Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
File:                     1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer (raw, json)
Hash identifier:          CEEY43WtcawvdytNZ6b9LgyCT434AaBJHdzyVnnrRow=
Subject key identifier:   D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5000B4FA6E5464CB1C14E9E3C3B41D7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 12:29:23 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 210103
                          IP: 146.19.11.0/24
                          IP: 2a12:1d00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:0b:4f:a6:e5:46:4c:b1:c1:4e:9e:3c:3b:41:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:87:cb:37:23:0f:c0:6d:b7:bb:a2:f4:cd:f0:
                    0d:7f:7d:d2:a0:fa:7e:9b:d9:89:7d:e1:c0:b2:53:
                    26:43:39:1e:53:77:64:3c:d0:b9:fe:00:13:70:0c:
                    05:da:c8:2a:db:0f:1e:64:ac:4d:61:29:b5:c8:81:
                    b3:ee:90:5a:f6:69:1c:33:72:32:c1:c3:17:9a:8c:
                    e7:bb:2c:d9:97:33:05:a1:ed:ef:92:29:1f:2f:4b:
                    e6:ff:62:05:3c:f6:67:75:ff:5a:ce:08:7e:83:44:
                    0e:56:3c:74:d0:e2:30:ab:c2:20:bb:06:db:b4:14:
                    a0:82:6f:5f:62:71:79:6e:de:e5:ce:ab:54:87:44:
                    11:fc:dd:a4:aa:25:6e:64:03:b3:26:bc:2a:bc:6b:
                    3f:27:82:ed:e4:dc:34:49:7d:f6:56:28:53:c0:cb:
                    cd:0a:87:aa:e5:a5:a1:0b:32:cb:98:17:29:24:3e:
                    93:77:d5:62:cf:71:8c:95:cd:42:d4:64:41:f2:70:
                    9a:b2:18:19:04:83:c6:4f:04:b1:c3:d6:cd:30:1b:
                    73:c3:3c:fa:8d:13:d8:f9:c4:af:4f:b7:98:14:73:
                    e3:1a:12:3e:32:4b:b9:88:8f:1c:66:34:be:e1:61:
                    0f:5d:eb:c7:4e:8e:6b:ef:29:c7:27:07:2a:74:62:
                    fa:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.11.0/24
                IPv6:
                  2a12:1d00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210103

    Signature Algorithm: sha256WithRSAEncryption
         1a:be:bd:63:f8:55:e1:72:37:39:4c:94:82:11:0e:63:d3:89:
         f1:08:57:8c:81:52:5e:f5:f6:42:0e:5e:d6:de:3b:a4:f3:10:
         f2:2d:0e:87:d6:c1:58:a4:a9:15:db:5b:f5:c7:7b:fc:25:e1:
         f9:77:20:85:62:58:3a:64:ff:92:d6:7f:20:ca:8b:02:92:71:
         2d:63:cf:45:0d:a1:89:c4:9a:98:46:cc:65:fa:68:2f:21:e1:
         29:7f:f0:4d:39:4a:d4:4f:fa:7b:b6:a9:37:65:20:eb:8c:58:
         de:7e:9b:eb:3c:9a:91:fe:42:cf:98:75:d7:0e:6a:58:58:10:
         d8:c9:dc:68:e4:0f:ab:94:e3:91:e6:08:e0:8b:6d:3b:6f:97:
         fe:a2:58:15:f3:82:7f:a7:76:56:16:e2:a5:cd:d2:57:b9:09:
         52:9a:33:40:7f:b1:b1:20:17:de:85:2a:82:d4:05:2d:aa:af:
         c9:65:4d:27:a1:ff:e6:c6:51:86:b9:56:85:51:b5:07:d5:e0:
         ad:05:76:1c:e8:f0:5d:a3:92:91:1c:d0:68:db:0c:1c:93:8e:
         9e:9a:5b:41:69:d9:c1:a3:7d:82:e9:b8:68:75:11:65:86:29:
         6a:0f:c3:2a:47:78:8d:7f:2b:3f:9d:13:59:3f:c2:b2:3b:1b:
         d0:a6:ec:73
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzFAAtPpuVGTLHBTp48O0HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZhZjNhM2YyMTQwY2I3YzZmZjBjZDZhN2Y1NjE0YTA1ZTRlNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIfLNyMPwG23u6L0zfANf33SoPp+
m9mJfeHAslMmQzkeU3dkPNC5/gATcAwF2sgq2w8eZKxNYSm1yIGz7pBa9mkcM3Iy
wcMXmoznuyzZlzMFoe3vkikfL0vm/2IFPPZndf9azgh+g0QOVjx00OIwq8Iguwbb
tBSggm9fYnF5bt7lzqtUh0QR/N2kqiVuZAOzJrwqvGs/J4Lt5Nw0SX32VihTwMvN
Coeq5aWhCzLLmBcpJD6Td9Viz3GMlc1C1GRB8nCashgZBIPGTwSxw9bNMBtzwzz6
jRPY+cSvT7eYFHPjGhI+Mku5iI8cZjS+4WEPXevHTo5r7ynHJwcqdGL6IQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNf686PyFAy3xv8M1qf1YUoF5ORnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2RmOTRl
Mi03Y2M5LTQxYTEtOTUyZi1mMzc5N2NmZDY1YWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZGY5NGUy
LTdjYzktNDFhMS05NTJmLWYzNzk3Y2ZkNjVhZS8xLzFfcnpvX0lVRExmR193eldw
X1ZoU2dYazVHYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAkhMLMA0EAgACMAcDBQMqEh0AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM0tzANBgkqhkiG9w0BAQsFAAOCAQEAGr69Y/hV4XI3
OUyUghEOY9OJ8QhXjIFSXvX2Qg5e1t47pPMQ8i0Oh9bBWKSpFdtb9cd7/CXh+Xcg
hWJYOmT/ktZ/IMqLApJxLWPPRQ2hicSamEbMZfpoLyHhKX/wTTlK1E/6e7apN2Ug
64xY3n6b6zyakf5Cz5h11w5qWFgQ2MncaOQPq5TjkeYI4IttO2+X/qJYFfOCf6d2
Vhbipc3SV7kJUpozQH+xsSAX3oUqgtQFLaqvyWVNJ6H/5sZRhrlWhVG1B9XgrQV2
HOjwXaOSkRzQaNsMHJOOnppbQWnZwaN9gum4aHURZYYpag/DKkd4jX8rP50TWT/C
sjsb0Kbscw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:59 2024 by rpki-client on console-ams.rpki-client.org