Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
File:                     1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer (raw, json)
Hash identifier:          s7q/WPa/QbLqR77jBgHtScCR8TZ2sA9vrzhzLjmjiA0=
Subject key identifier:   F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2A35CE37CEB16F3E64875AB99304F1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 57621
                          AS: 60721
                          IP: 45.136.104.0/22
                          IP: 185.26.144.0/22
                          IP: 185.126.176.0/22
                          IP: 185.153.228.0/22
                          IP: 185.162.144.0/22
                          IP: 185.171.24.0/22
                          IP: 185.247.136.0/22
                          IP: 2a04:3880::/30
                          IP: 2a05:100::/29
                          IP: 2a06:c380::/29
                          IP: 2a0b:6000::/29
                          IP: 2a0d:a2c0::/29
                          IP: 2a0d:c480::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:35:ce:37:ce:b1:6f:3e:64:87:5a:b9:93:04:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c3:e3:50:a2:1e:29:37:44:91:75:76:7a:da:
                    5f:77:05:a1:b0:f6:78:ad:c8:18:a4:b9:bc:09:a9:
                    69:17:b9:a9:e1:86:a2:85:00:a1:52:af:95:2e:cd:
                    93:8c:0d:11:27:21:19:76:0e:56:e3:7a:34:9f:2e:
                    6c:1f:67:17:94:a9:46:2d:45:43:27:cb:df:ad:8e:
                    fb:2a:ee:c0:e6:92:87:f4:53:47:0a:7d:b5:a8:a1:
                    49:94:2c:45:06:e5:ce:07:3c:b4:a6:6a:1e:ed:5a:
                    94:a1:43:bc:32:7e:e4:94:61:00:62:38:69:de:bc:
                    2f:5f:02:b4:3e:06:b9:0a:86:0f:b9:69:8b:aa:ad:
                    cc:05:a0:4c:d6:81:cd:5a:f7:77:83:14:ca:c9:09:
                    1b:fd:38:2c:bd:b7:f5:ba:0b:84:a4:7c:0d:3e:56:
                    fa:e0:18:ee:9c:3a:f8:ed:9b:92:42:ed:d8:a0:d5:
                    12:70:a3:4f:48:32:9e:3e:97:7f:c8:c6:54:ca:12:
                    b1:c0:dc:10:6b:16:b2:56:0a:dc:c8:81:57:73:7b:
                    4c:45:8a:2d:47:3a:d2:31:89:fa:23:99:29:4e:88:
                    4e:57:e3:76:50:b4:80:dc:ce:76:84:76:73:11:af:
                    c4:13:b1:a9:95:c3:4b:24:44:d7:c3:63:b3:ee:de:
                    65:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.104.0/22
                  185.26.144.0/22
                  185.126.176.0/22
                  185.153.228.0/22
                  185.162.144.0/22
                  185.171.24.0/22
                  185.247.136.0/22
                IPv6:
                  2a04:3880::/30
                  2a05:100::/29
                  2a06:c380::/29
                  2a0b:6000::/29
                  2a0d:a2c0::/29
                  2a0d:c480::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  57621
                  60721

    Signature Algorithm: sha256WithRSAEncryption
         92:32:dd:ea:c1:04:66:15:69:55:cb:50:1d:d7:90:2f:3c:a5:
         ef:89:78:6e:dc:4f:52:98:26:30:14:b1:74:e7:f8:b3:8f:f0:
         8d:7d:c3:af:43:2d:01:44:a5:c9:7b:a3:1c:0a:5c:48:f7:f9:
         25:1a:f2:b0:51:85:af:f6:7d:a9:d1:e1:5d:1e:d8:15:db:08:
         d4:7c:4d:d7:a5:55:9c:3b:e9:da:d7:8c:b8:ca:b1:b7:74:a2:
         d4:e8:6c:c9:e0:29:8b:43:ff:77:8b:65:4b:41:a4:ed:eb:af:
         d3:9c:b8:38:d0:fa:e5:af:d0:2b:8c:2e:09:b8:63:52:f1:27:
         69:96:80:71:ef:2a:41:14:dc:fb:c2:e1:6a:3e:1d:01:8a:e1:
         81:8e:ef:16:d5:e3:69:05:f2:38:dc:7b:d6:36:8c:82:39:51:
         14:c8:79:29:e1:ac:a5:f9:e3:05:08:de:a9:d7:4b:81:e3:4a:
         31:d5:40:23:1f:d8:6f:1b:61:96:e5:67:11:e7:82:d1:e0:0e:
         cd:1d:f9:36:4b:eb:2b:01:ed:a0:ab:14:55:f3:69:5f:31:ec:
         1e:33:26:c0:7c:ca:2c:08:ef:03:f0:94:6f:6c:56:73:39:f8:
         f2:65:7c:a6:35:8e:bb:5c:31:3c:75:41:b4:3f:71:fa:f0:0c:
         7c:de:dd:a5
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgISAYzKKjXON86xbz5kh1q5kwTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIwM2EwYzA0YjgxZmUxNzY2ZmE0MWJkMzFiNzNiNTg4MTg4YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cPjUKIeKTdEkXV2etpfdwWhsPZ4
rcgYpLm8CalpF7mp4YaihQChUq+VLs2TjA0RJyEZdg5W43o0ny5sH2cXlKlGLUVD
J8vfrY77Ku7A5pKH9FNHCn21qKFJlCxFBuXOBzy0pmoe7VqUoUO8Mn7klGEAYjhp
3rwvXwK0Pga5CoYPuWmLqq3MBaBM1oHNWvd3gxTKyQkb/Tgsvbf1uguEpHwNPlb6
4BjunDr47ZuSQu3YoNUScKNPSDKePpd/yMZUyhKxwNwQaxayVgrcyIFXc3tMRYot
RzrSMYn6I5kpTohOV+N2ULSA3M52hHZzEa/EE7GplcNLJETXw2Oz7t5lGwIDAQAB
o4IC/DCCAvgwHQYDVR0OBBYEFPggOgwEuB/hdm+kG9Mbc7WIGIrHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViL2UxNGNh
My1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2Ez
LWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJkNy8xLzEtQ0E2REFTNEgtRjJiNlFi
MHh0enRZZ1lpc2MubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1BggrBgEF
BQcBBwEB/wRmMGQwMAQCAAEwKgMEAi2IaAMEArkakAMEArl+sAMEArmZ5AMEArmi
kAMEArmrGAMEArn3iDAwBAIAAjAqAwUCKgQ4gAMFAyoFAQADBQMqBsOAAwUDKgtg
AAMFAyoNosADBQMqDcSAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDhFQIDAO0x
MA0GCSqGSIb3DQEBCwUAA4IBAQCSMt3qwQRmFWlVy1Ad15AvPKXviXhu3E9SmCYw
FLF05/izj/CNfcOvQy0BRKXJe6McClxI9/klGvKwUYWv9n2p0eFdHtgV2wjUfE3X
pVWcO+na14y4yrG3dKLU6GzJ4CmLQ/93i2VLQaTt66/TnLg40Prlr9ArjC4JuGNS
8SdploBx7ypBFNz7wuFqPh0BiuGBju8W1eNpBfI43HvWNoyCOVEUyHkp4ayl+eMF
CN6p10uB40ox1UAjH9hvG2GW5WcR54LR4A7NHfk2S+srAe2gqxRV82lfMeweMybA
fMosCO8D8JRvbFZzOfjyZXymNY67XDE8dUG0P3H68Ax83t2l
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:05:56 2024 by rpki-client on console-fra.rpki-client.org