Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
File:                     0voqcAA4gNdWFhKjwKEmAs41QaQ.cer (raw, json)
Hash identifier:          SPiTz/dtftwSWDHxG0vQMZoO+a/BKE9rB9k6B1kyeoA=
Subject key identifier:   D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56EE5FC244A2B9109265183591ECBEC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:30:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 213192
                          IP: 46.235.40.0/21
                          IP: 83.150.232.0/22
                          IP: 2a00:d640::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:e5:fc:24:4a:2b:91:09:26:51:83:59:1e:cb:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:30:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:85:a5:60:96:16:c3:57:98:da:e3:47:9f:cb:
                    fc:9e:89:5f:43:d3:63:ad:a9:cb:03:4f:ed:0b:05:
                    0c:f8:f5:eb:5c:a8:e8:38:b5:a1:c8:a2:a4:11:4e:
                    e0:f5:4f:02:02:96:39:11:4b:c8:8e:d2:42:a4:2b:
                    4d:bb:84:a6:c8:41:d7:bc:e0:d6:32:29:65:1f:f4:
                    42:dc:24:5b:f0:fb:ab:ad:a1:cd:80:ab:83:be:c5:
                    79:c7:9c:b1:ae:56:43:15:c4:9c:26:56:fe:a7:34:
                    e5:31:c4:f7:36:9e:00:33:06:72:8b:29:26:e8:cf:
                    04:b9:02:ae:a1:cc:8e:9c:04:b4:04:fc:a7:8b:59:
                    96:90:1c:3a:1f:1f:5b:09:5f:87:19:7f:a3:26:e9:
                    40:4b:1d:f1:70:fa:23:24:7b:e1:38:8f:b1:30:c3:
                    b8:e5:45:31:17:58:fd:84:5e:8c:40:ba:f2:5f:d1:
                    39:66:c9:ea:fd:9f:ee:97:e3:ba:90:a2:8c:87:28:
                    0f:ce:12:e4:12:fa:cb:db:34:10:ba:62:41:f1:95:
                    31:ab:36:85:bc:6a:c7:3b:49:58:ce:74:19:01:83:
                    cb:cd:b3:a3:ee:5d:5f:23:93:43:50:c4:14:1e:16:
                    8a:33:22:19:f1:96:7a:cf:cd:67:38:6b:ee:a2:fe:
                    7e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.235.40.0/21
                  83.150.232.0/22
                IPv6:
                  2a00:d640::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213192

    Signature Algorithm: sha256WithRSAEncryption
         0f:1f:e8:a0:2d:be:21:b5:24:71:94:e2:eb:2e:66:4b:01:bb:
         8e:a4:e2:1a:71:fa:8e:e1:5e:fa:dd:20:5f:81:28:fb:e7:16:
         57:2b:46:ea:56:ba:52:9b:77:a6:a5:ef:3a:3e:6b:b9:55:fe:
         b9:f9:47:6f:53:bb:15:56:b5:ab:c7:07:bb:b2:41:28:c4:30:
         4c:a6:67:d8:03:7d:7b:cb:fd:72:b7:8c:b5:04:cf:13:16:62:
         e4:af:c4:49:41:d7:36:18:08:07:30:f2:e3:dd:d9:df:95:75:
         6e:95:46:81:29:79:88:16:c1:c0:0c:9c:e1:00:4f:6a:e8:38:
         35:4a:c1:f6:a3:11:44:99:33:74:5f:32:78:54:b7:d9:09:fc:
         a4:34:9a:20:bd:19:ce:f9:01:63:b4:3c:e1:18:62:4b:40:c5:
         e5:f4:0f:2b:76:77:4f:3c:d3:fb:91:b2:ec:6f:ea:7c:66:6c:
         cf:45:23:a5:e9:84:d8:58:5f:64:00:26:af:95:05:29:63:27:
         94:d5:0d:1e:51:9e:49:af:55:0d:98:fb:3d:b6:71:53:98:b0:
         f6:11:15:34:89:49:83:af:32:5f:fb:84:75:d7:a4:0e:9c:6f:
         8b:66:19:fa:72:aa:49:15:ce:47:8e:68:2b:66:2f:3c:ef:ee:
         84:f2:ea:06
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzFbuX8JEorkQkmUYNZHsvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZhMmE3MDAwMzg4MGQ3NTYxNjEyYTNjMGExMjYwMmNlMzU0MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4WlYJYWw1eY2uNHn8v8nolfQ9Nj
ranLA0/tCwUM+PXrXKjoOLWhyKKkEU7g9U8CApY5EUvIjtJCpCtNu4SmyEHXvODW
MillH/RC3CRb8PurraHNgKuDvsV5x5yxrlZDFcScJlb+pzTlMcT3Np4AMwZyiykm
6M8EuQKuocyOnAS0BPyni1mWkBw6Hx9bCV+HGX+jJulASx3xcPojJHvhOI+xMMO4
5UUxF1j9hF6MQLryX9E5Zsnq/Z/ul+O6kKKMhygPzhLkEvrL2zQQumJB8ZUxqzaF
vGrHO0lYznQZAYPLzbOj7l1fI5NDUMQUHhaKMyIZ8ZZ6z81nOGvuov5+5QIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFNL6KnAAOIDXVhYSo8ChJgLONUGkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5L2IyMDdk
MS04YjdiLTRlMjctODM3MC1hNzk2NTAxZTc3YTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvYjIwN2Qx
LThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8xLzB2b3FjQUE0Z05kV0ZoS2p3
S0VtQXM0MVFhUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDLusoAwQCU5boMA0EAgACMAcDBQMqANZAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwNAyDANBgkqhkiG9w0BAQsFAAOCAQEADx/o
oC2+IbUkcZTi6y5mSwG7jqTiGnH6juFe+t0gX4Eo++cWVytG6la6Upt3pqXvOj5r
uVX+uflHb1O7FVa1q8cHu7JBKMQwTKZn2AN9e8v9creMtQTPExZi5K/ESUHXNhgI
BzDy493Z35V1bpVGgSl5iBbBwAyc4QBPaug4NUrB9qMRRJkzdF8yeFS32Qn8pDSa
IL0ZzvkBY7Q84RhiS0DF5fQPK3Z3TzzT+5Gy7G/qfGZsz0UjpemE2FhfZAAmr5UF
KWMnlNUNHlGeSa9VDZj7PbZxU5iw9hEVNIlJg68yX/uEddekDpxvi2YZ+nKqSRXO
R45oK2YvPO/uhPLqBg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 17:10:18 2024 by rpki-client on console-fra.rpki-client.org