Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0o_L31cryvk-FUTeEKF2yzARBrs.cer
File:                     0o_L31cryvk-FUTeEKF2yzARBrs.cer (raw, json)
Hash identifier:          TAtAnuaMSrY9org1mOztAVGFMMgE1i+mKS7BYyJZyBU=
Subject key identifier:   D2:8F:CB:DF:57:2B:CA:F9:3E:15:44:DE:10:A1:76:CB:30:11:06:BB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC50155F50158F6179616F103E2C01B23
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/0o_L31cryvk-FUTeEKF2yzARBrs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 12:30:48 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 20677
                          IP: 46.17.244.0/22
                          IP: 185.38.52.0/22
                          IP: 185.113.148.0 -- 185.113.155.255
                          IP: 185.145.220.0/22
                          IP: 212.87.128.0/19
                          IP: 2a00:fac0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:55:f5:01:58:f6:17:96:16:f1:03:e2:c0:1b:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:30:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d28fcbdf572bcaf93e1544de10a176cb301106bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:c7:cd:b2:32:a5:e9:5f:67:14:c2:a8:07:0a:
                    6d:36:24:83:ab:69:22:d9:49:b1:87:8c:8d:79:71:
                    b1:7d:05:c6:f7:89:6f:4d:f9:f4:ec:55:e1:85:b4:
                    0f:5f:bf:59:b8:f9:44:d5:21:1d:82:84:18:55:c5:
                    02:0a:67:41:7f:bc:4f:29:18:ea:6c:33:cf:40:60:
                    b4:86:b3:f6:18:92:37:b7:fc:a4:bb:47:78:9b:4e:
                    07:bc:f5:7c:9e:d3:a8:00:a8:6d:f6:7c:79:ee:d8:
                    0a:6f:c8:0d:ab:25:d5:8f:33:45:af:1c:0e:8b:6b:
                    09:82:eb:4b:59:5e:27:03:41:76:0c:67:84:59:88:
                    68:c0:9f:a8:1c:d5:e2:cf:d3:48:82:9e:00:d0:20:
                    69:1f:fe:ee:86:f1:9b:a5:39:cd:ca:3a:95:d6:73:
                    6b:b3:70:e5:77:29:bd:7e:6f:df:36:c7:b1:9e:1f:
                    20:53:be:da:08:0e:10:a7:75:c2:92:ec:d9:68:09:
                    93:83:71:31:32:32:31:c3:54:93:67:29:b7:a6:be:
                    e4:72:7a:b7:09:35:eb:33:97:50:f4:2c:8c:0b:10:
                    a8:b9:2d:24:d0:d2:97:c2:57:c6:22:dd:60:7e:0c:
                    8f:6d:4e:ef:5d:18:0c:ff:63:9f:98:a7:f8:ea:4d:
                    71:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:8F:CB:DF:57:2B:CA:F9:3E:15:44:DE:10:A1:76:CB:30:11:06:BB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/0o_L31cryvk-FUTeEKF2yzARBrs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.17.244.0/22
                  185.38.52.0/22
                  185.113.148.0-185.113.155.255
                  185.145.220.0/22
