Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1jND98xsI32j-LgROMBR2Pk8nE0.cer
File:                     1jND98xsI32j-LgROMBR2Pk8nE0.cer (raw, json)
Hash identifier:          jbDICiit0Ovqu9BnUWb27kw5rC8sXhCgMVwc1i9yVMg=
Subject key identifier:   D6:33:43:F7:CC:6C:23:7D:A3:F8:B8:11:38:C0:51:D8:F9:3C:9C:4D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC42A148C79F16CBAF4CCE0598EC43
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:29:55 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 209379
                          IP: 185.203.200.0/22
                          IP: 2a0a:edc0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:42:a1:48:c7:9f:16:cb:af:4c:ce:05:98:ec:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:29:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d63343f7cc6c237da3f8b81138c051d8f93c9c4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:da:88:5a:83:ee:da:3d:68:a9:92:22:34:70:
                    8b:5d:86:3f:af:c6:5e:46:5d:e2:24:14:4b:03:bb:
                    74:32:ad:0d:56:c3:09:41:db:93:27:51:f1:be:4b:
                    df:73:9c:84:29:a9:c9:26:3b:e1:01:56:5a:e2:eb:
                    39:b8:22:5b:81:89:c2:37:65:ff:93:41:e2:27:85:
                    4a:d8:ab:5b:96:5c:8e:04:5c:e1:f4:af:28:a4:c5:
                    05:62:a2:70:94:5e:aa:cc:0f:1e:8a:87:a4:1c:f3:
                    b9:c5:fc:a7:68:e7:c9:a5:61:45:fd:31:49:4b:0c:
                    6c:64:cd:37:1e:f1:2b:11:a8:d1:51:ea:d7:52:20:
                    01:26:ba:b8:b7:3f:a4:ec:94:e1:a1:e4:53:cf:07:
                    18:fa:4a:3f:d0:ec:51:0c:cd:92:c5:62:23:3f:57:
                    ad:8b:af:f6:92:87:7d:f8:aa:76:7f:08:e4:1f:0b:
                    a4:05:c6:d3:22:38:b8:28:e4:8f:d4:31:57:10:50:
                    3a:ae:ff:f2:be:dc:c5:ab:bb:75:bc:30:7c:37:14:
                    64:a0:a8:c6:d0:4c:fb:d0:15:e6:ed:19:f5:bf:c7:
                    1f:68:8e:09:1d:2c:c8:a1:02:9f:df:74:21:fa:29:
                    1e:61:a8:d0:de:f9:63:9e:dd:ea:1f:88:7c:99:93:
                    a1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:33:43:F7:CC:6C:23:7D:A3:F8:B8:11:38:C0:51:D8:F9:3C:9C:4D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.200.0/22
                IPv6:
                  2a0a:edc0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209379

    Signature Algorithm: sha256WithRSAEncryption
         6b:31:fe:00:87:4b:bb:f5:d5:41:d7:e4:cc:1a:a8:90:44:d7:
         bb:e0:b9:cc:77:4f:74:f3:35:71:1a:08:51:99:8c:1d:44:7a:
         7d:ba:ef:21:3e:78:db:da:d6:c9:fb:5c:7a:ec:06:13:66:13:
         0b:58:4d:14:79:ff:a2:bf:5b:f7:fd:0c:0c:d5:7a:9c:b2:cc:
         6b:a5:b4:af:a9:f9:58:02:4a:98:56:9c:8c:fe:a1:0e:7d:f4:
         06:d7:6e:10:55:19:23:e4:d7:c6:5b:b9:d6:49:18:a9:8a:bd:
         e1:01:9b:5e:78:31:5a:f5:a6:ce:91:47:51:b8:99:e9:f6:14:
         d7:ce:c3:e7:4f:28:1d:9b:05:1d:11:4a:7c:c6:95:16:c4:c2:
         41:ed:0d:f1:3f:5c:c6:a8:c9:c0:51:0a:a5:28:af:6b:f2:6b:
         9d:73:e6:01:a2:17:7d:5d:79:fa:55:61:0f:be:80:89:15:1e:
         4c:fe:0a:c1:af:40:d9:a8:2c:12:e0:84:f8:9b:79:29:4a:9e:
         fd:bb:c7:87:42:fe:68:3d:d4:2e:39:48:b3:1e:c7:7b:95:60:
         ae:db:47:35:c0:76:98:47:05:eb:de:ef:6d:ae:df:a2:b1:ba:
         38:56:2f:f1:ac:00:ec:5b:e6:80:b2:5f:b6:ff:fe:ea:8e:3b:
         04:eb:5d:9e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzF3EKhSMefFsuvTM4FmOxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjMzNDNmN2NjNmMyMzdkYTNmOGI4MTEzOGMwNTFkOGY5M2M5YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9qIWoPu2j1oqZIiNHCLXYY/r8Ze
Rl3iJBRLA7t0Mq0NVsMJQduTJ1Hxvkvfc5yEKanJJjvhAVZa4us5uCJbgYnCN2X/
k0HiJ4VK2KtbllyOBFzh9K8opMUFYqJwlF6qzA8eioekHPO5xfynaOfJpWFF/TFJ
SwxsZM03HvErEajRUerXUiABJrq4tz+k7JThoeRTzwcY+ko/0OxRDM2SxWIjP1et
i6/2kod9+Kp2fwjkHwukBcbTIji4KOSP1DFXEFA6rv/yvtzFq7t1vDB8NxRkoKjG
0Ez70BXm7Rn1v8cfaI4JHSzIoQKf33Qh+ikeYajQ3vljnt3qH4h8mZOh1wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNYzQ/fMbCN9o/i4ETjAUdj5PJxNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM1LzhlYjU4
MS05Yzc0LTQ4ZTEtODIxYS01MzE4MGVlYzU2ZmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUvOGViNTgx
LTljNzQtNDhlMS04MjFhLTUzMTgwZWVjNTZmYi8xLzFqTkQ5OHhzSTMyai1MZ1JP
TUJSMlBrOG5FMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCucvIMA0EAgACMAcDBQAqCu3AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMx4zANBgkqhkiG9w0BAQsFAAOCAQEAazH+AIdLu/XV
QdfkzBqokETXu+C5zHdPdPM1cRoIUZmMHUR6fbrvIT5429rWyftceuwGE2YTC1hN
FHn/or9b9/0MDNV6nLLMa6W0r6n5WAJKmFacjP6hDn30BtduEFUZI+TXxlu51kkY
qYq94QGbXngxWvWmzpFHUbiZ6fYU187D508oHZsFHRFKfMaVFsTCQe0N8T9cxqjJ
wFEKpSiva/JrnXPmAaIXfV15+lVhD76AiRUeTP4Kwa9A2agsEuCE+Jt5KUqe/bvH
h0L+aD3ULjlIsx7He5VgrttHNcB2mEcF697vba7forG6OFYv8awA7FvmgLJftv/+
6o47BOtdng==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:49:58 2024 by rpki-client on console-ams.rpki-client.org