Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
File:                     1-J4in4YLBY0j_SiikmFhuHhjMMY.cer (raw, json)
Hash identifier:          AgdATEuRW5JFELezFloIxNrgddFdjp2QWCGckz6tlYQ=
Subject key identifier:   F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DAE495ABBC8F1675F5466873706A4B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/1-J4in4YLBY0j_SiikmFhuHhjMMY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:34 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 58092
                          IP: 193.102.77.0 -- 193.102.79.255
                          IP: 194.62.20.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:e4:95:ab:bc:8f:16:75:f5:46:68:73:70:6a:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f89e229f860b058d23fd28a2926161b8786330c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a0:fb:be:14:52:88:fd:a9:ae:8e:99:ae:c2:
                    2c:85:45:54:78:a9:31:54:ae:47:d4:eb:f3:4e:af:
                    3c:20:c7:d9:b2:1c:12:2e:ba:d8:75:f6:1d:8e:ba:
                    6b:f9:3b:ad:0e:bb:e2:cf:fd:c2:f8:5f:6d:0d:af:
                    9e:a5:25:5c:e3:6b:77:3b:3e:cb:13:12:1e:f7:bb:
                    12:b4:85:ad:10:b0:1a:08:45:3c:71:23:ea:70:a3:
                    78:43:04:b5:ea:65:1d:10:6a:50:ff:af:9b:5c:5f:
                    14:c9:a5:f7:cd:f8:ae:9f:a4:77:c8:4a:89:f8:d9:
                    a0:20:42:cd:a7:7e:d5:90:2d:2d:65:d4:f6:da:97:
                    88:38:e4:74:36:75:36:0f:50:ad:e9:c3:50:0c:60:
                    e4:81:34:53:71:11:60:d6:e2:53:1d:93:ba:ef:ac:
                    f5:8e:df:ee:33:48:03:29:38:32:d4:ee:23:ad:e3:
                    39:74:6c:c0:65:83:c6:6c:7c:b3:e1:74:f8:ec:26:
                    3a:02:c5:b8:42:bb:f3:d8:c2:ce:88:45:57:a3:86:
                    27:08:4c:96:d5:e0:df:6c:1c:1f:c3:e2:11:22:83:
                    dc:bb:ed:70:1a:3d:74:d4:96:3e:d6:0e:bb:16:8d:
                    28:55:b6:8e:df:38:de:7d:d5:71:b4:63:6a:be:5f:
                    28:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/1-J4in4YLBY0j_SiikmFhuHhjMMY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.102.77.0-193.102.79.255
                  194.62.20.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58092

    Signature Algorithm: sha256WithRSAEncryption
         78:36:5f:6e:04:19:95:12:d3:76:ff:a3:45:a1:f5:29:ef:18:
         72:f6:ea:3e:b1:6a:1f:f6:66:41:c9:9f:4e:cf:55:36:49:80:
         a1:25:0d:07:f8:10:44:11:75:09:3d:f5:3e:6f:73:ad:8f:23:
         1e:e9:16:59:1a:cd:30:0a:62:d6:8d:7f:cf:96:62:4a:1d:b4:
         ba:27:ef:40:21:c2:eb:52:94:d9:1c:c5:38:89:ea:8b:90:25:
         ed:40:56:03:11:32:6c:0b:74:c9:6b:a2:0f:64:0f:10:a0:77:
         99:43:3e:c9:de:f6:31:d9:29:a3:7b:2c:18:fd:26:e0:32:94:
         d6:2e:1d:bb:1c:71:f3:4a:6e:e4:59:b4:b8:b6:ff:50:e6:6e:
         1b:26:95:ca:e4:f0:2e:a5:1f:c8:a4:c0:f4:75:6e:c0:b1:82:
         2d:14:3d:78:88:35:98:73:3e:8b:cf:af:86:9b:51:13:cd:e0:
         9f:03:84:a7:8a:81:49:1f:b4:5a:3f:07:92:b3:bf:a9:1a:9b:
         5f:2b:3f:e0:ba:5e:85:06:f8:61:86:27:52:d5:07:7b:3d:70:
         3c:f0:4a:ea:2c:9e:38:5c:88:1e:52:38:96:67:c6:57:c7:5a:
         54:50:2a:da:4c:01:50:60:7f:14:fb:47:6f:64:98:77:2e:8b:
         c3:5b:b4:d8
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC2uSVq7yPFnX1RmhzcGpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODllMjI5Zjg2MGIwNThkMjNmZDI4YTI5MjYxNjFiODc4NjMzMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqD7vhRSiP2pro6ZrsIshUVUeKkx
VK5H1OvzTq88IMfZshwSLrrYdfYdjrpr+TutDrviz/3C+F9tDa+epSVc42t3Oz7L
ExIe97sStIWtELAaCEU8cSPqcKN4QwS16mUdEGpQ/6+bXF8UyaX3zfiun6R3yEqJ
+NmgIELNp37VkC0tZdT22peIOOR0NnU2D1Ct6cNQDGDkgTRTcRFg1uJTHZO676z1
jt/uM0gDKTgy1O4jreM5dGzAZYPGbHyz4XT47CY6AsW4Qrvz2MLOiEVXo4YnCEyW
1eDfbBwfw+IRIoPcu+1wGj101JY+1g67Fo0oVbaO3zjefdVxtGNqvl8oqwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPieIp+GCwWNI/0oopJhYbh4YzDGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E0LzhjY2Ez
My1jMmIxLTQ1NDEtOWVmMi1hYTBlYjUzZTkwYjkvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvOGNjYTMz
LWMyYjEtNDU0MS05ZWYyLWFhMGViNTNlOTBiOS8xLzEtSjRpbjRZTEJZMGpfU2lp
a21GaHVIaGpNTVkubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEF
BQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAwWZNAwQEwWZAAwQAwj4UMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDi7DANBgkqhkiG9w0BAQsFAAOCAQEAeDZfbgQZlRLT
dv+jRaH1Ke8YcvbqPrFqH/ZmQcmfTs9VNkmAoSUNB/gQRBF1CT31Pm9zrY8jHukW
WRrNMApi1o1/z5ZiSh20uifvQCHC61KU2RzFOInqi5Al7UBWAxEybAt0yWuiD2QP
EKB3mUM+yd72Mdkpo3ssGP0m4DKU1i4duxxx80pu5Fm0uLb/UOZuGyaVyuTwLqUf
yKTA9HVuwLGCLRQ9eIg1mHM+i8+vhptRE83gnwOEp4qBSR+0Wj8HkrO/qRqbXys/
4LpehQb4YYYnUtUHez1wPPBK6iyeOFyIHlI4lmfGV8daVFAq2kwBUGB/FPtHb2SY
dy6Lw1u02A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:19:02 2024 by rpki-client on console-ams.rpki-client.org