Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12TH8_eLh21rBDwWzdvd6x55W5w.cer
File:                     12TH8_eLh21rBDwWzdvd6x55W5w.cer (raw, json)
Hash identifier:          RknXzeG3z0Zj9TorQxS6e3iUxymp8Jm7ZgJr/wMQ7To=
Subject key identifier:   D7:64:C7:F3:F7:8B:87:6D:6B:04:3C:16:CD:DB:DD:EB:1E:79:5B:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC42550A161F5D364EA48EE1442FC34CB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/12TH8_eLh21rBDwWzdvd6x55W5w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:30:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207762

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:50:a1:61:f5:d3:64:ea:48:ee:14:42:fc:34:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:30:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d764c7f3f78b876d6b043c16cddbddeb1e795b9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:5d:e2:55:ab:29:71:3f:52:2d:83:cc:9f:f6:
                    ac:67:1a:3c:33:f4:25:e2:95:d3:59:f9:d5:78:45:
                    3b:08:49:48:50:c4:2b:73:f2:98:3d:59:99:f6:51:
                    10:50:92:35:ff:51:89:dd:e3:e9:08:d7:53:06:b3:
                    a2:25:d7:bd:fe:54:99:5d:b7:65:5b:2b:b2:e1:8c:
                    60:03:15:98:3d:64:28:9f:eb:9a:05:7b:60:e8:69:
                    34:8b:5a:ba:8c:55:7f:ef:7c:fd:fb:b2:e1:07:f6:
                    d9:2a:97:4c:71:2b:45:8d:2a:68:d2:d6:45:44:89:
                    29:d3:43:28:34:ea:3d:f2:62:5c:02:55:6d:e8:7a:
                    cd:a9:60:19:09:b5:61:fa:ad:ab:93:2f:3f:3d:7e:
                    f4:b0:db:46:15:ef:0d:09:89:18:6a:1a:38:94:c4:
                    1b:f0:a4:fa:79:33:6e:7e:e0:ae:b1:5d:bc:81:20:
                    5e:92:07:fb:0c:d1:27:fd:15:fe:90:4a:1c:b0:aa:
                    d7:58:d9:50:80:1b:52:6c:2b:59:c5:35:40:ed:dd:
                    cf:56:22:8d:1d:9a:06:c8:0f:c7:08:3e:27:9a:ab:
                    96:c2:6e:b0:38:42:3d:a9:cc:fd:ab:79:08:c1:fa:
                    db:0f:7e:05:0e:50:12:50:5a:fd:a1:fe:1f:d5:3e:
                    04:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:64:C7:F3:F7:8B:87:6D:6B:04:3C:16:CD:DB:DD:EB:1E:79:5B:9C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/12TH8_eLh21rBDwWzdvd6x55W5w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207762

    Signature Algorithm: sha256WithRSAEncryption
         40:81:de:8c:a2:65:9d:e6:6b:a6:4b:70:47:9a:86:06:8a:e5:
         0f:5e:cd:c8:c8:6f:f8:90:3d:11:f7:a8:cc:50:82:1a:15:2c:
         d4:28:ff:2f:19:2f:cb:64:e9:70:01:5e:31:9a:03:76:ed:f5:
         1e:95:9c:3d:07:6d:e6:27:f9:f6:10:37:0f:aa:d4:a8:e2:3e:
         1e:a7:fa:41:7b:a2:db:db:6a:2f:cd:1c:e8:cf:27:03:64:56:
         c7:e6:e5:e3:72:70:d8:7e:eb:d6:fd:f3:bc:05:6a:dd:10:d2:
         60:7a:d2:40:03:73:ff:c4:8c:fc:3c:eb:af:d4:5a:a9:2f:5d:
         65:67:71:ab:a3:e6:53:fb:e7:f6:71:ee:0f:08:a9:69:0f:ac:
         e1:19:d4:f8:d8:59:31:c5:35:f0:c7:96:0d:47:9e:fc:94:7b:
         a4:08:fc:84:b4:25:77:6e:c3:e4:5f:fe:62:5a:b0:c5:2d:41:
         53:1b:ba:70:c9:97:c8:fc:32:42:37:27:94:f7:64:00:44:9d:
         af:85:0c:7a:8c:b3:a2:75:1d:18:ae:b3:6f:af:2e:f7:8d:4b:
         ac:1e:d6:6b:71:bb:77:5e:75:88:9c:22:55:5a:d0:d9:be:e1:
         86:19:d3:48:fe:15:d2:f2:b1:44:13:7f:b7:b9:2b:1e:7e:de:
         c4:8a:84:ed
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzEJVChYfXTZOpI7hRC/DTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY0YzdmM2Y3OGI4NzZkNmIwNDNjMTZjZGRiZGRlYjFlNzk1YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2V3iVaspcT9SLYPMn/asZxo8M/Ql
4pXTWfnVeEU7CElIUMQrc/KYPVmZ9lEQUJI1/1GJ3ePpCNdTBrOiJde9/lSZXbdl
Wyuy4YxgAxWYPWQon+uaBXtg6Gk0i1q6jFV/73z9+7LhB/bZKpdMcStFjSpo0tZF
RIkp00MoNOo98mJcAlVt6HrNqWAZCbVh+q2rky8/PX70sNtGFe8NCYkYaho4lMQb
8KT6eTNufuCusV28gSBekgf7DNEn/RX+kEocsKrXWNlQgBtSbCtZxTVA7d3PViKN
HZoGyA/HCD4nmquWwm6wOEI9qcz9q3kIwfrbD34FDlASUFr9of4f1T4EjwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNdkx/P3i4dtawQ8Fs3b3eseeVucMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5LzgyNmRl
Ni01MDM5LTQwMzctODgwMi01ZTJjYmY5NDI0MDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvODI2ZGU2
LTUwMzktNDAzNy04ODAyLTVlMmNiZjk0MjQwNS8xLzEyVEg4X2VMaDIxckJEd1d6
ZHZkNng1NVc1dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMrkjANBgkqhkiG9w0BAQsFAAOCAQEAQIHejKJlneZr
pktwR5qGBorlD17NyMhv+JA9EfeozFCCGhUs1Cj/Lxkvy2TpcAFeMZoDdu31HpWc
PQdt5if59hA3D6rUqOI+Hqf6QXui29tqL80c6M8nA2RWx+bl43Jw2H7r1v3zvAVq
3RDSYHrSQANz/8SM/Dzrr9RaqS9dZWdxq6PmU/vn9nHuDwipaQ+s4RnU+NhZMcU1
8MeWDUee/JR7pAj8hLQld27D5F/+YlqwxS1BUxu6cMmXyPwyQjcnlPdkAESdr4UM
eoyzonUdGK6zb68u941LrB7Wa3G7d151iJwiVVrQ2b7hhhnTSP4V0vKxRBN/t7kr
Hn7exIqE7Q==
-----END CERTIFICATE-----