Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
File:                     1TX4-scGL3fyS5jNXDtUqJutSDg.cer (raw, json)
Hash identifier:          xqTDnwP7itHAOgrEjEePE3fH0q2Evc9Rsfx+vuPVD6Y=
Subject key identifier:   D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B73C4256BDFDFE5080009E0BA6EBB5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:30:14 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200561
                          IP: 185.79.24.0/22
                          IP: 185.175.28.0/22
                          IP: 2a03:20::/32
                          IP: 2a0b:cb00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:3c:42:56:bd:fd:fe:50:80:00:9e:0b:a6:eb:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2a:34:45:2d:39:21:6e:49:56:81:87:62:01:
                    f5:c1:26:93:df:b3:00:df:bf:d9:fa:7a:99:40:46:
                    36:fc:f8:7a:a6:1a:f8:2a:3a:b1:64:0f:3d:89:bf:
                    06:7e:1e:c8:02:f6:18:1b:2d:24:8e:9d:0b:ff:0a:
                    91:fd:2b:d2:57:9f:76:a2:5d:4e:da:10:6a:2d:c6:
                    89:74:f2:81:d0:09:34:9f:77:1c:ae:25:c7:70:73:
                    38:97:84:22:5a:5a:c1:51:08:00:3d:58:ac:e8:cb:
                    c0:35:87:55:49:67:85:82:c6:4d:8c:d4:e5:f5:bf:
                    a9:ba:27:60:fb:c2:4b:47:38:2d:c8:da:e6:f0:b1:
                    df:ad:97:44:e4:4c:51:82:4d:c1:86:0b:14:e0:86:
                    72:7f:5d:ca:03:53:37:2e:2d:68:db:1f:00:d0:03:
                    a4:ec:fc:71:f0:c2:73:73:1e:63:6b:db:19:e8:3a:
                    08:92:2d:20:99:3c:85:b1:08:3e:6e:80:b4:7a:8b:
                    40:8b:9e:84:34:80:b5:82:98:3e:fc:a1:95:3e:fe:
                    86:bf:16:49:98:4a:09:28:c1:f6:4a:d6:e1:40:d3:
                    57:27:ad:27:e0:cb:4f:39:93:1c:bd:24:f2:fc:0d:
                    db:82:d2:b4:dc:ef:40:0b:bc:5c:76:16:d9:3d:bd:
                    4f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.24.0/22
                  185.175.28.0/22
                IPv6:
                  2a03:20::/32
                  2a0b:cb00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200561

    Signature Algorithm: sha256WithRSAEncryption
         a4:d1:07:36:93:18:06:82:8b:05:3b:77:d5:bb:35:18:40:68:
         b0:59:b6:71:75:8c:1d:f9:8d:d9:3f:1d:92:52:5f:b5:7d:61:
         77:d7:19:5f:68:70:4f:5d:ef:73:08:dd:3d:d5:d5:59:31:bb:
         52:6f:32:d1:22:6d:4f:3b:d8:f6:a6:8f:95:ca:ba:24:70:c0:
         18:1a:83:d0:58:cc:14:9e:91:46:dd:e5:c9:d9:c7:66:a6:48:
         ac:af:e9:f3:d8:fe:86:d7:1a:da:c4:b6:f9:ed:28:fe:6e:d2:
         e8:18:c7:9b:dc:5d:c1:ca:bb:48:ea:00:c8:99:2f:7c:69:00:
         99:4e:eb:65:e3:b8:64:e1:ac:27:33:d4:d1:d0:8b:1e:6c:ae:
         a9:2e:e8:0d:0c:9d:c8:d5:aa:4e:f0:29:ac:c3:15:b7:7b:43:
         65:a2:0c:7c:57:eb:2a:ec:cf:3b:27:1a:bb:c5:c3:69:a3:c0:
         6f:6a:a4:cd:f9:5f:f3:89:74:20:59:29:63:a4:bc:86:04:9c:
         08:dc:d0:ed:dc:43:02:ce:84:0d:46:d1:df:ed:f5:f2:3d:5e:
         68:e4:51:29:6d:e5:68:a4:0a:e2:c5:18:c1:7c:4b:51:86:b3:
         93:38:ca:32:e6:f7:16:5c:6a:25:13:8c:55:36:47:b2:1a:a6:
         d2:72:8b:76
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYzDtzxCVr39/lCAAJ4Lpuu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM1ZjhmYWM3MDYyZjc3ZjI0Yjk4Y2Q1YzNiNTRhODliYWQ0ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCo0RS05IW5JVoGHYgH1wSaT37MA
37/Z+nqZQEY2/Ph6phr4KjqxZA89ib8Gfh7IAvYYGy0kjp0L/wqR/SvSV592ol1O
2hBqLcaJdPKB0Ak0n3ccriXHcHM4l4QiWlrBUQgAPVis6MvANYdVSWeFgsZNjNTl
9b+puidg+8JLRzgtyNrm8LHfrZdE5ExRgk3BhgsU4IZyf13KA1M3Li1o2x8A0AOk
7Pxx8MJzcx5ja9sZ6DoIki0gmTyFsQg+boC0eotAi56ENIC1gpg+/KGVPv6GvxZJ
mEoJKMH2StbhQNNXJ60n4MtPOZMcvSTy/A3bgtK03O9AC7xcdhbZPb1PUQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFNU1+PrHBi938kuYzVw7VKibrUg4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NiLzA5N2Rh
MS03Y2M5LTQzNDMtODAyNC1iMzEwZDcxYzJjYWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvMDk3ZGEx
LTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8xLzFUWDQtc2NHTDNmeVM1ak5Y
RHRVcUp1dFNEZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUF
BwEHAQH/BCwwKjASBAIAATAMAwQCuU8YAwQCua8cMBQEAgACMA4DBQAqAwAgAwUD
KgvLADAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDD3EwDQYJKoZIhvcNAQELBQAD
ggEBAKTRBzaTGAaCiwU7d9W7NRhAaLBZtnF1jB35jdk/HZJSX7V9YXfXGV9ocE9d
73MI3T3V1Vkxu1JvMtEibU872Pamj5XKuiRwwBgag9BYzBSekUbd5cnZx2amSKyv
6fPY/obXGtrEtvntKP5u0ugYx5vcXcHKu0jqAMiZL3xpAJlO62XjuGThrCcz1NHQ
ix5srqku6A0MncjVqk7wKazDFbd7Q2WiDHxX6yrszzsnGrvFw2mjwG9qpM35X/OJ
dCBZKWOkvIYEnAjc0O3cQwLOhA1G0d/t9fI9XmjkUSlt5WikCuLFGMF8S1GGs5M4
yjLm9xZcaiUTjFU2R7IaptJyi3Y=
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:05:10 2024 by rpki-client on console-fra.rpki-client.org