Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2LogEg7G3ID9NRpTPSyFyg2YMpk.cer
File:                     2LogEg7G3ID9NRpTPSyFyg2YMpk.cer (raw, json)
Hash identifier:          WVJyBUz7qiAHF+JTiOveMHlfj32pBJmbsQOSEeDshvA=
Subject key identifier:   D8:BA:20:12:0E:C6:DC:80:FD:35:1A:53:3D:2C:85:CA:0D:98:32:99
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8706794555D7F9B5FAD1593B786D897
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/2LogEg7G3ID9NRpTPSyFyg2YMpk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:30:58 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 44210
                          IP: 185.79.16.0/22
                          IP: 2a03:5be0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:67:94:55:5d:7f:9b:5f:ad:15:93:b7:86:d8:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:30:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d8ba20120ec6dc80fd351a533d2c85ca0d983299
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:3b:ef:16:65:bd:8b:39:e1:b1:8f:03:1f:61:
                    06:19:50:e3:f9:8a:7c:6b:75:f2:92:28:dd:39:00:
                    76:5e:e6:d6:7e:43:14:d9:63:dc:d3:a3:00:e1:e4:
                    86:f9:fc:d9:4b:72:41:25:9f:93:1d:b2:ab:68:d7:
                    44:44:28:39:bb:49:7d:19:0f:2b:f6:9b:ed:d2:6b:
                    e6:bc:8c:c9:73:4b:31:9f:a6:47:a9:f6:bc:9a:2f:
                    33:42:26:fc:a5:d4:e4:2a:1d:0a:2d:77:95:8c:7a:
                    35:b0:59:3b:44:9d:72:e3:78:d1:d9:d5:4a:84:5a:
                    8a:5b:d2:1f:45:fb:17:07:26:99:7c:94:d3:83:31:
                    1e:3f:d0:33:64:11:3e:72:cc:4e:d6:f4:1f:88:c6:
                    b7:74:4b:24:51:32:9c:46:68:3f:0e:95:9f:86:00:
                    60:92:dc:0e:75:4d:15:7d:a4:9b:e2:f9:7b:97:fa:
                    ab:fb:60:c6:14:0a:fb:57:93:bf:c2:41:e9:dd:7a:
                    2d:57:94:c9:b2:26:9b:09:fa:70:68:07:43:0d:47:
                    b5:a8:91:d4:68:e8:38:33:a9:ad:6c:3a:26:e1:85:
                    37:1f:2d:61:cd:78:e3:d3:fd:21:58:6c:00:17:22:
                    36:96:10:1d:ab:8e:ce:89:9d:b4:45:46:95:d8:10:
                    8a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:BA:20:12:0E:C6:DC:80:FD:35:1A:53:3D:2C:85:CA:0D:98:32:99
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/2LogEg7G3ID9NRpTPSyFyg2YMpk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.16.0/22
                IPv6:
                  2a03:5be0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44210

    Signature Algorithm: sha256WithRSAEncryption
         0d:7e:44:af:84:9c:1a:eb:aa:66:f4:9d:aa:d1:6c:59:3b:4c:
         55:dd:82:24:6c:1f:0e:be:bc:b7:fe:5a:7a:65:50:60:2c:65:
         73:7a:39:99:c6:55:e6:f4:11:b1:d8:7e:78:8b:95:fb:d9:d5:
         4b:63:3c:53:ed:fb:5d:f3:5f:4d:4b:f3:6f:93:d7:a9:2e:cc:
         ca:f4:07:1f:70:50:27:03:e4:7d:82:86:78:3d:33:41:cb:0d:
         10:f3:29:7a:a2:5e:b9:7a:20:79:d7:78:a0:a0:43:22:b7:65:
         49:b3:50:9d:98:39:09:d4:52:46:73:6a:7b:1d:5f:8e:18:10:
         a0:87:18:c2:4e:a0:07:05:0a:23:ea:95:34:3a:39:7b:d2:7d:
         fd:1c:96:af:61:07:1c:e8:ad:ad:ce:3e:33:39:d5:64:a3:29:
         23:10:dd:e4:6d:da:c9:39:47:e0:d7:e8:10:98:60:1b:e8:ad:
         43:cb:61:4d:1d:40:5b:12:f1:e6:cb:2d:6b:c5:63:32:26:a0:
         88:c9:35:1e:cb:1b:9e:f5:fe:6f:38:53:c9:c2:c9:97:11:79:
         2a:f0:50:9e:73:d5:da:b8:df:b0:4a:b2:a8:9c:e9:93:15:a6:
         98:06:e4:f1:09:11:83:d8:9b:15:01:c6:04:3f:6c:6d:e2:11:
         39:92:5a:7e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIcGeUVV1/m1+tFZO3htiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJhMjAxMjBlYzZkYzgwZmQzNTFhNTMzZDJjODVjYTBkOTgzMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DvvFmW9iznhsY8DH2EGGVDj+Yp8
a3XykijdOQB2XubWfkMU2WPc06MA4eSG+fzZS3JBJZ+THbKraNdERCg5u0l9GQ8r
9pvt0mvmvIzJc0sxn6ZHqfa8mi8zQib8pdTkKh0KLXeVjHo1sFk7RJ1y43jR2dVK
hFqKW9IfRfsXByaZfJTTgzEeP9AzZBE+csxO1vQfiMa3dEskUTKcRmg/DpWfhgBg
ktwOdU0VfaSb4vl7l/qr+2DGFAr7V5O/wkHp3XotV5TJsiabCfpwaAdDDUe1qJHU
aOg4M6mtbDom4YU3Hy1hzXjj0/0hWGwAFyI2lhAdq47OiZ20RUaV2BCKOQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNi6IBIOxtyA/TUaUz0shcoNmDKZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVjLzdmYWM0
NC02MTBmLTQ4NWMtYWUxMS0xOGVhMWQ1ZmVmMmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMvN2ZhYzQ0
LTYxMGYtNDg1Yy1hZTExLTE4ZWExZDVmZWYyZC8xLzJMb2dFZzdHM0lEOU5ScFRQ
U3lGeWcyWU1way5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuU8QMA0EAgACMAcDBQAqA1vgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCssjANBgkqhkiG9w0BAQsFAAOCAQEADX5Er4ScGuuq
ZvSdqtFsWTtMVd2CJGwfDr68t/5aemVQYCxlc3o5mcZV5vQRsdh+eIuV+9nVS2M8
U+37XfNfTUvzb5PXqS7MyvQHH3BQJwPkfYKGeD0zQcsNEPMpeqJeuXogedd4oKBD
IrdlSbNQnZg5CdRSRnNqex1fjhgQoIcYwk6gBwUKI+qVNDo5e9J9/RyWr2EHHOit
rc4+MznVZKMpIxDd5G3ayTlH4NfoEJhgG+itQ8thTR1AWxLx5ssta8VjMiagiMk1
HssbnvX+bzhTycLJlxF5KvBQnnPV2rjfsEqyqJzpkxWmmAbk8QkRg9ibFQHGBD9s
beIROZJafg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:54 2024 by rpki-client on console-ams.rpki-client.org