Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1bgBgLQNWFtzZlh9-13nvzB3hD4.cer
File:                     1bgBgLQNWFtzZlh9-13nvzB3hD4.cer (raw, json)
Hash identifier:          sPfuRkmV+qtKtcXoXaE01PwWnj3WtlpTPxR5blu9X9Y=
Subject key identifier:   D5:B8:01:80:B4:0D:58:5B:73:66:58:7D:FB:5D:E7:BF:30:77:84:3E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B69F6FABCC4D6F6E141CC7BE3B549B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b6/0e5a71-2c0b-4f04-9466-31411d91576a/1/1bgBgLQNWFtzZlh9-13nvzB3hD4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b6/0e5a71-2c0b-4f04-9466-31411d91576a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:34 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 43891
                          IP: 193.186.10.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:9f:6f:ab:cc:4d:6f:6e:14:1c:c7:be:3b:54:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d5b80180b40d585b7366587dfb5de7bf3077843e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a8:aa:e4:43:f7:4f:5f:b4:da:1e:12:92:a8:
                    c3:b1:a5:9b:6e:1f:9e:b1:36:0a:ae:f5:25:f3:d2:
                    e0:90:4b:28:fc:e7:d9:71:49:e5:10:6c:ef:84:4a:
                    b9:95:1c:2b:a1:4d:cf:50:5c:bf:3a:f5:24:22:1b:
                    d4:6d:ee:40:49:85:90:99:0a:4a:1e:32:77:fb:20:
                    08:bd:0f:bf:f4:05:13:51:62:dd:9a:be:4d:e5:07:
                    d5:63:82:f2:d3:14:0c:3d:2d:ce:cc:79:fb:2e:fa:
                    09:a7:41:00:14:34:42:d7:7f:95:43:66:c9:09:ec:
                    43:45:da:a4:33:67:b8:4d:be:cc:76:66:f0:d6:56:
                    91:53:d0:3b:2c:90:01:e7:c6:25:72:43:35:92:a9:
                    2d:8a:ba:08:f2:e6:34:3c:be:db:e7:8d:0f:95:b6:
                    47:45:c8:f1:97:62:3c:44:66:b7:f6:20:ae:18:25:
                    85:ed:d3:26:8a:1d:f1:61:02:ec:3c:6f:26:45:0a:
                    e0:5c:bd:3a:ad:d1:4b:3d:10:d9:ee:ae:f4:56:70:
                    cb:2f:ba:d5:d6:7a:ab:87:d6:d6:7e:18:c0:7b:47:
                    00:04:f4:6e:f7:72:70:0d:eb:66:96:5b:c4:a2:be:
                    96:a2:b2:a5:27:06:95:8b:4d:5c:cc:ab:9e:72:8b:
                    c8:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:B8:01:80:B4:0D:58:5B:73:66:58:7D:FB:5D:E7:BF:30:77:84:3E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0e5a71-2c0b-4f04-9466-31411d91576a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0e5a71-2c0b-4f04-9466-31411d91576a/1/1bgBgLQNWFtzZlh9-13nvzB3hD4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.186.10.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43891

    Signature Algorithm: sha256WithRSAEncryption
         a6:8f:4d:fd:da:f7:b1:09:02:4c:a7:c5:66:91:e8:82:06:8a:
         4f:ac:82:fb:74:21:bc:39:5e:2b:fb:f8:ce:97:a4:ae:02:3f:
         99:33:d5:3b:0d:d1:08:7f:90:d7:dd:ac:e6:52:e7:56:a3:31:
         b4:6d:04:3d:49:1d:81:13:77:80:71:e8:bb:6b:65:6f:f2:3a:
         8e:85:f8:6d:a6:c2:4b:00:4f:1f:78:28:97:38:12:b5:bb:70:
         c0:9b:74:a0:cd:6b:9a:ac:55:fb:c2:82:20:66:84:43:c8:de:
         18:f5:63:b5:92:52:b5:78:dc:85:2e:3f:97:82:0e:58:dc:ee:
         8f:13:ed:b3:ee:43:04:34:df:11:a2:68:6a:be:0b:a6:37:e5:
         09:ed:71:fb:d4:63:3e:a6:8d:bb:e1:ea:40:47:19:d4:d8:8a:
         5a:78:45:fa:d9:1d:3e:d6:86:98:9a:5f:87:c1:ee:c0:ff:19:
         73:c1:5a:8b:f1:97:ee:f9:2f:11:b7:28:37:0e:1c:05:0f:7c:
         2c:81:b8:5e:b6:da:a9:c8:dd:ab:ed:14:f2:b5:cf:f8:8a:b7:
         e1:89:16:d3:77:40:41:42:26:c4:3c:6f:f9:0e:d9:d1:9b:8e:
         81:a2:ac:d3:83:62:c2:42:af:40:3f:8a:fd:91:e9:05:8d:d6:
         a0:c8:3b:60
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDtp9vq8xNb24UHMe+O1SbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWI4MDE4MGI0MGQ1ODViNzM2NjU4N2RmYjVkZTdiZjMwNzc4NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKiq5EP3T1+02h4SkqjDsaWbbh+e
sTYKrvUl89LgkEso/OfZcUnlEGzvhEq5lRwroU3PUFy/OvUkIhvUbe5ASYWQmQpK
HjJ3+yAIvQ+/9AUTUWLdmr5N5QfVY4Ly0xQMPS3OzHn7LvoJp0EAFDRC13+VQ2bJ
CexDRdqkM2e4Tb7Mdmbw1laRU9A7LJAB58YlckM1kqktiroI8uY0PL7b540PlbZH
Rcjxl2I8RGa39iCuGCWF7dMmih3xYQLsPG8mRQrgXL06rdFLPRDZ7q70VnDLL7rV
1nqrh9bWfhjAe0cABPRu93JwDetmllvEor6WorKlJwaVi01czKuecovIeQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNW4AYC0DVhbc2ZYfftd578wd4Q+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2LzBlNWE3
MS0yYzBiLTRmMDQtOTQ2Ni0zMTQxMWQ5MTU3NmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvMGU1YTcx
LTJjMGItNGYwNC05NDY2LTMxNDExZDkxNTc2YS8xLzFiZ0JnTFFOV0Z0elpsaDkt
MTNudnpCM2hENC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwboKMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCrczANBgkqhkiG9w0BAQsFAAOCAQEApo9N/dr3sQkCTKfFZpHoggaKT6yC+3Qh
vDleK/v4zpekrgI/mTPVOw3RCH+Q192s5lLnVqMxtG0EPUkdgRN3gHHou2tlb/I6
joX4babCSwBPH3golzgStbtwwJt0oM1rmqxV+8KCIGaEQ8jeGPVjtZJStXjchS4/
l4IOWNzujxPts+5DBDTfEaJoar4LpjflCe1x+9RjPqaNu+HqQEcZ1NiKWnhF+tkd
PtaGmJpfh8HuwP8Zc8Fai/GX7vkvEbcoNw4cBQ98LIG4Xrbaqcjdq+0U8rXP+Iq3
4YkW03dAQUImxDxv+Q7Z0ZuOgaKs04NiwkKvQD+K/ZHpBY3WoMg7YA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:49 2024 by rpki-client on console-ams.rpki-client.org