Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer
File:                     28rKr4rBOpZKs9Rhk1hByOHJO4A.cer (raw, json)
Hash identifier:          /jUUKH6l5XOTv3171o7BitTNMRzkWM3tJGUZWfziLO4=
Subject key identifier:   DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC64AE584256701E54AA8D3CEB6683086
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:30:46 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 141.79.0.0/16

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:e5:84:25:67:01:e5:4a:a8:d3:ce:b6:68:30:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:30:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dbcacaaf8ac13a964ab3d461935841c8e1c93b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:30:f0:7f:27:47:2d:68:84:d0:4b:23:fd:ff:
                    ce:45:04:41:8a:0d:9d:70:02:85:1d:b7:2b:e1:ee:
                    f4:c6:20:30:0e:1f:f9:99:26:82:38:6b:8c:73:0d:
                    21:46:ef:cd:9b:67:e7:0f:6c:d9:84:85:aa:e0:05:
                    11:b7:cd:bd:73:cd:42:c2:a6:19:a4:1b:af:0e:53:
                    2b:f6:74:af:61:f3:87:23:ff:14:49:18:aa:be:7d:
                    f8:45:3f:d4:fe:5c:4a:14:b2:67:16:00:c7:64:a9:
                    67:65:63:92:ca:4e:52:99:ca:ce:33:29:58:3b:ae:
                    61:76:ae:c3:51:a7:6a:51:7a:f1:09:8c:f5:94:60:
                    da:72:43:08:95:01:f7:62:97:f9:81:de:16:fa:2c:
                    0e:9d:dc:09:4a:22:be:97:d9:31:49:8f:6d:fb:3a:
                    3d:7c:74:3d:96:61:c6:3b:a2:29:78:77:6c:24:f6:
                    f0:93:9b:94:4b:0c:88:cb:8e:45:62:26:36:6c:88:
                    a4:79:3b:15:b6:aa:3b:ed:3a:e5:85:71:ea:4e:92:
                    ec:fd:ad:06:c4:97:8c:b5:3d:1d:b5:3f:a8:0d:e2:
                    24:84:6b:44:dc:0b:33:cf:40:0a:58:45:1e:9b:ab:
                    54:08:88:dd:ea:4f:04:41:74:60:70:f3:4c:73:32:
                    72:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.79.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         40:ae:6d:e0:f6:6d:c3:81:6e:ba:9a:c3:bf:48:fb:a7:9f:5a:
         15:85:27:dd:e0:42:c4:ce:50:7a:94:94:83:96:25:43:4e:83:
         06:bf:4c:a3:d4:29:c0:7f:d1:af:05:7e:a9:b4:1a:3e:39:d0:
         d3:ad:47:a7:bc:d2:2a:2c:bf:d5:3b:5d:9e:47:9a:d5:75:ec:
         74:d0:b3:ec:9b:e6:e0:56:fa:89:f7:90:76:a0:7c:69:d8:46:
         45:e1:13:3d:2e:25:c3:85:bf:78:97:6f:6e:cb:1f:2f:c1:98:
         88:98:98:07:e4:74:5a:72:eb:79:f7:f6:c3:96:c0:57:98:1f:
         dd:3a:74:a3:06:b1:97:f9:f1:fe:64:ae:87:6b:cc:c8:57:1e:
         76:19:5c:2b:ad:a8:90:b0:44:27:0b:dc:20:57:dc:ad:a1:be:
         c8:03:8a:09:be:4a:03:9c:7e:a2:85:d7:e1:72:e7:dc:4c:7c:
         89:14:68:d3:95:7d:8a:10:c2:6c:42:bd:80:ff:fe:76:8b:77:
         8c:73:58:fa:b9:52:02:1e:64:52:a7:05:f4:af:0b:ea:fe:3b:
         59:77:f6:b6:c3:44:57:b7:e0:a8:ca:df:16:0c:e1:f7:6b:72:
         88:cb:b9:1e:80:ba:7c:12:2d:1e:a6:64:37:e8:0c:8e:2b:f1:
         d8:04:62:3a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzGSuWEJWcB5Uqo0862aDCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNhY2FhZjhhYzEzYTk2NGFiM2Q0NjE5MzU4NDFjOGUxYzkzYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTDwfydHLWiE0Esj/f/ORQRBig2d
cAKFHbcr4e70xiAwDh/5mSaCOGuMcw0hRu/Nm2fnD2zZhIWq4AURt829c81CwqYZ
pBuvDlMr9nSvYfOHI/8USRiqvn34RT/U/lxKFLJnFgDHZKlnZWOSyk5SmcrOMylY
O65hdq7DUadqUXrxCYz1lGDackMIlQH3Ypf5gd4W+iwOndwJSiK+l9kxSY9t+zo9
fHQ9lmHGO6IpeHdsJPbwk5uUSwyIy45FYiY2bIikeTsVtqo77TrlhXHqTpLs/a0G
xJeMtT0dtT+oDeIkhGtE3Aszz0AKWEUem6tUCIjd6k8EQXRgcPNMczJyBwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNvKyq+KwTqWSrPUYZNYQcjhyTuAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzU3Mzdi
MC1iYjI0LTRlOTItYjE5ZC01ZTY1YzdkNjFiOWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvNTczN2Iw
LWJiMjQtNGU5Mi1iMTlkLTVlNjVjN2Q2MWI5ZS8xLzI4cktyNHJCT3BaS3M5Umhr
MWhCeU9ISk80QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUF
BwEHAQH/BA8wDTALBAIAATAFAwMAjU8wDQYJKoZIhvcNAQELBQADggEBAECubeD2
bcOBbrqaw79I+6efWhWFJ93gQsTOUHqUlIOWJUNOgwa/TKPUKcB/0a8Ffqm0Gj45
0NOtR6e80iosv9U7XZ5HmtV17HTQs+yb5uBW+on3kHagfGnYRkXhEz0uJcOFv3iX
b27LHy/BmIiYmAfkdFpy63n39sOWwFeYH906dKMGsZf58f5krodrzMhXHnYZXCut
qJCwRCcL3CBX3K2hvsgDigm+SgOcfqKF1+Fy59xMfIkUaNOVfYoQwmxCvYD//naL
d4xzWPq5UgIeZFKnBfSvC+r+O1l39rbDRFe34KjK3xYM4fdrcojLuR6AunwSLR6m
ZDfoDI4r8dgEYjo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:01:55 2024 by rpki-client on console-fra.rpki-client.org