Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-V055baJCkbIzlyQN-bSY2XoV7w.cer
File:                     1-V055baJCkbIzlyQN-bSY2XoV7w.cer (raw, json)
Hash identifier:          if/X+PxRE/SGtwrFi0jeeM9kNeiGBbiI0gu0CsI4UOw=
Subject key identifier:   F9:5D:39:E5:B6:89:0A:46:C8:CE:5C:90:37:E6:D2:63:65:E8:57:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DB33D139A87C0442C5CF37D1E83CD2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/1-V055baJCkbIzlyQN-bSY2XoV7w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:54 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 213027
                          IP: 91.203.106.0/24
                          IP: 2001:678:f70::/48
                          IP: 2001:678:f74::/48
                          IP: 2a11:a00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:33:d1:39:a8:7c:04:42:c5:cf:37:d1:e8:3c:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f95d39e5b6890a46c8ce5c9037e6d26365e857bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:cd:84:11:f6:42:67:80:97:3c:db:07:9e:57:
                    b3:8d:6a:bf:f8:f1:e3:18:b4:ef:83:8b:e6:30:37:
                    68:ac:dc:89:1a:d3:09:09:90:60:0c:f3:42:1c:14:
                    b0:c8:f2:8e:0d:20:68:35:de:da:00:a9:84:25:96:
                    9d:8a:b3:d4:eb:f9:aa:6a:9e:d8:b9:db:d5:0f:c8:
                    0c:50:39:1b:31:e2:d6:4c:6a:8d:2d:b7:4e:b8:2e:
                    fa:84:43:7b:bd:6a:2f:fb:46:42:6c:d1:09:87:ad:
                    8e:c9:f6:e0:cc:d7:aa:6e:47:2c:3d:9b:18:c7:3b:
                    56:e4:c2:f5:b9:06:dd:85:54:74:2c:61:41:af:f8:
                    3b:62:4c:ec:55:3c:ba:8e:a1:e9:d8:d1:26:1c:06:
                    74:9e:31:74:ea:25:8e:74:e9:b4:40:1f:ce:15:c4:
                    43:64:1d:9b:9f:99:85:ef:27:19:ba:2c:9d:70:2c:
                    39:f2:2a:e8:25:92:d2:38:4e:cd:11:77:40:c3:4a:
                    72:10:45:91:88:37:23:8e:a9:08:e6:40:98:c5:5d:
                    16:cd:f2:83:c6:b5:bd:43:17:a6:7b:d9:fa:ad:65:
                    da:cc:ea:5f:60:81:da:61:25:f8:5d:9e:41:42:bc:
                    e6:2c:50:ea:e7:69:63:79:b3:d4:2e:a9:34:d1:cf:
                    6e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:5D:39:E5:B6:89:0A:46:C8:CE:5C:90:37:E6:D2:63:65:E8:57:BC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/1-V055baJCkbIzlyQN-bSY2XoV7w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.106.0/24
                IPv6:
                  2001:678:f70::/48
                  2001:678:f74::/48
                  2a11:a00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213027

    Signature Algorithm: sha256WithRSAEncryption
         08:b0:31:0d:3e:51:fb:4b:ea:15:d1:d8:25:37:16:1a:11:5f:
         5b:1f:f0:27:58:3e:f8:a0:50:22:f4:a7:f6:b4:60:8b:d5:d2:
         a2:48:2a:6f:2f:d0:49:7d:6c:1d:82:3d:d5:b1:be:f4:f0:b2:
         55:34:ba:50:a8:00:94:de:30:39:b6:a0:d4:7b:18:48:46:7e:
         27:5d:e1:a2:42:d2:50:9a:5b:95:6a:49:b6:80:ff:6b:f6:99:
         26:01:64:98:99:27:78:3f:3c:67:34:07:e5:b0:e8:be:b5:96:
         b1:75:ce:6f:f8:f5:6f:ec:02:ac:91:5f:9e:70:0f:ea:10:69:
         71:da:a6:b2:46:ba:c0:e4:7f:f8:1a:1b:10:46:80:f2:40:3a:
         6a:26:04:25:48:8a:ee:57:41:c9:9c:c5:5d:98:41:fc:82:83:
         f5:1f:b0:62:9d:eb:66:88:d9:51:4e:34:1a:eb:5b:db:37:b7:
         36:64:ea:0d:28:ee:f6:de:f9:7c:7c:c0:1f:c7:b3:64:a5:ad:
         f3:14:c8:4d:21:ae:93:b5:67:81:63:f3:4e:ae:88:90:c8:d6:
         bf:7c:2f:cd:78:95:e2:16:24:bf:be:e6:0e:ad:04:1b:6c:15:
         f9:0b:f8:3d:45:a6:0b:31:38:59:9c:81:60:c3:14:59:04:08:
         26:f5:98:21
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYzC2zPROah8BELFzzfR6DzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVkMzllNWI2ODkwYTQ2YzhjZTVjOTAzN2U2ZDI2MzY1ZTg1N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM2EEfZCZ4CXPNsHnlezjWq/+PHj
GLTvg4vmMDdorNyJGtMJCZBgDPNCHBSwyPKODSBoNd7aAKmEJZadirPU6/mqap7Y
udvVD8gMUDkbMeLWTGqNLbdOuC76hEN7vWov+0ZCbNEJh62OyfbgzNeqbkcsPZsY
xztW5ML1uQbdhVR0LGFBr/g7YkzsVTy6jqHp2NEmHAZ0njF06iWOdOm0QB/OFcRD
ZB2bn5mF7ycZuiydcCw58iroJZLSOE7NEXdAw0pyEEWRiDcjjqkI5kCYxV0WzfKD
xrW9Qxeme9n6rWXazOpfYIHaYSX4XZ5BQrzmLFDq52ljebPULqk00c9uuQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFPldOeW2iQpGyM5ckDfm0mNl6Fe8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU3L2MzMjA2
YS05YzE2LTQ1MjctOGI4OS02ZThkY2JhZWFmN2YvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvYzMyMDZh
LTljMTYtNDUyNy04Yjg5LTZlOGRjYmFlYWY3Zi8xLzEtVjA1NWJhSkNrYkl6bHlR
Ti1iU1kyWG9WN3cubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEF
BQcBBwEB/wQxMC8wDAQCAAEwBgMEAFvLajAfBAIAAjAZAwcAIAEGeA9wAwcAIAEG
eA90AwUDKhEKADAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDQCMwDQYJKoZIhvcN
AQELBQADggEBAAiwMQ0+UftL6hXR2CU3FhoRX1sf8CdYPvigUCL0p/a0YIvV0qJI
Km8v0El9bB2CPdWxvvTwslU0ulCoAJTeMDm2oNR7GEhGfidd4aJC0lCaW5VqSbaA
/2v2mSYBZJiZJ3g/PGc0B+Ww6L61lrF1zm/49W/sAqyRX55wD+oQaXHaprJGusDk
f/gaGxBGgPJAOmomBCVIiu5XQcmcxV2YQfyCg/UfsGKd62aI2VFONBrrW9s3tzZk
6g0o7vbe+Xx8wB/Hs2SlrfMUyE0hrpO1Z4Fj806uiJDI1r98L814leIWJL++5g6t
BBtsFfkL+D1FpgsxOFmcgWDDFFkECCb1mCE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:21 2024 by rpki-client on console-fra.rpki-client.org