Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
File:                     1-TVqludOotcrZUXIfHnSEtcqe94.cer (raw, json)
Hash identifier:          ClofQEkOv1N+olWPnbuOfn5NYwvn3dls36HSkkTufk8=
Subject key identifier:   F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D345681CC30A5BC068242326A8D97
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:45 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 42810
                          IP: 87.237.168.0/21
                          IP: 94.126.248.0/21
                          IP: 2a01:b400::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:34:56:81:cc:30:a5:bc:06:82:42:32:6a:8d:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:58:39:f7:6b:10:51:55:44:65:a0:e2:f6:db:
                    5d:c5:39:55:53:62:d1:18:03:89:47:bb:38:33:11:
                    71:42:59:4f:0e:0e:47:5c:5c:d4:7c:fb:cb:7e:fb:
                    69:c9:9f:8a:54:cf:13:29:88:da:c8:c3:13:e4:00:
                    ed:e6:ac:f5:fe:30:38:38:56:d6:fd:02:a6:e7:27:
                    cf:2d:6d:2c:84:05:e3:c4:fc:5c:d2:c9:8b:4d:63:
                    93:7e:21:01:d2:15:bc:59:01:ae:5d:00:09:cc:33:
                    79:5c:8b:6c:3a:08:d6:16:3a:f6:65:54:72:e8:49:
                    20:36:8c:a3:47:ce:4a:02:3f:d6:d2:87:68:b9:d6:
                    2d:09:00:69:4b:44:7a:8f:58:ca:6c:9a:8f:b8:80:
                    98:2a:cb:7e:7a:20:96:fd:3a:16:27:13:9c:48:de:
                    24:49:75:96:30:d7:30:02:a6:20:bf:dd:a3:66:7c:
                    c7:a8:71:06:83:e0:39:07:12:23:2e:37:c9:ca:ab:
                    96:63:01:a9:ea:a6:43:71:d6:fb:40:9d:fa:c0:b9:
                    2c:b6:d6:95:24:47:fb:74:9c:c9:cb:ed:27:9b:aa:
                    21:99:f4:ec:9c:c8:ce:14:7e:4c:66:48:41:cf:74:
                    5d:48:d0:43:ea:6e:96:32:50:8f:50:92:9d:e0:c6:
                    c2:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.237.168.0/21
                  94.126.248.0/21
                IPv6:
                  2a01:b400::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  42810

    Signature Algorithm: sha256WithRSAEncryption
         02:fd:ee:ff:c2:c0:12:07:35:ca:d7:b3:93:b4:0b:a3:0f:79:
         d1:4a:9e:d6:9d:d3:29:6c:a8:8f:76:78:c0:88:d4:0e:01:bc:
         67:bb:6f:5c:d0:72:db:9b:ed:cc:83:46:25:63:e3:6a:bc:26:
         95:60:fa:95:f6:17:fb:97:60:c0:9b:83:33:4b:4a:54:29:79:
         8b:83:86:87:d2:9b:ff:fb:f7:a0:dd:da:d4:02:e2:5e:1e:26:
         cd:be:09:ee:ac:8a:70:22:14:fe:9c:b8:45:52:49:4f:36:a0:
         8b:75:6a:98:80:ab:a6:a7:a3:4e:de:e7:d6:33:79:04:97:61:
         e1:94:9a:c2:e7:8e:7e:8e:88:c2:53:f9:ee:6d:eb:47:9b:dd:
         74:12:c6:27:08:07:8d:61:1a:04:1a:3f:79:22:ac:2d:cd:5d:
         e0:56:98:2d:09:81:56:53:f4:5a:00:3c:88:bf:98:9c:9c:25:
         f5:ed:57:12:7f:6e:ab:46:b0:15:5f:5a:1b:3b:79:ca:57:89:
         36:1e:56:40:dd:c4:20:9c:ff:27:41:00:98:52:60:e7:9f:47:
         1a:90:9c:ba:2c:c2:c7:ff:5a:0f:93:d6:df:27:45:5f:45:de:
         98:41:71:1f:0c:95:94:70:07:18:a7:94:d4:f7:29:b5:11:65:
         08:ab:e8:67
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYzCbTRWgcwwpbwGgkIyao2XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM1NmE5NmU3NGVhMmQ3MmI2NTQ1Yzg3Yzc5ZDIxMmQ3MmE3YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Fg592sQUVVEZaDi9ttdxTlVU2LR
GAOJR7s4MxFxQllPDg5HXFzUfPvLfvtpyZ+KVM8TKYjayMMT5ADt5qz1/jA4OFbW
/QKm5yfPLW0shAXjxPxc0smLTWOTfiEB0hW8WQGuXQAJzDN5XItsOgjWFjr2ZVRy
6EkgNoyjR85KAj/W0odoudYtCQBpS0R6j1jKbJqPuICYKst+eiCW/ToWJxOcSN4k
SXWWMNcwAqYgv92jZnzHqHEGg+A5BxIjLjfJyquWYwGp6qZDcdb7QJ36wLksttaV
JEf7dJzJy+0nm6ohmfTsnMjOFH5MZkhBz3RdSNBD6m6WMlCPUJKd4MbClQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFPk1apbnTqLXK2VFyHx50hLXKnveMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyLzlmNDU5
Zi0yNjRkLTQ2Y2UtODdiMC1jYmI3ZDJiZjZmYTEvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvOWY0NTlm
LTI2NGQtNDZjZS04N2IwLWNiYjdkMmJmNmZhMS8xLzEtVFZxbHVkT290Y3JaVVhJ
ZkhuU0V0Y3FlOTQubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEF
BQcBBwEB/wQlMCMwEgQCAAEwDAMEA1ftqAMEA15++DANBAIAAjAHAwUAKgG0ADAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMApzowDQYJKoZIhvcNAQELBQADggEBAAL9
7v/CwBIHNcrXs5O0C6MPedFKntad0ylsqI92eMCI1A4BvGe7b1zQctub7cyDRiVj
42q8JpVg+pX2F/uXYMCbgzNLSlQpeYuDhofSm//796Dd2tQC4l4eJs2+Ce6sinAi
FP6cuEVSSU82oIt1apiAq6ano07e59YzeQSXYeGUmsLnjn6OiMJT+e5t60eb3XQS
xicIB41hGgQaP3kirC3NXeBWmC0JgVZT9FoAPIi/mJycJfXtVxJ/bqtGsBVfWhs7
ecpXiTYeVkDdxCCc/ydBAJhSYOefRxqQnLoswsf/Wg+T1t8nRV9F3phBcR8MlZRw
BxinlNT3KbURZQir6Gc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:19:10 2024 by rpki-client on console-ams.rpki-client.org