Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
File:                     1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer (raw, json)
Hash identifier:          epJpimKfIMlQNTGrxZEwq0MKzXAAa14i2EcVkBY9J0M=
Subject key identifier:   FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC80160255D4B420AF43F829055173084
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:29:42 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 212994
                          IP: 91.211.212.0/22
                          IP: 2a13:f9c0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:60:25:5d:4b:42:0a:f4:3f:82:90:55:17:30:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=faa6e5e86023c9b314ee651291fafe8c6dd69a83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:6d:f5:6c:39:f1:e2:8f:ce:c4:e4:2a:a5:45:
                    a0:ba:e9:df:fb:5f:54:3f:13:5a:e5:03:e0:a3:0d:
                    e7:9b:73:59:83:cf:90:44:fe:f4:f6:51:83:76:ab:
                    40:6f:5d:7f:42:57:6e:2d:78:05:73:82:27:92:a5:
                    18:50:2e:ad:aa:d1:db:7b:48:2d:d1:e6:02:7a:10:
                    57:06:8d:4f:53:40:54:78:e0:30:cb:96:53:52:94:
                    79:88:d5:27:2e:03:4b:00:49:87:69:e7:85:4c:40:
                    37:75:19:ba:a2:93:07:66:ab:11:04:d2:be:4a:c1:
                    cc:ca:70:91:72:75:ae:72:d6:f1:0c:31:46:a6:97:
                    48:9d:60:ec:85:4c:ab:21:39:b2:6b:16:5f:f3:8e:
                    a9:09:f9:cf:3b:98:76:2c:70:c8:b7:b9:86:68:fb:
                    6a:e0:3e:6e:9f:d8:55:42:4c:d4:94:ee:52:b9:42:
                    5a:e7:e9:8b:89:d5:44:ee:56:01:dc:c4:c4:2e:69:
                    3b:c1:e7:08:ba:43:ac:8f:4c:97:e8:f5:60:d8:aa:
                    88:57:c7:96:63:5d:c1:6f:0a:80:6a:9d:03:fe:bb:
                    85:a7:5e:e6:67:16:af:e1:58:ee:de:2a:f3:58:2d:
                    82:e7:32:c0:4e:d4:27:44:25:6e:d1:b9:36:05:5f:
                    07:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.211.212.0/22
                IPv6:
                  2a13:f9c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212994

    Signature Algorithm: sha256WithRSAEncryption
         2e:89:fa:b8:ed:0d:92:05:57:e0:6e:11:a9:ac:db:5b:3f:36:
         69:87:42:22:6b:6f:9f:23:c0:e7:3b:7b:22:31:63:77:a8:64:
         88:36:ca:7c:0d:eb:6c:8f:1c:b4:22:22:d2:6b:a2:bd:e4:99:
         05:7e:09:46:bf:f1:e7:49:5e:8a:9e:56:ba:ca:73:ad:ce:36:
         5c:1d:15:1c:cc:c4:ca:70:9d:5e:4f:7e:6c:47:a2:e6:30:8a:
         0a:1b:1f:f6:46:84:5b:5d:c2:47:2a:17:8b:7e:ff:d0:65:0a:
         1d:fe:a2:63:0e:a0:6e:d5:62:e5:bd:20:dd:0e:06:e0:f3:29:
         6c:cb:fc:ab:83:d5:36:a3:b3:e7:68:a4:71:5c:15:03:7c:c2:
         a9:ce:24:0f:35:27:ba:6f:86:4c:16:c2:b1:d7:37:80:32:43:
         94:a0:19:0a:e9:0c:12:38:7c:e5:f6:10:91:e9:dd:94:2e:91:
         af:2f:f9:6c:7e:3a:0b:30:6b:68:a2:08:35:ba:dc:c3:bd:59:
         4b:38:01:99:77:90:a8:7c:f8:29:66:1b:e9:12:a8:86:ba:97:
         62:97:e3:a6:7c:2b:3d:65:da:ed:ae:48:85:63:5d:91:38:47:
         20:d2:be:ef:81:55:d3:28:cc:45:df:b4:67:3f:42:0a:e3:5f:
         63:c0:4c:05
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzIAWAlXUtCCvQ/gpBVFzCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE2ZTVlODYwMjNjOWIzMTRlZTY1MTI5MWZhZmU4YzZkZDY5YTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G31bDnx4o/OxOQqpUWguunf+19U
PxNa5QPgow3nm3NZg8+QRP709lGDdqtAb11/QlduLXgFc4InkqUYUC6tqtHbe0gt
0eYCehBXBo1PU0BUeOAwy5ZTUpR5iNUnLgNLAEmHaeeFTEA3dRm6opMHZqsRBNK+
SsHMynCRcnWuctbxDDFGppdInWDshUyrITmyaxZf846pCfnPO5h2LHDIt7mGaPtq
4D5un9hVQkzUlO5SuUJa5+mLidVE7lYB3MTELmk7wecIukOsj0yX6PVg2KqIV8eW
Y13BbwqAap0D/ruFp17mZxav4Vju3irzWC2C5zLATtQnRCVu0bk2BV8HjQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFPqm5ehgI8mzFO5lEpH6/oxt1pqDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2MwNGQ5
OS1kZTQ0LTQwYWItYTJjMC0wODI3OTQ1NWY5NDEvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYzA0ZDk5
LWRlNDQtNDBhYi1hMmMwLTA4Mjc5NDU1Zjk0MS8xLzEtcWJsNkdBanliTVU3bVVT
a2ZyLWpHM1dtb00ubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEAlvT1DANBAIAAjAHAwUDKhP5wDAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMDQAIwDQYJKoZIhvcNAQELBQADggEBAC6J+rjtDZIF
V+BuEams21s/NmmHQiJrb58jwOc7eyIxY3eoZIg2ynwN62yPHLQiItJror3kmQV+
CUa/8edJXoqeVrrKc63ONlwdFRzMxMpwnV5PfmxHouYwigobH/ZGhFtdwkcqF4t+
/9BlCh3+omMOoG7VYuW9IN0OBuDzKWzL/KuD1Tajs+dopHFcFQN8wqnOJA81J7pv
hkwWwrHXN4AyQ5SgGQrpDBI4fOX2EJHp3ZQuka8v+Wx+Ogswa2iiCDW63MO9WUs4
AZl3kKh8+ClmG+kSqIa6l2KX46Z8Kz1l2u2uSIVjXZE4RyDSvu+BVdMozEXftGc/
QgrjX2PATAU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:52 2024 by rpki-client on console-fra.rpki-client.org