:18:98:ff:b2:c0:1c:3e:67:aa:6a:83:a6:dd:62:
         17:8c:db:7e:58:80:6b:1f:13:b8:73:d1:68:83:7d:15:25:ac:
         56:ff:d9:f2:f5:1f:7d:97:33:99:5c:d3:65:60:7b:66:77:15:
         62:5a:e6:fe:80:6c:fc:db:37:4a:f8:7f:fc:65:b1:48:57:65:
         8a:6b:8d:4b:92:50:82:3c:53:c3:d0:f7:78:5a:22:7a:e0:16:
         f4:fc:3f:25:bd:af:86:25:53:69:c1:1e:23:ba:46:22:c0:78:
         53:b6:a5:e2:d1:6e:01:4d:9a:72:89:68:f8:49:07:94:a6:20:
         b4:54:d2:8f:3b:10:61:cc:5b:32:69:67:d1:6c:ee:ca:31:de:
         e9:a0:6e:63
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzJvPsZGhkmzfeqZmfFAsVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTEyMmE1Y2IwNjQzZjczNmM3ZWM3OTYxODA5YTI1OTM4NjY4ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiIu6bB5Fiw3lc5Oqmc2OAsPe5Ea
kQwzNGHigAqltzVZGzpLhh+acNgKuP3HpLvZ5HtN8mYw6gTfRW+FMuk0uxIYjiwn
uYwshMP3DJczdt1OeWxPmKB8ggV0omnPSEGb71JeCTAtPZEuHAMZgURi1J0wZ1eU
QeSmoRkP7SXI5pEIMxCdQ35zaxjmuIj4ZZ8lslWEii8ItdECxSlH+tvJsu3Hy57h
UAOZTrzyo1ywBYDwT8YSOIL6SlrSdNNNm9JrPNikx/6yiyadb6dUPJjmrKpEKj+A
9FYkr3TU4M5SPVhY/c83muujN/Ze6mM1eRn81YZCUKYdGGD7XPOPFPYlVQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNESKlywZD9zbH7HlhgJolk4Zo8OMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIzL2FjY2Qz
OC0wYWU2LTRiNDMtYTE2OC0xMTUyZjQzOTMwMjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvYWNjZDM4
LTBhZTYtNGI0My1hMTY4LTExNTJmNDM5MzAyMC8xLzBSSXFYTEJrUDNOc2ZzZVdH
QW1pV1RobWp3NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuftwMA0EAgACMAcDBQMqDBlAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDrwjANBgkqhkiG9w0BAQsFAAOCAQEACTsIihxWh64Y
lMZ+Pt2CRSFgF5R/rGDdlXr3at+la7jPoWexvvw7GDULi2Eyh7L4xSDbBr53UCjz
3I1K+XWN8J4ybKv3yXUoQXe1sGGu9zQNwqkAWPaJCo0lg3aO8UD9+7Ax5MHAn3LZ
vr7jKLrNZxiY/7LAHD5nqmqDpt1iF4zbfliAax8TuHPRaIN9FSWsVv/Z8vUffZcz
mVzTZWB7ZncVYlrm/oBs/Ns3Svh//GWxSFdlimuNS5JQgjxTw9D3eFoieuAW9Pw/
Jb2vhiVTacEeI7pGIsB4U7al4tFuAU2acolo+EkHlKYgtFTSjzsQYcxbMmln0Wzu
yjHe6aBuYw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 13:05:14 2024 by rpki-client on console-fra.rpki-client.org