Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1kJOUxpa1qyAryDw1twssYcyLsE.cer
File:                     1kJOUxpa1qyAryDw1twssYcyLsE.cer (raw, json)
Hash identifier:          CSbklYHHcZjIOpUpB0ctBfjG1jiDpbcnxdyxzGG+B7I=
Subject key identifier:   D6:42:4E:53:1A:5A:D6:AC:80:AF:20:F0:D6:DC:2C:B1:87:32:2E:C1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC72743103366D915BF7292F628B91D30
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/30df2d1b-1498-4686-91bb-64b582010328/0/D6424E531A5AD6AC80AF20F0D6DC2CB187322EC1.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/30df2d1b-1498-4686-91bb-64b582010328/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:31:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 61302

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 11:39:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:43:10:33:66:d9:15:bf:72:92:f6:28:b9:1d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:31:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d6424e531a5ad6ac80af20f0d6dc2cb187322ec1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:f5:71:5d:5a:8b:f1:9a:f5:6c:89:59:16:be:
                    08:b5:a5:ca:a0:cd:b1:83:f9:6f:25:79:b6:d5:c7:
                    a3:48:05:40:56:61:24:66:c7:76:5c:93:f3:91:2f:
                    7d:88:cf:89:90:fc:15:5a:4c:fe:ff:2c:f0:f3:95:
                    37:fe:4a:37:f9:c4:8b:da:a8:98:5a:cc:37:22:ce:
                    cb:7d:46:d2:c1:90:25:36:a2:67:61:fb:a2:06:51:
                    91:77:e1:53:c7:d7:1c:0d:ab:cf:c8:2e:db:31:aa:
                    5f:77:40:fd:d2:aa:cd:0c:ae:70:43:9c:0d:2b:4d:
                    c8:93:32:f3:2c:b7:44:ce:ae:c8:fa:b1:52:e2:3d:
                    61:15:b7:61:ad:a6:9d:5b:69:d8:06:89:01:87:89:
                    3e:58:c6:dd:ba:98:6f:5b:ce:8b:75:d9:27:46:60:
                    ac:fc:82:0d:20:6c:a4:b0:8c:a4:0d:d0:87:28:a7:
                    81:5f:5f:bc:01:71:a1:aa:cf:6e:f3:3c:3b:6e:29:
                    04:39:47:e2:64:de:62:6c:ff:c8:af:20:2d:3c:92:
                    4c:61:a6:22:57:7d:5e:07:ab:94:56:db:a9:bd:62:
                    0a:43:51:c2:8a:5b:fd:bc:95:b9:d8:24:82:ca:6d:
                    5a:9d:99:7f:30:bf:8c:2f:aa:db:bd:6a:fc:e6:67:
                    c1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:42:4E:53:1A:5A:D6:AC:80:AF:20:F0:D6:DC:2C:B1:87:32:2E:C1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/30df2d1b-1498-4686-91bb-64b582010328/0
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/30df2d1b-1498-4686-91bb-64b582010328/0/D6424E531A5AD6AC80AF20F0D6DC2CB187322EC1.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  61302

    Signature Algorithm: sha256WithRSAEncryption
         57:d4:6b:be:7b:8c:45:e5:03:54:6f:3d:6b:2d:e7:72:16:fa:
         56:ff:f3:d0:1b:97:e0:22:4b:17:0f:c5:76:91:60:d1:cc:1f:
         48:a8:0a:53:7b:cf:ca:b4:cb:e3:59:75:5e:c3:d8:3c:c6:89:
         2c:c3:2c:96:6d:b6:37:a8:d0:95:49:60:63:af:aa:86:a0:01:
         ef:f7:4e:de:04:78:fc:07:ff:33:8e:21:7f:c8:c5:ac:03:d7:
         6b:d6:b0:60:d9:4a:af:01:39:b1:c7:29:49:b2:1b:bc:74:19:
         fe:b4:58:9a:19:97:28:e3:2b:48:6d:59:27:26:57:3b:d9:fd:
         34:55:f8:ce:69:cf:68:3f:0e:2a:2c:d1:af:f1:d5:2a:1b:df:
         1a:f8:07:0f:94:4a:f3:5b:4b:09:a7:39:12:80:8b:df:4b:5f:
         05:5f:f2:3d:13:75:10:56:44:65:9f:1e:40:b2:b1:fa:ae:d2:
         48:74:cf:bd:56:6e:bc:39:c2:df:52:6f:93:53:30:0b:c4:62:
         78:1d:c8:c5:bc:fa:63:c7:9f:8c:c4:6f:b1:7e:40:cc:a0:a7:
         8f:65:32:c6:06:9f:f1:d6:65:0a:5d:a9:e4:e8:c9:82:f2:c8:
         0a:ae:a5:7e:44:0b:f4:c9:6e:30:b6:0e:47:f8:ef:e5:96:d7:
         0f:b9:e9:b9
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYzHJ0MQM2bZFb9ykvYouR0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQyNGU1MzFhNWFkNmFjODBhZjIwZjBkNmRjMmNiMTg3MzIyZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/VxXVqL8Zr1bIlZFr4ItaXKoM2x
g/lvJXm21cejSAVAVmEkZsd2XJPzkS99iM+JkPwVWkz+/yzw85U3/ko3+cSL2qiY
Wsw3Is7LfUbSwZAlNqJnYfuiBlGRd+FTx9ccDavPyC7bMapfd0D90qrNDK5wQ5wN
K03IkzLzLLdEzq7I+rFS4j1hFbdhraadW2nYBokBh4k+WMbduphvW86LddknRmCs
/IINIGyksIykDdCHKKeBX1+8AXGhqs9u8zw7bikEOUfiZN5ibP/IryAtPJJMYaYi
V31eB6uUVtupvWIKQ1HCilv9vJW52CSCym1anZl/ML+ML6rbvWr85mfBHQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFNZCTlMaWtasgK8g8NbcLLGHMi7BMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMwZGYy
ZDFiLTE0OTgtNDY4Ni05MWJiLTY0YjU4MjAxMDMyOC8wMIGLBggrBgEFBQcwCoZ/
cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMGRm
MmQxYi0xNDk4LTQ2ODYtOTFiYi02NGI1ODIwMTAzMjgvMC9ENjQyNEU1MzFBNUFE
NkFDODBBRjIwRjBENkRDMkNCMTg3MzIyRUMxLm1mdDA8BggrBgEFBQcwDYYwaHR0
cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMFkG
A1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDvdjAN
BgkqhkiG9w0BAQsFAAOCAQEAV9RrvnuMReUDVG89ay3nchb6Vv/z0BuX4CJLFw/F
dpFg0cwfSKgKU3vPyrTL41l1XsPYPMaJLMMslm22N6jQlUlgY6+qhqAB7/dO3gR4
/Af/M44hf8jFrAPXa9awYNlKrwE5sccpSbIbvHQZ/rRYmhmXKOMrSG1ZJyZXO9n9
NFX4zmnPaD8OKizRr/HVKhvfGvgHD5RK81tLCac5EoCL30tfBV/yPRN1EFZEZZ8e
QLKx+q7SSHTPvVZuvDnC31Jvk1MwC8RieB3Ixbz6Y8efjMRvsX5AzKCnj2Uyxgaf
8dZlCl2p5OjJgvLICq6lfkQL9MluMLYOR/jv5ZbXD7npuQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:48:23 2024 by rpki-client on console-fra.rpki-client.org