Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer
File:                     1gTknpKDBavLjzLe8_78A-u83kQ.cer (raw, json)
Hash identifier:          RVwYbPHufxflsmh0GXVXMeBm8IoWgopE8LrcyvwcAbE=
Subject key identifier:   D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC424ED5FBAD84E25A2B71E6349F597D1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:30:03 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 141.19.0.0/16

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:ed:5f:ba:d8:4e:25:a2:b7:1e:63:49:f5:97:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:30:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d604e49e928305abcb8f32def3fefc03ebbcde44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b1:76:38:5b:2a:60:52:fa:2c:85:d4:07:4b:
                    20:dc:0b:1f:49:2c:a0:24:1e:a2:ce:50:47:a0:48:
                    f8:2c:74:4b:ff:c9:b9:81:11:c7:1c:2c:3c:53:a6:
                    52:16:be:34:3e:34:e6:b2:6b:1b:bd:a4:e4:30:2d:
                    5f:16:01:00:5c:8a:07:5e:40:24:9c:80:98:7e:a9:
                    69:09:fd:80:94:f8:16:a7:00:6c:53:c1:41:c8:da:
                    1a:75:ee:07:c7:53:88:70:9c:20:9f:0d:96:64:c4:
                    2c:89:ff:5e:8a:40:e5:95:21:53:a3:e4:a0:e4:00:
                    9b:c0:ef:b4:34:c4:f5:ec:76:08:f3:80:9e:0d:f1:
                    6d:54:0c:03:63:76:c2:fd:e6:9c:5d:60:a1:1d:31:
                    0f:13:19:71:98:b8:bd:43:90:5c:7a:1a:5a:6f:c5:
                    ef:dc:77:1a:bf:d9:78:b9:0e:82:35:e5:3f:fd:74:
                    85:37:3c:90:5f:24:dd:41:78:85:8b:6a:70:b0:8d:
                    ab:00:4d:d8:9e:37:3b:d3:f3:8b:41:95:24:57:54:
                    2c:11:94:39:7c:4f:6c:00:f2:fe:2f:e7:39:39:1a:
                    2b:eb:8b:a5:d2:d5:56:8c:11:64:67:02:7c:e3:ce:
                    cd:07:d0:9a:54:4c:2c:05:19:ea:1c:16:da:44:95:
                    09:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.19.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         30:70:32:64:49:ec:01:27:37:c8:e8:af:a5:4a:3c:92:28:ed:
         51:3e:b1:83:36:d2:fb:91:00:a7:c7:79:4b:2b:73:28:15:e7:
         40:e4:ef:7c:34:11:a8:ae:fa:e7:99:58:e0:19:4e:d9:b7:16:
         5a:21:0b:88:d0:2a:9e:55:b4:98:67:6a:e0:06:4d:5e:5e:ca:
         f2:ca:59:f5:e5:11:b6:de:85:3f:df:93:79:f5:1a:00:58:d5:
         cf:48:e7:0d:ef:31:17:3b:f2:a6:2b:06:9b:f3:e8:fd:95:42:
         8d:4e:5d:96:01:3d:f9:75:98:22:ee:38:b9:c2:0d:1d:bd:b3:
         d5:96:1b:56:1f:6a:1d:53:f2:32:e6:78:02:17:a8:c7:0a:de:
         73:b7:3e:c9:f6:20:15:5c:1a:e7:af:5f:0f:03:d1:37:60:36:
         cf:f2:64:2e:6f:e3:55:4e:e6:b5:0f:a4:01:ed:19:3a:7a:99:
         18:7c:b8:2b:63:30:20:d3:bb:12:a8:7a:43:e7:19:c6:b8:8d:
         a2:70:e3:8d:c4:3c:5f:cf:d4:72:0b:36:34:5e:2e:42:0c:23:
         70:92:14:2d:a5:88:ab:a6:e6:41:6c:25:7c:66:98:01:97:ac:
         4e:40:f3:3d:dc:ec:32:ef:86:8f:e9:57:aa:14:af:81:9c:6a:
         1b:78:e5:65
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzEJO1futhOJaK3HmNJ9ZfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA0ZTQ5ZTkyODMwNWFiY2I4ZjMyZGVmM2ZlZmMwM2ViYmNkZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrF2OFsqYFL6LIXUB0sg3AsfSSyg
JB6izlBHoEj4LHRL/8m5gRHHHCw8U6ZSFr40PjTmsmsbvaTkMC1fFgEAXIoHXkAk
nICYfqlpCf2AlPgWpwBsU8FByNoade4Hx1OIcJwgnw2WZMQsif9eikDllSFTo+Sg
5ACbwO+0NMT17HYI84CeDfFtVAwDY3bC/eacXWChHTEPExlxmLi9Q5Bcehpab8Xv
3Hcav9l4uQ6CNeU//XSFNzyQXyTdQXiFi2pwsI2rAE3Ynjc70/OLQZUkV1QsEZQ5
fE9sAPL+L+c5ORor64ul0tVWjBFkZwJ8487NB9CaVEwsBRnqHBbaRJUJ5QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNYE5J6SgwWry48y3vP+/APrvN5EMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEwL2E4MzBh
Mi0wMjcxLTRkZTktYmMzOC0wM2M4MjE1NzQyMWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAvYTgzMGEy
LTAyNzEtNGRlOS1iYzM4LTAzYzgyMTU3NDIxYS8xLzFnVGtucEtEQmF2TGp6TGU4
Xzc4QS11ODNrUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUF
BwEHAQH/BA8wDTALBAIAATAFAwMAjRMwDQYJKoZIhvcNAQELBQADggEBADBwMmRJ
7AEnN8jor6VKPJIo7VE+sYM20vuRAKfHeUsrcygV50Dk73w0Eaiu+ueZWOAZTtm3
FlohC4jQKp5VtJhnauAGTV5eyvLKWfXlEbbehT/fk3n1GgBY1c9I5w3vMRc78qYr
Bpvz6P2VQo1OXZYBPfl1mCLuOLnCDR29s9WWG1Yfah1T8jLmeAIXqMcK3nO3Psn2
IBVcGuevXw8D0TdgNs/yZC5v41VO5rUPpAHtGTp6mRh8uCtjMCDTuxKoekPnGca4
jaJw443EPF/P1HILNjReLkIMI3CSFC2liKum5kFsJXxmmAGXrE5A8z3c7DLvho/p
V6oUr4Gcaht45WU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 13:11:56 2024 by rpki-client on console-fra.rpki-client.org