Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
File:                     1QTmQeVaSK7gFB4sDSYicQLKptQ.cer (raw, json)
Hash identifier:          zvxh6hQaHK49lYWsuWGAE22jz+Kcr56D2gxHoHCs3WI=
Subject key identifier:   D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D21034CADC1D13E6D574F3842DC6C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:40 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 5.182.84.0/22
                          IP: 46.254.92.0/22
                          IP: 77.232.128.0/19
                          IP: 80.251.112.0/20

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:21:03:4c:ad:c1:d1:3e:6d:57:4f:38:42:dc:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:27:c2:66:17:df:b7:8e:18:1e:d0:24:0a:fe:
                    95:ad:87:65:57:c8:b3:9c:dc:38:fd:34:82:02:97:
                    63:70:71:5e:ff:7f:3b:51:ba:b6:01:9f:16:70:f7:
                    33:74:2d:ee:69:b9:64:ef:b8:d0:4c:7b:1f:6a:db:
                    48:3c:e1:39:dd:5f:92:92:07:19:85:a2:f2:c0:6f:
                    4c:fa:7f:2b:d1:9d:a4:d9:30:53:5b:a8:f4:17:c0:
                    10:a9:da:ef:4c:09:72:64:7e:7b:f6:5b:34:4f:49:
                    4c:58:80:37:f9:4f:d0:3a:5a:ac:dd:a3:c4:78:78:
                    03:ee:f0:89:84:b4:d4:f6:d8:f5:4d:17:b6:56:cb:
                    1a:6b:3a:22:e9:be:05:f7:fd:72:7f:e6:b7:5c:10:
                    d4:4f:67:1e:2e:0b:44:f1:58:63:c9:ce:5f:ca:d5:
                    a2:d1:c2:e1:6e:9a:c3:ee:1f:ad:89:92:fa:0a:23:
                    77:34:f5:29:de:4f:6f:ab:ed:27:01:2c:84:18:10:
                    61:a5:b1:d9:75:bd:da:de:54:53:40:34:91:b3:2f:
                    8c:16:c3:bf:76:5d:06:69:b4:63:9b:fe:21:02:02:
                    80:14:4f:17:58:e3:42:9d:68:8b:8f:4c:61:2e:95:
                    07:4b:8f:dc:a1:e8:04:a1:e7:fa:97:cb:e9:5e:cf:
                    44:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.84.0/22
                  46.254.92.0/22
                  77.232.128.0/19
                  80.251.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ad:cd:87:0f:9e:65:f3:b6:33:4d:ea:55:36:68:1b:00:68:58:
         4d:86:da:5a:58:de:10:e6:1e:32:27:69:06:17:fb:06:3c:06:
         b6:c9:44:38:22:f4:5e:c2:f9:0c:d0:f3:45:89:38:d1:a2:c5:
         e9:c8:e7:ba:d0:8b:8c:05:7a:77:88:5f:54:e2:e7:56:3a:47:
         4b:c9:b4:d4:77:88:6a:2e:91:f9:2a:4e:db:9b:48:e0:70:df:
         22:61:d4:b6:47:10:01:53:de:75:01:b5:b2:3c:24:12:9f:9d:
         8e:72:65:e6:b3:1d:a2:f3:88:bb:80:92:0d:65:95:75:01:98:
         68:79:2d:c0:73:1f:ba:92:0f:a7:62:3f:23:e0:5f:a0:5a:64:
         ee:c4:b8:44:67:07:fa:4b:a1:42:3d:04:83:dc:9e:f0:90:b7:
         9b:f7:3d:d9:74:3c:94:28:9d:7a:0c:ff:d8:8b:04:ee:f9:f9:
         cc:5b:b3:d2:43:d5:57:24:4f:b0:69:cc:bd:f6:45:5d:5b:32:
         ad:99:c9:ae:90:b6:8e:bf:c7:d1:9c:dd:a5:43:61:f9:18:fb:
         b5:f5:03:fe:2a:d5:d8:49:24:35:0c:39:20:17:ca:0e:6a:f8:
         4a:f8:4e:88:31:76:79:f5:88:95:d5:f9:85:c0:ca:cf:05:cf:
         d6:5c:f1:d9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYzCbSEDTK3B0T5tV084QtxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA0ZTY0MWU1NWE0OGFlZTAxNDFlMmMwZDI2MjI3MTAyY2FhNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yfCZhfft44YHtAkCv6VrYdlV8iz
nNw4/TSCApdjcHFe/387Ubq2AZ8WcPczdC3uablk77jQTHsfattIPOE53V+SkgcZ
haLywG9M+n8r0Z2k2TBTW6j0F8AQqdrvTAlyZH579ls0T0lMWIA3+U/QOlqs3aPE
eHgD7vCJhLTU9tj1TRe2Vssaazoi6b4F9/1yf+a3XBDUT2ceLgtE8Vhjyc5fytWi
0cLhbprD7h+tiZL6CiN3NPUp3k9vq+0nASyEGBBhpbHZdb3a3lRTQDSRsy+MFsO/
dl0GabRjm/4hAgKAFE8XWONCnWiLj0xhLpUHS4/coegEoef6l8vpXs9ETwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFNUE5kHlWkiu4BQeLA0mInECyqbUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFlL2YwMWYz
NS0yY2NhLTRlNWEtODI4YS02YmZmY2I3YzBmMGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUvZjAxZjM1
LTJjY2EtNGU1YS04MjhhLTZiZmZjYjdjMGYwYS8xLzFRVG1RZVZhU0s3Z0ZCNHNE
U1lpY1FMS3B0US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQCBbZUAwQCLv5cAwQFTeiAAwQEUPtwMA0GCSqG
SIb3DQEBCwUAA4IBAQCtzYcPnmXztjNN6lU2aBsAaFhNhtpaWN4Q5h4yJ2kGF/sG
PAa2yUQ4IvRewvkM0PNFiTjRosXpyOe60IuMBXp3iF9U4udWOkdLybTUd4hqLpH5
Kk7bm0jgcN8iYdS2RxABU951AbWyPCQSn52OcmXmsx2i84i7gJINZZV1AZhoeS3A
cx+6kg+nYj8j4F+gWmTuxLhEZwf6S6FCPQSD3J7wkLeb9z3ZdDyUKJ16DP/YiwTu
+fnMW7PSQ9VXJE+wacy99kVdWzKtmcmukLaOv8fRnN2lQ2H5GPu19QP+KtXYSSQ1
DDkgF8oOavhK+E6IMXZ59YiV1fmFwMrPBc/WXPHZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:35:25 2024 by rpki-client on console-fra.rpki-client.org