Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-puJ82fU-5UCh3AfYtSgObf2yyA.cer
File:                     1-puJ82fU-5UCh3AfYtSgObf2yyA.cer (raw, json)
Hash identifier:          cpkWxO5wXDcgDAnfOs2hI59O70TuWQ34RL3DxSXsbTY=
Subject key identifier:   FA:9B:89:F3:67:D4:FB:95:02:87:70:1F:62:D4:A0:39:B7:F6:CB:20
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC5470FB3D0EC5E0E6B77F7E60C93E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:30:00 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198717
                          IP: 37.233.96.0/20
                          IP: 2a00:f2c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:54:70:fb:3d:0e:c5:e0:e6:b7:7f:7e:60:c9:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:30:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa9b89f367d4fb950287701f62d4a039b7f6cb20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ea:5f:fe:bc:a7:1f:8b:6a:ec:18:55:8d:70:
                    19:b3:62:6c:1f:65:e2:05:2c:58:61:24:62:02:bc:
                    65:d0:12:bc:86:7c:81:29:91:e4:56:11:03:3a:aa:
                    e0:be:db:06:c9:5f:8c:c9:79:d9:23:bc:9d:07:48:
                    6d:ea:85:18:70:ea:c9:cb:3d:75:b1:4b:aa:b6:20:
                    b9:dd:ab:67:73:f1:55:33:b4:ab:5d:ad:ef:e7:63:
                    d7:a5:2d:38:f2:55:bb:d4:d6:9e:6d:9a:76:05:52:
                    2d:bb:62:35:30:ce:cf:65:67:7e:13:a9:9e:ea:e8:
                    03:bb:6e:b3:b3:cc:d0:ae:ee:57:aa:1c:f9:8e:9d:
                    2a:e7:a5:4c:a7:33:8a:65:e8:86:cf:6e:2d:4f:36:
                    63:c5:69:26:46:40:97:ea:d9:51:ea:1e:82:b8:0f:
                    69:d6:2d:d7:98:5f:f1:c5:b2:b5:17:93:84:d0:19:
                    29:a1:9d:3a:95:b5:d1:e2:3c:9f:d1:4a:b3:10:71:
                    ce:b9:52:23:b2:9e:a6:92:6d:bb:41:15:b4:cd:1a:
                    33:51:7f:46:a9:31:41:85:0f:75:03:1b:6f:78:45:
                    59:4f:7f:20:fc:a2:9d:1e:c4:62:62:66:1a:70:77:
                    fe:fe:ca:31:21:42:62:39:02:d3:79:2c:39:21:9b:
                    11:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:9B:89:F3:67:D4:FB:95:02:87:70:1F:62:D4:A0:39:B7:F6:CB:20
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.233.96.0/20
                IPv6:
                  2a00:f2c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198717

    Signature Algorithm: sha256WithRSAEncryption
         0c:aa:f2:78:78:90:1c:66:9f:7f:8a:c7:e4:93:5f:2d:98:f3:
         8d:fc:e4:69:c6:22:c4:6c:fa:98:36:45:f7:da:ce:2c:af:24:
         f8:b5:76:30:48:44:f5:db:8b:93:9d:90:aa:21:ec:19:25:eb:
         55:ed:1a:ea:71:38:e3:96:34:8a:99:46:e8:92:3b:ae:37:b3:
         45:50:5a:91:64:59:e4:69:f0:60:b8:6c:b0:5d:fc:a6:81:e7:
         c7:a9:ad:ab:5e:eb:67:a3:6b:77:10:1a:00:69:7d:09:e7:f0:
         c6:36:2f:81:91:0d:67:65:b2:44:07:42:83:17:7b:07:ae:da:
         fc:4a:27:83:8b:ee:ee:11:88:c3:b8:98:6c:8d:32:5c:70:91:
         d7:79:11:8c:a2:92:a1:5a:2c:e8:80:a4:f9:54:07:8a:4f:7f:
         0d:65:8f:c2:0c:ac:df:f6:e1:0f:4e:46:cb:51:d5:d8:6c:78:
         06:f7:71:1e:cb:07:f2:6c:98:70:7e:ff:bc:b8:0d:5f:76:ae:
         4b:b7:67:7b:ca:a1:c2:1b:75:e8:21:b7:fe:e5:8d:34:d9:fa:
         95:ce:e5:ef:89:af:15:7a:e7:5e:8e:39:13:f7:a9:8f:65:e8:
         3c:3c:14:55:77:60:12:f2:f3:c6:bf:ad:13:6d:d1:be:3a:36:
         01:f2:95:f4
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzF3FRw+z0OxeDmt39+YMk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTliODlmMzY3ZDRmYjk1MDI4NzcwMWY2MmQ0YTAzOWI3ZjZjYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+pf/rynH4tq7BhVjXAZs2JsH2Xi
BSxYYSRiArxl0BK8hnyBKZHkVhEDOqrgvtsGyV+MyXnZI7ydB0ht6oUYcOrJyz11
sUuqtiC53atnc/FVM7SrXa3v52PXpS048lW71NaebZp2BVItu2I1MM7PZWd+E6me
6ugDu26zs8zQru5Xqhz5jp0q56VMpzOKZeiGz24tTzZjxWkmRkCX6tlR6h6CuA9p
1i3XmF/xxbK1F5OE0BkpoZ06lbXR4jyf0UqzEHHOuVIjsp6mkm27QRW0zRozUX9G
qTFBhQ91AxtveEVZT38g/KKdHsRiYmYacHf+/soxIUJiOQLTeSw5IZsRyQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFPqbifNn1PuVAodwH2LUoDm39ssgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1Lzk4OTMz
YS03NTgxLTQ5NzktOTEyMS0wZTFhNjhjNzU2M2IvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvOTg5MzNh
LTc1ODEtNDk3OS05MTIxLTBlMWE2OGM3NTYzYi8xLzEtcHVKODJmVS01VUNoM0Fm
WXRTZ09iZjJ5eUEubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEBCXpYDANBAIAAjAHAwUAKgDywDAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMDCD0wDQYJKoZIhvcNAQELBQADggEBAAyq8nh4kBxm
n3+Kx+STXy2Y84385GnGIsRs+pg2RffaziyvJPi1djBIRPXbi5OdkKoh7Bkl61Xt
GupxOOOWNIqZRuiSO643s0VQWpFkWeRp8GC4bLBd/KaB58eprate62eja3cQGgBp
fQnn8MY2L4GRDWdlskQHQoMXeweu2vxKJ4OL7u4RiMO4mGyNMlxwkdd5EYyikqFa
LOiApPlUB4pPfw1lj8IMrN/24Q9ORstR1dhseAb3cR7LB/JsmHB+/7y4DV92rku3
Z3vKocIbdeght/7ljTTZ+pXO5e+JrxV6516OORP3qY9l6Dw8FFV3YBLy88a/rRNt
0b46NgHylfQ=
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:13:12 2024 by rpki-client on console-ams.rpki-client.org