                  212.87.128.0/19
                IPv6:
                  2a00:fac0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  20677

    Signature Algorithm: sha256WithRSAEncryption
         8f:6d:f0:c8:98:db:f5:32:f2:89:12:b0:b4:7c:73:59:1e:b2:
         f4:44:c9:d9:00:a8:45:fb:06:87:f4:cd:3e:be:44:d7:98:34:
         05:5c:0b:68:1b:47:15:79:dc:2a:aa:27:3e:cc:38:9f:f9:f3:
         6c:5a:7c:66:2d:46:60:c8:d4:53:b5:9c:a8:60:e9:ec:d9:29:
         6d:82:3d:cf:3c:bd:98:bf:57:42:af:4e:ef:fc:54:e2:29:d3:
         c8:19:1b:1a:e8:c2:6f:d0:bb:52:d2:a0:c1:0b:78:e8:bb:58:
         81:b0:9f:80:11:78:79:e3:82:63:09:63:fb:d0:b4:2b:cc:11:
         3b:63:61:e7:6d:27:2a:74:f0:c3:2a:d7:e5:39:15:7d:22:1d:
         13:80:b4:c9:81:59:37:d7:2f:7b:78:c0:6e:5f:c4:39:00:a3:
         44:2f:af:2c:e3:e6:67:48:56:6b:1c:01:9b:24:38:8d:ab:9f:
         87:1d:1b:ed:5b:f7:54:ab:2c:92:d6:20:9e:1b:01:28:3f:f3:
         af:9a:4f:6e:8e:8f:9a:aa:34:b2:55:6e:fd:5f:20:f8:ec:14:
         95:b0:8b:74:ab:8d:c1:95:b1:92:05:fb:3a:dc:66:80:ff:df:
         65:9b:4c:6f:b6:9b:92:10:4c:f8:cd:3f:b9:32:93:ee:9b:3e:
         b7:a0:a2:15
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYzFAVX1AVj2F5YW8QPiwBsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjhmY2JkZjU3MmJjYWY5M2UxNTQ0ZGUxMGExNzZjYjMwMTEwNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cfNsjKl6V9nFMKoBwptNiSDq2ki
2Umxh4yNeXGxfQXG94lvTfn07FXhhbQPX79ZuPlE1SEdgoQYVcUCCmdBf7xPKRjq
bDPPQGC0hrP2GJI3t/yku0d4m04HvPV8ntOoAKht9nx57tgKb8gNqyXVjzNFrxwO
i2sJgutLWV4nA0F2DGeEWYhowJ+oHNXiz9NIgp4A0CBpH/7uhvGbpTnNyjqV1nNr
s3Dldym9fm/fNsexnh8gU77aCA4Qp3XCkuzZaAmTg3ExMjIxw1STZym3pr7kcnq3
CTXrM5dQ9CyMCxCouS0k0NKXwlfGIt1gfgyPbU7vXRgM/2OfmKf46k1xHQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFNKPy99XK8r5PhVE3hChdsswEQa7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzAxYTEw
My01YjI1LTQ0NDItYTg5Mi0wZmU4Mzk5ZGU3MjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvMDFhMTAz
LTViMjUtNDQ0Mi1hODkyLTBmZTgzOTlkZTcyNy8xLzBvX0wzMWNyeXZrLUZVVGVF
S0YyeXpBUkJycy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME4GCCsGAQUF
BwEHAQH/BD8wPTAsBAIAATAmAwQCLhH0AwQCuSY0MAwDBAK5cZQDBAK5cZgDBAK5
kdwDBAXUV4AwDQQCAAIwBwMFACoA+sAwGQYIKwYBBQUHAQgBAf8ECjAIoAYwBAIC
UMUwDQYJKoZIhvcNAQELBQADggEBAI9t8MiY2/Uy8okSsLR8c1kesvREydkAqEX7
Bof0zT6+RNeYNAVcC2gbRxV53CqqJz7MOJ/582xafGYtRmDI1FO1nKhg6ezZKW2C
Pc88vZi/V0KvTu/8VOIp08gZGxrowm/Qu1LSoMELeOi7WIGwn4AReHnjgmMJY/vQ
tCvMETtjYedtJyp08MMq1+U5FX0iHROAtMmBWTfXL3t4wG5fxDkAo0Qvryzj5mdI
VmscAZskOI2rn4cdG+1b91SrLJLWIJ4bASg/86+aT26Oj5qqNLJVbv1fIPjsFJWw
i3SrjcGVsZIF+zrcZoD/32WbTG+2m5IQTPjNP7kyk+6bPregohU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:18:38 2024 by rpki-client on console-ams.rpki-client.org