Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
File:                     1IW26difsBA2mXHtiIVyBZhdSRg.cer (raw, json)
Hash identifier:          eGe4dFjPqGty9TwCmxeWEm1BLV/82ZCZpImkTcDpyPg=
Subject key identifier:   D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86F623D2C1593035E6412BE0F151CB1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:29:52 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 208725
                          IP: 45.87.76.0/22
                          IP: 2a0e:f780::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:62:3d:2c:15:93:03:5e:64:12:be:0f:15:1c:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:29:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d485b6e9d89fb010369971ed88857205985d4918
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a7:0f:75:a2:86:c8:a1:76:a7:a0:08:25:49:
                    9a:6c:30:95:53:f8:02:93:f9:ec:c3:b4:95:2a:d8:
                    b8:e5:5a:89:b2:94:c9:6b:22:b0:f6:5a:0d:8d:a4:
                    8c:ec:e1:0f:6a:83:74:7a:7f:94:16:3a:fb:e6:24:
                    d2:79:18:43:1d:d8:90:ac:ce:18:25:f4:5e:1c:7b:
                    48:8a:46:bd:75:42:c7:26:24:e7:c6:b6:ac:50:55:
                    da:67:9c:18:5e:fa:80:e2:ee:0e:c7:ba:2f:5a:ae:
                    11:80:60:26:c7:6d:0d:3a:89:2c:6a:18:a9:57:65:
                    c1:49:13:a0:ce:ca:1e:61:a2:f9:88:db:e1:71:0a:
                    e5:73:3f:03:c0:00:52:ca:35:8f:6f:de:f7:7d:22:
                    52:4d:98:58:72:0d:3d:64:f2:6b:53:47:85:eb:24:
                    0b:ed:90:f9:c8:b9:ff:15:68:db:28:2d:02:ce:d1:
                    be:af:1d:9b:e2:cb:2c:4d:cb:13:1f:21:7b:3b:58:
                    f3:7a:4b:47:61:45:f2:38:fb:40:03:da:f2:76:8f:
                    c9:09:82:ad:a3:24:5f:d9:f1:c7:cf:a2:23:d9:ea:
                    12:58:16:b3:51:ab:a1:d8:ca:51:ad:e9:8a:1d:41:
                    44:1e:96:50:d4:91:67:43:98:11:23:1f:cc:ac:b5:
                    6b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.76.0/22
                IPv6:
                  2a0e:f780::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208725

    Signature Algorithm: sha256WithRSAEncryption
         78:8e:d8:c8:3c:cd:bb:b8:22:bf:5f:a6:b7:52:c2:f5:a0:f5:
         58:ee:24:f2:13:57:11:d7:20:ae:3b:d5:f3:16:95:0d:da:ab:
         02:ce:c9:27:3f:5c:49:da:a3:9f:2c:1a:a5:be:19:0e:39:97:
         1b:42:33:6d:54:45:71:33:05:ad:ee:90:57:09:b9:4d:2d:21:
         59:1e:9c:48:19:32:d4:89:e3:88:fd:2c:7d:47:10:be:9b:5d:
         ba:9c:37:2c:a5:8a:9e:a0:89:74:e0:6c:2c:ea:44:57:d6:7c:
         c0:73:96:09:64:a1:02:f2:d6:ac:0a:43:ea:d2:a1:4c:36:78:
         27:2c:03:d9:9b:85:8f:97:20:c2:5a:f1:e3:71:b5:9d:cd:c8:
         1f:bd:52:d7:7d:66:37:cb:60:cf:0a:52:6d:04:6b:f3:6e:3c:
         6b:1a:bc:8b:73:d1:ed:2b:f7:9d:b5:49:b6:57:22:b1:21:eb:
         71:b7:ae:0d:3e:ef:29:64:42:6e:cc:fa:a1:1b:b8:ec:7c:d6:
         04:0a:f3:ec:11:8f:8c:d8:8c:1b:53:5e:a4:b1:20:2f:ea:cd:
         b0:7a:d3:dd:57:cc:46:d3:fc:45:e5:e2:07:18:03:0d:3b:6c:
         09:95:97:be:bf:b6:5c:ca:e6:86:b5:50:77:f6:6e:d1:86:f4:
         eb:35:bb:0e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIb2I9LBWTA15kEr4PFRyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg1YjZlOWQ4OWZiMDEwMzY5OTcxZWQ4ODg1NzIwNTk4NWQ0OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqcPdaKGyKF2p6AIJUmabDCVU/gC
k/nsw7SVKti45VqJspTJayKw9loNjaSM7OEPaoN0en+UFjr75iTSeRhDHdiQrM4Y
JfReHHtIika9dULHJiTnxrasUFXaZ5wYXvqA4u4Ox7ovWq4RgGAmx20NOoksahip
V2XBSROgzsoeYaL5iNvhcQrlcz8DwABSyjWPb973fSJSTZhYcg09ZPJrU0eF6yQL
7ZD5yLn/FWjbKC0CztG+rx2b4sssTcsTHyF7O1jzektHYUXyOPtAA9rydo/JCYKt
oyRf2fHHz6Ij2eoSWBazUauh2MpRremKHUFEHpZQ1JFnQ5gRIx/MrLVrywIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNSFtunYn7AQNplx7YiFcgWYXUkYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U3Lzg1ODkx
MC1jNTAxLTQ1OWMtYTMxMy03YWM2ODBlZDVkZDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcvODU4OTEw
LWM1MDEtNDU5Yy1hMzEzLTdhYzY4MGVkNWRkNy8xLzFJVzI2ZGlmc0JBMm1YSHRp
SVZ5QlpoZFNSZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLVdMMA0EAgACMAcDBQMqDveAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMvVTANBgkqhkiG9w0BAQsFAAOCAQEAeI7YyDzNu7gi
v1+mt1LC9aD1WO4k8hNXEdcgrjvV8xaVDdqrAs7JJz9cSdqjnywapb4ZDjmXG0Iz
bVRFcTMFre6QVwm5TS0hWR6cSBky1InjiP0sfUcQvptdupw3LKWKnqCJdOBsLOpE
V9Z8wHOWCWShAvLWrApD6tKhTDZ4JywD2ZuFj5cgwlrx43G1nc3IH71S131mN8tg
zwpSbQRr8248axq8i3PR7Sv3nbVJtlcisSHrcbeuDT7vKWRCbsz6oRu47HzWBArz
7BGPjNiMG1NepLEgL+rNsHrT3VfMRtP8ReXiBxgDDTtsCZWXvr+2XMrmhrVQd/Zu
0Yb06zW7Dg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:04:59 2024 by rpki-client on console-fra.rpki-client.org