Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer
File:                     2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer (raw, json)
Hash identifier:          XHjZj86Jxhzsw107ZIJn2NJNbvyRem8bDbWO+BS6pmM=
Subject key identifier:   DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94D901659D76712E88F8D034322CBD1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:32:32 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207338

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:90:16:59:d7:67:12:e8:8f:8d:03:43:22:cb:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:32:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dbf5bcb91c640a0a342905e5a51707528f5a33a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0d:42:5d:ce:e4:64:11:25:65:30:e5:f9:90:
                    56:e4:75:22:0b:68:f7:30:c5:4a:bf:c5:99:0b:00:
                    1c:5b:fc:bd:a8:b5:fb:46:74:24:55:6c:ec:46:42:
                    62:92:6e:ad:aa:64:63:bd:d7:c6:ab:22:b2:ed:72:
                    52:9a:6b:6c:51:06:05:bb:27:2d:60:97:73:df:0e:
                    ae:0d:b6:a3:7a:97:90:25:e7:3e:58:fb:96:ad:e5:
                    c0:6a:7d:d2:0c:8b:89:ca:50:91:88:b2:f9:78:b0:
                    b9:92:1d:a8:4c:58:b9:95:93:3a:aa:f8:97:e5:f8:
                    b9:7d:78:a2:59:0e:47:fd:a4:ad:54:3b:cd:1d:3f:
                    0e:18:de:a8:6a:05:ea:5c:b3:1a:dd:f0:31:f0:a5:
                    58:b2:d1:d2:f9:99:78:49:3f:53:20:2b:69:ca:5e:
                    4f:05:9c:6e:6e:5d:ae:85:09:2c:a4:fc:ef:18:8d:
                    5e:bc:f5:f0:78:c8:65:c0:f4:bb:d3:46:b9:46:87:
                    5b:c6:25:23:39:c8:aa:e7:72:53:b9:43:42:37:ab:
                    59:50:8b:cc:eb:44:a3:d2:5a:b2:46:0d:64:b6:eb:
                    f3:ff:a7:7a:78:3e:f2:72:ab:4a:1a:ec:24:e4:88:
                    ce:c5:34:d6:d7:29:9a:7b:c1:b6:2a:c2:83:bb:ce:
                    81:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207338

    Signature Algorithm: sha256WithRSAEncryption
         82:68:69:f5:73:c7:2d:90:ff:39:76:02:2f:28:37:08:f9:f7:
         72:4d:81:96:e0:86:00:a4:2b:29:a0:dd:a8:45:39:a3:6c:6e:
         aa:b7:47:d2:1c:73:84:22:28:6e:3f:0e:06:87:4f:85:8a:57:
         a9:a1:19:d9:dc:b2:7a:9e:07:07:34:89:43:fe:81:32:d5:52:
         7b:61:a5:6f:bd:60:5a:21:4f:42:c3:2c:33:eb:7b:ad:44:9e:
         73:1c:97:00:a1:2b:91:e3:48:51:54:7d:ff:7a:09:c6:d0:4f:
         81:44:16:10:e4:ad:2f:43:b1:b9:07:24:c3:b9:ab:2d:4b:8a:
         bc:c9:d6:d5:0b:1f:79:66:d1:79:af:84:d1:1d:a1:7c:88:c4:
         46:5a:d3:09:7c:1f:f0:72:9b:50:44:8b:57:89:3d:61:6c:51:
         40:69:3a:78:eb:57:1c:42:a2:65:ee:66:ce:30:e7:70:b9:ab:
         a6:b4:f9:b7:26:5e:b1:d1:e4:c0:01:92:4a:64:8e:8d:47:cf:
         cf:2f:a8:a7:d8:11:d3:c4:64:46:09:08:df:d4:19:59:9f:4f:
         29:5d:b3:d7:65:4b:7e:0c:30:22:1d:c9:64:0f:7c:07:0e:c5:
         e8:31:d5:d4:bb:0e:18:b7:7c:a2:bb:e3:c3:96:3e:1d:2d:a3:
         6e:64:52:39
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzJTZAWWddnEuiPjQNDIsvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY1YmNiOTFjNjQwYTBhMzQyOTA1ZTVhNTE3MDc1MjhmNWEzM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA1CXc7kZBElZTDl+ZBW5HUiC2j3
MMVKv8WZCwAcW/y9qLX7RnQkVWzsRkJikm6tqmRjvdfGqyKy7XJSmmtsUQYFuyct
YJdz3w6uDbajepeQJec+WPuWreXAan3SDIuJylCRiLL5eLC5kh2oTFi5lZM6qviX
5fi5fXiiWQ5H/aStVDvNHT8OGN6oagXqXLMa3fAx8KVYstHS+Zl4ST9TICtpyl5P
BZxubl2uhQkspPzvGI1evPXweMhlwPS700a5RodbxiUjOciq53JTuUNCN6tZUIvM
60Sj0lqyRg1ktuvz/6d6eD7ycqtKGuwk5IjOxTTW1ymae8G2KsKDu86BNQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNv1vLkcZAoKNCkF5aUXB1KPWjOhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzI3ZWQy
ZC0wN2M3LTQxZDgtOWMyNC0xMmI0ZWJjNDE0NTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvMjdlZDJk
LTA3YzctNDFkOC05YzI0LTEyYjRlYmM0MTQ1MS8xLzJfVzh1UnhrQ2dvMEtRWGxw
UmNIVW85YU02RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMp6jANBgkqhkiG9w0BAQsFAAOCAQEAgmhp9XPHLZD/
OXYCLyg3CPn3ck2BluCGAKQrKaDdqEU5o2xuqrdH0hxzhCIobj8OBodPhYpXqaEZ
2dyyep4HBzSJQ/6BMtVSe2Glb71gWiFPQsMsM+t7rUSecxyXAKErkeNIUVR9/3oJ
xtBPgUQWEOStL0OxuQckw7mrLUuKvMnW1QsfeWbRea+E0R2hfIjERlrTCXwf8HKb
UESLV4k9YWxRQGk6eOtXHEKiZe5mzjDncLmrprT5tyZesdHkwAGSSmSOjUfPzy+o
p9gR08RkRgkI39QZWZ9PKV2z12VLfgwwIh3JZA98Bw7F6DHV1LsOGLd8orvjw5Y+
HS2jbmRSOQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:26:13 2024 by rpki-client on console-ams.rpki-client.org