Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1XDqPQ601D1f9Bze3vShIjVY3cg.cer
File:                     1XDqPQ601D1f9Bze3vShIjVY3cg.cer (raw, json)
Hash identifier:          i78tjQ1Guo4QH30WtSBtTSJxlbqg52wZwxuY5xF+koc=
Subject key identifier:   D5:70:EA:3D:0E:B4:D4:3D:5F:F4:1C:DE:DE:F4:A1:22:35:58:DD:C8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D117D7038F03D6D086F1B1EFDECCF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/51/295439-3c4f-4fe3-892d-dfac308f6c56/1/1XDqPQ601D1f9Bze3vShIjVY3cg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/51/295439-3c4f-4fe3-892d-dfac308f6c56/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:37 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198969

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:11:7d:70:38:f0:3d:6d:08:6f:1b:1e:fd:ec:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d570ea3d0eb4d43d5ff41cdedef4a1223558ddc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e6:c5:12:64:87:4a:6a:63:cf:6b:81:56:6a:
                    b3:91:ba:40:04:e8:26:fe:22:a9:f4:85:4e:22:88:
                    d1:98:ff:d4:bc:e4:1e:d2:02:4b:f7:0c:9f:70:5d:
                    29:01:8a:75:cf:e0:a6:ce:84:1d:5d:0b:2d:fa:9d:
                    cc:9c:27:1d:21:fb:aa:7b:1b:4b:aa:ec:b3:5d:3c:
                    92:d6:7f:d6:78:e3:bd:f7:b7:bd:19:e3:5e:03:64:
                    93:be:e1:d7:7a:2a:9d:93:dd:7d:22:9d:1b:49:40:
                    7f:43:ca:71:91:8a:f8:d9:20:04:2c:3a:29:38:a7:
                    d4:0a:74:8e:93:52:a2:f5:4d:98:cf:b8:09:ed:8f:
                    26:e5:22:10:d5:04:f5:f5:57:54:4e:93:f7:0e:ab:
                    3c:7e:99:0c:da:bf:ff:2a:ed:ab:40:46:37:c1:f1:
                    ba:a5:77:35:e1:a9:73:a7:23:f9:43:d2:ff:94:fd:
                    ae:33:e8:e5:41:29:c9:2f:e8:02:3d:4c:67:3f:50:
                    ec:96:4f:49:4c:85:46:b1:4c:10:af:41:f1:19:d9:
                    30:bd:69:68:04:d3:a8:90:fe:69:5a:1c:12:3d:d1:
                    91:fa:31:3c:35:45:fa:e3:1d:6b:72:57:ac:c6:b1:
                    a0:e0:cb:91:e0:ed:0b:0f:59:34:f0:81:49:73:26:
                    4d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:70:EA:3D:0E:B4:D4:3D:5F:F4:1C:DE:DE:F4:A1:22:35:58:DD:C8
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/295439-3c4f-4fe3-892d-dfac308f6c56/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/295439-3c4f-4fe3-892d-dfac308f6c56/1/1XDqPQ601D1f9Bze3vShIjVY3cg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198969

    Signature Algorithm: sha256WithRSAEncryption
         66:fa:ea:97:84:00:a8:ea:02:d1:f5:6c:70:96:88:a1:c9:ae:
         8a:d6:a6:39:57:65:a8:ee:6b:1c:99:bb:c2:b9:7f:3c:72:30:
         e4:4c:c5:8a:fa:5a:93:bb:c1:a8:3e:8b:06:9e:e0:8b:c8:07:
         cc:c8:a1:43:b2:df:46:30:5f:13:f8:43:8f:8c:ef:d3:a4:ec:
         d6:d8:6c:3d:23:64:09:2b:82:84:2e:e9:35:6d:fd:46:2e:a4:
         36:cc:30:f9:f5:c9:6b:98:7a:33:1d:e4:95:47:38:81:7a:66:
         00:83:73:f1:c9:0e:23:20:d4:c5:4c:de:34:bd:30:9d:55:64:
         01:a1:4f:c9:4f:62:94:f7:3a:45:6a:fa:79:57:09:78:9d:2a:
         4c:58:3d:d6:02:25:c0:f3:9e:84:2c:05:ac:b1:56:cc:09:86:
         5e:55:42:31:e6:e3:f0:63:fe:6d:a0:58:ee:86:79:69:74:c8:
         83:4f:12:6d:73:e1:2c:b9:34:36:b9:64:3b:fa:48:15:aa:7d:
         94:33:c6:b1:33:d8:10:b6:10:df:d5:9d:c6:82:98:58:5a:fb:
         29:fa:ba:e8:59:75:25:c9:8e:56:28:f4:b4:bd:41:dd:0c:f2:
         94:fd:f4:60:0f:aa:cb:b2:89:73:85:74:b8:41:a6:b4:d6:81:
         4f:47:5e:46
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzCbRF9cDjwPW0Ibxse/ezPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTcwZWEzZDBlYjRkNDNkNWZmNDFjZGVkZWY0YTEyMjM1NThkZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkObFEmSHSmpjz2uBVmqzkbpABOgm
/iKp9IVOIojRmP/UvOQe0gJL9wyfcF0pAYp1z+CmzoQdXQst+p3MnCcdIfuqextL
quyzXTyS1n/WeOO997e9GeNeA2STvuHXeiqdk919Ip0bSUB/Q8pxkYr42SAELDop
OKfUCnSOk1Ki9U2Yz7gJ7Y8m5SIQ1QT19VdUTpP3Dqs8fpkM2r//Ku2rQEY3wfG6
pXc14alzpyP5Q9L/lP2uM+jlQSnJL+gCPUxnP1Dslk9JTIVGsUwQr0HxGdkwvWlo
BNOokP5pWhwSPdGR+jE8NUX64x1rclesxrGg4MuR4O0LD1k08IFJcyZN/wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNVw6j0OtNQ9X/Qc3t70oSI1WN3IMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxLzI5NTQz
OS0zYzRmLTRmZTMtODkyZC1kZmFjMzA4ZjZjNTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvMjk1NDM5
LTNjNGYtNGZlMy04OTJkLWRmYWMzMDhmNmM1Ni8xLzFYRHFQUTYwMUQxZjlCemUz
dlNoSWpWWTNjZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMJOTANBgkqhkiG9w0BAQsFAAOCAQEAZvrql4QAqOoC
0fVscJaIocmuitamOVdlqO5rHJm7wrl/PHIw5EzFivpak7vBqD6LBp7gi8gHzMih
Q7LfRjBfE/hDj4zv06Ts1thsPSNkCSuChC7pNW39Ri6kNsww+fXJa5h6Mx3klUc4
gXpmAINz8ckOIyDUxUzeNL0wnVVkAaFPyU9ilPc6RWr6eVcJeJ0qTFg91gIlwPOe
hCwFrLFWzAmGXlVCMebj8GP+baBY7oZ5aXTIg08SbXPhLLk0NrlkO/pIFap9lDPG
sTPYELYQ39WdxoKYWFr7Kfq66Fl1JcmOVij0tL1B3QzylP30YA+qy7KJc4V0uEGm
tNaBT0deRg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:38:45 2024 by rpki-client on console-fra.rpki-client.org