Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-Ka3mwOX60XugnpNY9ynR2lVKVY.cer
File:                     1-Ka3mwOX60XugnpNY9ynR2lVKVY.cer (raw, json)
Hash identifier:          t+AE3q2kMm7kMhT4PgibICB8byJtBnhvweldTE9StvM=
Subject key identifier:   F8:A6:B7:9B:03:97:EB:45:EE:82:7A:4D:63:DC:A7:47:69:55:29:56
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2A227BF7D1E3C59A8DA64DBC8247CC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/94/b937fa-ef55-4e45-84c0-9f502df4ff65/1/1-Ka3mwOX60XugnpNY9ynR2lVKVY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/94/b937fa-ef55-4e45-84c0-9f502df4ff65/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 199436

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:22:7b:f7:d1:e3:c5:9a:8d:a6:4d:bc:82:47:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f8a6b79b0397eb45ee827a4d63dca74769552956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:56:ec:d8:c4:1b:75:d2:a9:93:6a:49:0c:54:
                    a4:d6:5e:76:71:a9:58:6f:97:cb:32:35:42:fd:9a:
                    cc:8e:94:6a:2d:71:e8:8c:08:18:6e:2c:2b:e0:e4:
                    7f:70:bd:1b:04:e9:36:0c:ad:5e:56:c1:e9:e0:09:
                    a0:03:f2:33:c8:43:31:00:54:13:1e:3f:7a:a8:ea:
                    e4:1e:e0:41:de:f2:14:26:b0:a1:8b:51:c1:87:57:
                    b4:3a:e3:4a:dd:13:d6:76:1e:c7:0c:86:50:e7:81:
                    f4:e2:69:dc:17:aa:c6:ef:3e:dd:f1:01:e0:53:d9:
                    f0:04:c0:cd:5b:03:79:da:81:ce:67:09:05:95:3a:
                    55:da:f7:2e:95:80:6a:9b:a2:de:aa:06:2d:22:28:
                    90:44:11:7b:40:54:6a:cb:81:c5:fa:dc:28:e9:78:
                    3c:dc:de:c5:96:5a:1c:af:83:7d:e0:90:ec:a6:2d:
                    71:60:18:71:11:cb:7c:4b:ce:e9:c8:9f:57:35:a5:
                    27:35:9e:a5:1c:e9:7d:60:68:48:76:7a:74:ab:35:
                    4d:ab:73:9d:7f:e0:e3:84:7b:91:bf:df:21:6d:36:
                    24:a4:11:0d:3d:e4:5c:71:4f:db:92:ba:94:da:9e:
                    54:5a:83:fb:8f:bd:9a:52:13:d0:fe:0c:fe:82:79:
                    93:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:A6:B7:9B:03:97:EB:45:EE:82:7A:4D:63:DC:A7:47:69:55:29:56
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b937fa-ef55-4e45-84c0-9f502df4ff65/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b937fa-ef55-4e45-84c0-9f502df4ff65/1/1-Ka3mwOX60XugnpNY9ynR2lVKVY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199436

    Signature Algorithm: sha256WithRSAEncryption
         92:90:d7:06:05:5e:6c:96:eb:15:3e:3a:9a:0c:70:f8:42:db:
         f4:15:5a:a4:65:dd:08:28:84:8d:21:5a:c7:a7:c9:19:a4:06:
         ed:a9:fa:ff:90:dd:cc:c4:fb:f9:9c:9e:f5:cf:f2:61:ed:4f:
         c3:2b:c9:8e:d6:0a:a0:43:8e:95:1f:d9:f4:89:e9:dd:fa:d6:
         03:a2:99:d3:07:65:59:51:8d:c7:f8:6d:52:ae:21:b4:fc:25:
         5d:8e:cc:2e:73:a8:43:79:67:d3:60:c1:b2:7f:69:02:14:fd:
         e9:83:74:9c:38:ad:c2:b7:0f:33:34:36:9a:49:9a:a3:22:15:
         4f:d1:2a:f2:ae:50:e0:3b:15:96:60:54:af:fa:f4:1d:42:83:
         1a:f8:91:c9:91:19:dd:88:24:1f:19:e6:04:ca:6e:d0:fd:a3:
         64:83:31:96:12:5d:7e:2e:41:4f:25:60:e9:40:c2:ef:fa:91:
         7e:dc:42:82:df:e3:58:10:a0:a9:19:54:91:2d:6f:c2:43:30:
         4d:e4:51:b6:a1:56:a2:b0:87:b5:88:b1:60:82:0d:ac:70:94:
         af:e3:b2:96:db:9e:a1:05:65:f9:40:aa:86:01:34:9b:eb:6e:
         8d:74:7c:40:06:ff:5e:d6:d3:9e:4d:05:a4:a2:dc:51:dc:4b:
         57:64:b7:61
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAYzKKiJ799HjxZqNpk28gkfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE2Yjc5YjAzOTdlYjQ1ZWU4MjdhNGQ2M2RjYTc0NzY5NTUyOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslbs2MQbddKpk2pJDFSk1l52calY
b5fLMjVC/ZrMjpRqLXHojAgYbiwr4OR/cL0bBOk2DK1eVsHp4AmgA/IzyEMxAFQT
Hj96qOrkHuBB3vIUJrChi1HBh1e0OuNK3RPWdh7HDIZQ54H04mncF6rG7z7d8QHg
U9nwBMDNWwN52oHOZwkFlTpV2vculYBqm6LeqgYtIiiQRBF7QFRqy4HF+two6Xg8
3N7Fllocr4N94JDspi1xYBhxEct8S87pyJ9XNaUnNZ6lHOl9YGhIdnp0qzVNq3Od
f+DjhHuRv98hbTYkpBENPeRccU/bkrqU2p5UWoP7j72aUhPQ/gz+gnmTmQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFPimt5sDl+tF7oJ6TWPcp0dpVSlWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk0L2I5Mzdm
YS1lZjU1LTRlNDUtODRjMC05ZjUwMmRmNGZmNjUvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQvYjkzN2Zh
LWVmNTUtNGU0NS04NGMwLTlmNTAyZGY0ZmY2NS8xLzEtS2EzbXdPWDYwWHVnbnBO
WTl5blIybFZLVlkubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMDCwwwDQYJKoZIhvcNAQELBQADggEBAJKQ1wYFXmyW
6xU+OpoMcPhC2/QVWqRl3QgohI0hWsenyRmkBu2p+v+Q3czE+/mcnvXP8mHtT8Mr
yY7WCqBDjpUf2fSJ6d361gOimdMHZVlRjcf4bVKuIbT8JV2OzC5zqEN5Z9NgwbJ/
aQIU/emDdJw4rcK3DzM0NppJmqMiFU/RKvKuUOA7FZZgVK/69B1Cgxr4kcmRGd2I
JB8Z5gTKbtD9o2SDMZYSXX4uQU8lYOlAwu/6kX7cQoLf41gQoKkZVJEtb8JDME3k
UbahVqKwh7WIsWCCDaxwlK/jspbbnqEFZflAqoYBNJvrbo10fEAG/17W055NBaSi
3FHcS1dkt2E=
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:06:02 2024 by rpki-client on console-fra.rpki-client.org