Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2BgqmNbvgP-ykYJ9qKzKdEkQgLQ.cer
File:                     2BgqmNbvgP-ykYJ9qKzKdEkQgLQ.cer (raw, json)
Hash identifier:          rukG2TjxqoC39+o3SzFYWs3CIFK5/TZPqUXcUpXxOdw=
Subject key identifier:   D8:18:2A:98:D6:EF:80:FF:B2:91:82:7D:A8:AC:CA:74:49:10:80:B4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B864DF7A4A94861C588CFC0FA2C4A5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/cc/d85235-808c-4c0a-9c97-9b360e1ba321/1/2BgqmNbvgP-ykYJ9qKzKdEkQgLQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/cc/d85235-808c-4c0a-9c97-9b360e1ba321/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:30:22 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201531
                          IP: 185.243.228.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:64:df:7a:4a:94:86:1c:58:8c:fc:0f:a2:c4:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:30:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d8182a98d6ef80ffb291827da8acca74491080b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cf:1c:13:53:f8:fa:97:c3:b8:1d:ae:f5:78:
                    51:28:6b:31:1b:11:d1:92:eb:e8:62:55:2c:7a:59:
                    d5:e7:df:54:c7:ef:bf:57:70:66:8c:3b:48:26:9b:
                    5f:3e:50:e3:dc:92:5c:39:42:a7:0a:43:34:cc:8c:
                    bc:3f:d8:69:d8:fe:aa:b2:b8:ef:11:09:34:ca:88:
                    b6:b2:e9:4d:ed:1a:8f:f9:d1:3a:d9:3f:d7:19:1f:
                    68:bf:ff:e1:d4:91:cd:d9:fa:48:24:94:31:8f:40:
                    73:ef:62:d8:87:04:a3:90:4a:00:d0:25:ac:6a:c7:
                    42:4b:23:e8:13:36:ce:68:7f:eb:b3:98:57:a8:1c:
                    7e:4c:d4:29:4b:5f:8a:6f:2d:ca:a4:a0:39:66:6b:
                    ee:c0:d4:25:67:ba:3f:e7:44:14:97:3f:f1:20:9f:
                    22:93:9a:f4:31:dd:2f:1d:0d:05:b1:71:23:d1:5b:
                    81:dd:e7:a5:dd:d2:52:81:83:a4:ba:84:97:bf:97:
                    b2:dc:50:85:00:0b:45:52:a5:ab:90:59:81:dd:be:
                    33:cd:09:6b:ef:e5:3b:99:3a:22:60:37:f1:f6:cd:
                    20:b0:ec:03:4e:50:aa:88:fc:ab:f6:e1:16:d7:a2:
                    2a:96:dc:27:b3:64:de:8e:9c:cb:7b:69:96:62:75:
                    b2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:18:2A:98:D6:EF:80:FF:B2:91:82:7D:A8:AC:CA:74:49:10:80:B4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d85235-808c-4c0a-9c97-9b360e1ba321/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d85235-808c-4c0a-9c97-9b360e1ba321/1/2BgqmNbvgP-ykYJ9qKzKdEkQgLQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.228.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201531

    Signature Algorithm: sha256WithRSAEncryption
         23:ab:ef:53:ed:39:07:99:ea:9e:5c:a2:74:04:45:1e:21:e9:
         5d:4d:44:ac:ea:a2:13:10:d4:a8:eb:b2:61:4b:48:c1:34:44:
         64:41:a2:b1:3d:ca:33:4e:09:79:c1:8b:e4:b1:ab:49:88:5e:
         71:ab:27:ce:9c:12:28:0f:e8:45:e2:2e:a8:06:6b:0d:d1:e1:
         f2:3c:28:ed:66:88:60:a2:0a:74:7d:52:18:61:0c:bd:dd:f6:
         66:ff:d8:bc:e1:af:1d:4b:72:be:17:6f:e3:98:46:6a:1c:b2:
         a4:16:bf:da:ce:62:56:af:83:31:3a:8e:94:8a:72:3b:d8:52:
         77:f3:73:f6:a7:10:d8:42:04:66:6e:93:51:be:b8:85:30:2b:
         e4:e3:a5:ed:73:5a:5b:39:88:15:55:7e:37:3d:d3:db:b6:5f:
         80:25:00:ba:4f:19:c8:49:bb:73:82:c1:16:5d:57:94:04:68:
         e0:55:2b:61:54:57:ad:c4:a2:5f:09:d4:87:3c:6e:f1:97:c9:
         e3:71:4e:93:7a:b8:be:96:4a:c9:63:67:32:c9:95:b3:3e:8e:
         cd:e4:9c:dc:84:96:78:85:54:20:c4:bf:b8:be:13:94:d4:9b:
         bc:90:a9:90:7b:fb:7b:56:c3:dd:d8:d0:c8:44:bb:77:97:89:
         c2:78:01:7b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzGuGTfekqUhhxYjPwPosSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODE4MmE5OGQ2ZWY4MGZmYjI5MTgyN2RhOGFjY2E3NDQ5MTA4MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc8cE1P4+pfDuB2u9XhRKGsxGxHR
kuvoYlUselnV599Ux++/V3BmjDtIJptfPlDj3JJcOUKnCkM0zIy8P9hp2P6qsrjv
EQk0yoi2sulN7RqP+dE62T/XGR9ov//h1JHN2fpIJJQxj0Bz72LYhwSjkEoA0CWs
asdCSyPoEzbOaH/rs5hXqBx+TNQpS1+Kby3KpKA5ZmvuwNQlZ7o/50QUlz/xIJ8i
k5r0Md0vHQ0FsXEj0VuB3eel3dJSgYOkuoSXv5ey3FCFAAtFUqWrkFmB3b4zzQlr
7+U7mToiYDfx9s0gsOwDTlCqiPyr9uEW16Iqltwns2TejpzLe2mWYnWyyQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNgYKpjW74D/spGCfaisynRJEIC0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2Q4NTIz
NS04MDhjLTRjMGEtOWM5Ny05YjM2MGUxYmEzMjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvZDg1MjM1
LTgwOGMtNGMwYS05Yzk3LTliMzYwZTFiYTMyMS8xLzJCZ3FtTmJ2Z1AteWtZSjlx
S3pLZEVrUWdMUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCufPkMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMTOzANBgkqhkiG9w0BAQsFAAOCAQEAI6vvU+05B5nqnlyidARFHiHpXU1ErOqi
ExDUqOuyYUtIwTREZEGisT3KM04JecGL5LGrSYhecasnzpwSKA/oReIuqAZrDdHh
8jwo7WaIYKIKdH1SGGEMvd32Zv/YvOGvHUtyvhdv45hGahyypBa/2s5iVq+DMTqO
lIpyO9hSd/Nz9qcQ2EIEZm6TUb64hTAr5OOl7XNaWzmIFVV+Nz3T27ZfgCUAuk8Z
yEm7c4LBFl1XlARo4FUrYVRXrcSiXwnUhzxu8ZfJ43FOk3q4vpZKyWNnMsmVsz6O
zeSc3ISWeIVUIMS/uL4TlNSbvJCpkHv7e1bD3djQyES7d5eJwngBew==
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:02:46 2024 by rpki-client on console-ams.rpki-client.org