Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1ZTpX6WbUrWZ26QG17dvODypD6g.cer
File:                     1ZTpX6WbUrWZ26QG17dvODypD6g.cer (raw, json)
Hash identifier:          3P9dYYtQhaB+izRpGWNrzhk8B4BGeuPIZKNN5qnhhhk=
Subject key identifier:   D5:94:E9:5F:A5:9B:52:B5:99:DB:A4:06:D7:B7:6F:38:3C:A9:0F:A8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86F0AF02E2E87282F0F1027BC2B0E57
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/1ZTpX6WbUrWZ26QG17dvODypD6g.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:29:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 208446
                          IP: 185.137.99.0/24
                          IP: 2a12:7c40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:0a:f0:2e:2e:87:28:2f:0f:10:27:bc:2b:0e:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:29:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d594e95fa59b52b599dba406d7b76f383ca90fa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a3:0d:e1:8b:09:f9:d1:8a:d4:15:fa:87:fc:
                    f4:68:5b:39:6d:87:20:a6:86:f7:17:64:5a:6d:83:
                    d9:8f:14:a6:b2:62:bf:a6:65:7a:50:4b:0e:97:c1:
                    11:0f:cf:34:93:6c:c5:b6:cc:dd:aa:51:60:34:58:
                    e5:73:a6:f3:84:b9:ee:59:c3:84:bc:b4:7b:f4:64:
                    00:f4:04:48:e0:c9:3d:3d:f1:51:f3:2b:c3:f6:55:
                    d9:e1:3d:39:0f:d8:7b:ac:f6:3b:eb:4d:25:52:9f:
                    53:fb:ce:20:aa:5d:df:b5:90:88:f2:4c:3a:10:81:
                    91:5d:a2:b5:a5:80:d6:13:cf:41:3f:e4:57:5d:a9:
                    27:25:a3:0b:e4:a9:36:d0:19:16:87:4d:e4:d1:b8:
                    70:80:7b:9c:8c:a9:09:98:d9:4b:fe:0c:61:7f:b3:
                    8b:d5:f0:4b:81:dc:ac:50:c5:2f:e8:c2:ca:ba:ff:
                    b3:7a:d7:20:08:cb:3c:25:1c:83:0f:f4:b0:88:b3:
                    79:47:2e:ad:d5:56:5e:4c:81:0c:ce:cc:47:ab:ba:
                    dd:6b:bf:15:9a:fe:15:40:90:5f:50:ef:e8:23:a6:
                    68:8b:b5:85:d1:65:30:37:d5:ef:05:57:a7:e6:32:
                    2f:10:3a:c2:b0:28:21:08:35:1d:1d:3d:5b:7a:8e:
                    f0:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:94:E9:5F:A5:9B:52:B5:99:DB:A4:06:D7:B7:6F:38:3C:A9:0F:A8
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/1ZTpX6WbUrWZ26QG17dvODypD6g.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.99.0/24
                IPv6:
                  2a12:7c40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208446

    Signature Algorithm: sha256WithRSAEncryption
         98:cc:33:ae:1e:3f:42:da:71:fa:8f:52:3f:1b:5a:8a:03:3b:
         25:e1:bf:d1:e1:0d:01:13:9b:3a:04:1d:64:94:1c:ea:64:1e:
         cc:f6:aa:51:a2:28:e5:a6:64:d1:24:37:32:0a:bf:15:e6:fe:
         8e:1c:45:5c:28:0d:f1:46:30:2a:74:d6:df:94:4c:ff:84:9d:
         ac:92:2d:a2:f6:40:20:d5:cb:82:d5:18:df:ef:53:94:57:27:
         2a:ed:55:e9:b7:18:d9:e7:62:df:fd:6b:ea:49:96:76:1f:ad:
         19:ed:65:9d:95:1a:58:ce:6c:08:9c:86:34:8a:4a:73:ce:52:
         53:c1:f5:78:47:2f:07:fb:99:25:2e:7e:fb:5d:96:69:79:14:
         63:51:bf:40:4a:27:3c:d5:58:31:80:e2:b1:8c:e4:36:88:53:
         e1:02:64:f1:f9:42:60:02:09:9f:aa:d0:6b:df:d1:ab:e3:03:
         b1:dc:63:e0:e2:5f:1f:e3:20:10:dd:5b:fe:0e:44:93:19:c1:
         e2:ef:8f:cc:fe:36:bd:76:57:0f:c2:a1:5b:bb:2d:87:d0:d3:
         c4:a6:33:49:a7:56:0b:4b:44:59:6e:d7:27:df:b9:68:bd:dc:
         1e:31:0b:39:f6:73:6e:82:68:f1:e9:5c:72:66:07:45:72:e2:
         14:e5:2e:2f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIbwrwLi6HKC8PECe8Kw5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk0ZTk1ZmE1OWI1MmI1OTlkYmE0MDZkN2I3NmYzODNjYTkwZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqMN4YsJ+dGK1BX6h/z0aFs5bYcg
pob3F2RabYPZjxSmsmK/pmV6UEsOl8ERD880k2zFtszdqlFgNFjlc6bzhLnuWcOE
vLR79GQA9ARI4Mk9PfFR8yvD9lXZ4T05D9h7rPY7600lUp9T+84gql3ftZCI8kw6
EIGRXaK1pYDWE89BP+RXXaknJaML5Kk20BkWh03k0bhwgHucjKkJmNlL/gxhf7OL
1fBLgdysUMUv6MLKuv+zetcgCMs8JRyDD/SwiLN5Ry6t1VZeTIEMzsxHq7rda78V
mv4VQJBfUO/oI6Zoi7WF0WUwN9XvBVen5jIvEDrCsCghCDUdHT1beo7wwQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNWU6V+lm1K1mdukBte3bzg8qQ+oMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3L2VlZGJj
ZC1hYjE4LTRhYjMtYjVkZC1lM2IwYjQxZTI1YzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvZWVkYmNk
LWFiMTgtNGFiMy1iNWRkLWUzYjBiNDFlMjVjNS8xLzFaVHBYNldiVXJXWjI2UUcx
N2R2T0R5cEQ2Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuYljMA0EAgACMAcDBQMqEnxAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMuPjANBgkqhkiG9w0BAQsFAAOCAQEAmMwzrh4/Qtpx
+o9SPxtaigM7JeG/0eENARObOgQdZJQc6mQezPaqUaIo5aZk0SQ3Mgq/Feb+jhxF
XCgN8UYwKnTW35RM/4SdrJItovZAINXLgtUY3+9TlFcnKu1V6bcY2edi3/1r6kmW
dh+tGe1lnZUaWM5sCJyGNIpKc85SU8H1eEcvB/uZJS5++12WaXkUY1G/QEonPNVY
MYDisYzkNohT4QJk8flCYAIJn6rQa9/Rq+MDsdxj4OJfH+MgEN1b/g5EkxnB4u+P
zP42vXZXD8KhW7sth9DTxKYzSadWC0tEWW7XJ9+5aL3cHjELOfZzboJo8elccmYH
RXLiFOUuLw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:14:56 2024 by rpki-client on console-fra.rpki-client.org