Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
File:                     0wGZH8ND81jA8u665Vzy2jRSHHo.cer (raw, json)
Hash identifier:          O2XaCMeH2BVZ7lwf2gLOsCY8EqxWLv2w0MhWOFHp5Hs=
Subject key identifier:   D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC726CBEE1E4C6C5EC65AEE5F5C92FF3D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:30:57 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 57866
                          AS: 211005
                          IP: 37.139.136.0/21
                          IP: 45.141.104.0/22
                          IP: 185.52.236.0/22
                          IP: 2001:678:fe0::/48
                          IP: 2a00:a7c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:cb:ee:1e:4c:6c:5e:c6:5a:ee:5f:5c:92:ff:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:30:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d301991fc343f358c0f2eebae55cf2da34521c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:8c:52:00:df:1f:4e:46:e9:4e:94:0c:09:d5:
                    bf:62:b9:25:bb:60:bf:c9:7c:cd:f7:e0:b2:9a:59:
                    f7:75:fe:3b:44:ce:fe:0f:94:a7:ef:fb:4c:36:d9:
                    73:6f:52:2d:ff:0b:92:e4:bf:fb:ca:f4:52:d8:e0:
                    0a:df:e3:44:5a:8c:4d:58:54:c0:2f:42:a1:df:65:
                    3e:12:d7:8b:fe:6a:67:f8:6f:7e:67:a4:90:47:4b:
                    33:b5:fe:c1:e5:38:d0:f3:25:31:79:73:cd:0c:48:
                    3b:e5:6e:48:13:27:5c:25:eb:40:e2:15:36:e7:ff:
                    38:94:58:15:ca:86:bd:47:a3:55:71:da:e0:5a:f7:
                    18:3d:2f:5b:36:05:81:54:ac:f0:8b:f1:56:41:29:
                    8f:95:cd:80:eb:76:73:0c:66:12:ba:90:e8:46:0e:
                    25:d6:61:df:ef:61:da:65:62:f7:cd:34:88:dd:44:
                    11:2f:37:47:db:da:9c:c2:6d:3e:02:4d:66:2d:bb:
                    1e:e4:2c:ff:f6:e6:4b:34:4f:26:5f:42:71:be:21:
                    5b:47:9c:0f:02:52:9d:a3:c2:d4:01:d3:a7:24:40:
                    9d:9a:19:b1:2f:cd:a0:f5:90:72:95:73:d3:3c:db:
                    6b:08:62:bc:df:15:5d:fc:d5:5b:ab:36:52:78:7f:
                    b0:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.139.136.0/21
                  45.141.104.0/22
                  185.52.236.0/22
                IPv6:
                  2001:678:fe0::/48
                  2a00:a7c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  57866
                  211005

    Signature Algorithm: sha256WithRSAEncryption
         06:c0:12:2d:60:1d:db:2f:2c:f6:63:f9:50:e7:b8:6f:f3:e7:
         5a:af:59:79:60:12:58:bf:f8:ae:aa:02:bd:2d:e2:5b:f1:18:
         bf:5e:d5:ec:2d:98:d0:c8:43:a2:2e:88:d1:6d:a9:50:87:34:
         b2:df:35:39:cb:98:b8:ed:55:db:36:83:b3:79:f9:c1:5a:09:
         c7:68:59:af:a0:9a:e3:30:d7:26:50:2e:0d:15:c1:02:7d:d2:
         76:79:91:7e:da:69:1e:b2:88:83:d9:52:29:d5:2d:c8:73:91:
         c4:cf:ab:30:dd:2d:68:f8:a8:80:cf:2f:14:53:04:4f:eb:2f:
         6d:cd:bb:6f:b8:f2:75:63:d8:75:f5:82:a9:07:2e:98:32:3f:
         cb:56:32:fb:a3:ad:13:a9:7e:55:51:f8:ba:46:59:74:90:2a:
         fa:93:6d:a0:7a:da:6e:03:e9:e2:f4:ed:d7:eb:8f:71:31:99:
         00:4d:6e:73:e4:a4:58:c3:c7:9f:39:85:a5:3b:cd:96:54:eb:
         4b:5b:cc:11:27:91:ca:ab:7c:a3:87:68:ec:0f:a1:66:f2:9f:
         69:bb:dd:47:80:5f:08:fc:d6:a3:de:39:bd:a3:76:57:3a:96:
         91:56:e8:8b:94:bb:0b:fe:6e:fa:db:65:b4:94:52:26:12:20:
         21:3b:c7:c3
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYzHJsvuHkxsXsZa7l9ckv89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzAxOTkxZmMzNDNmMzU4YzBmMmVlYmFlNTVjZjJkYTM0NTIxYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoxSAN8fTkbpTpQMCdW/Yrklu2C/
yXzN9+Cymln3df47RM7+D5Sn7/tMNtlzb1It/wuS5L/7yvRS2OAK3+NEWoxNWFTA
L0Kh32U+EteL/mpn+G9+Z6SQR0sztf7B5TjQ8yUxeXPNDEg75W5IEydcJetA4hU2
5/84lFgVyoa9R6NVcdrgWvcYPS9bNgWBVKzwi/FWQSmPlc2A63ZzDGYSupDoRg4l
1mHf72HaZWL3zTSI3UQRLzdH29qcwm0+Ak1mLbse5Cz/9uZLNE8mX0JxviFbR5wP
AlKdo8LUAdOnJECdmhmxL82g9ZBylXPTPNtrCGK83xVd/NVbqzZSeH+wDwIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFNMBmR/DQ/NYwPLuuuVc8to0Uhx6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2L2MzNmY4
My04YjM1LTRkMDUtYTMzNC1mOThjNDgzMDE1ZDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYvYzM2Zjgz
LThiMzUtNGQwNS1hMzM0LWY5OGM0ODMwMTVkNy8xLzB3R1pIOE5EODFqQTh1NjY1
Vnp5MmpSU0hIby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUF
BwEHAQH/BDQwMjAYBAIAATASAwQDJYuIAwQCLY1oAwQCuTTsMBYEAgACMBADBwAg
AQZ4D+ADBQAqAKfAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDiCgIDAzg9MA0G
CSqGSIb3DQEBCwUAA4IBAQAGwBItYB3bLyz2Y/lQ57hv8+dar1l5YBJYv/iuqgK9
LeJb8Ri/XtXsLZjQyEOiLojRbalQhzSy3zU5y5i47VXbNoOzefnBWgnHaFmvoJrj
MNcmUC4NFcECfdJ2eZF+2mkesoiD2VIp1S3Ic5HEz6sw3S1o+KiAzy8UUwRP6y9t
zbtvuPJ1Y9h19YKpBy6YMj/LVjL7o60TqX5VUfi6Rll0kCr6k22getpuA+ni9O3X
649xMZkATW5z5KRYw8efOYWlO82WVOtLW8wRJ5HKq3yjh2jsD6Fm8p9pu91HgF8I
/Naj3jm9o3ZXOpaRVuiLlLsL/m7622W0lFImEiAhO8fD
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:01:30 2024 by rpki-client on console-fra.rpki-client.org