Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.cer (raw, json)
Hash identifier:          6QCCvixouR1Gv5qG7XfgqdSCR71EVpslHDdmfwT2Tec=
Subject key identifier:   DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019333CF06B5399867B2DE0B4A814C464BF6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 16 Nov 2024 07:10:25 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 213883

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:33:cf:06:b5:39:98:67:b2:de:0b:4a:81:4c:46:4b:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Nov 16 07:10:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dfa53646288329df6655e253e56b228481be9596
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:77:ae:5b:78:d7:7f:2f:e0:ae:b0:45:a6:43:
                    0a:60:cd:3e:69:ec:0c:4f:f8:f8:f8:be:61:8b:62:
                    ad:73:cb:39:f6:5d:96:94:31:f0:07:01:c7:16:c6:
                    15:a2:31:1e:d4:07:64:b8:b5:93:24:7b:ba:bc:b8:
                    5a:01:9d:c1:38:ae:28:58:e0:36:81:83:cf:b2:44:
                    d7:ef:d8:73:4e:72:59:4b:f9:91:a7:f1:4b:10:ff:
                    6d:9f:4c:5e:7f:91:6b:ee:0d:34:6d:3b:76:1f:01:
                    e7:a1:bc:13:7a:0e:4b:63:11:e7:4e:01:aa:08:d1:
                    14:af:d4:61:fc:7c:a9:6f:32:21:59:e9:4f:54:b2:
                    e6:50:73:21:08:40:85:e7:37:2d:15:d0:b7:c4:31:
                    58:0f:a2:4e:69:d9:ec:05:b0:cb:96:a6:d1:f0:a4:
                    17:c9:f6:08:d6:7d:1c:93:a1:05:c3:31:a0:b2:2d:
                    7f:69:6a:f5:a0:1c:a4:7d:98:16:25:29:94:24:70:
                    30:8f:6d:6b:10:c9:17:3c:8f:5f:ce:d7:2e:d5:05:
                    08:aa:f3:ed:13:70:6c:f0:ee:6a:85:6c:01:c2:e0:
                    9f:39:64:10:2b:04:55:46:d0:60:4d:fd:a6:bc:4f:
                    88:b0:d0:8d:ef:79:30:71:70:11:83:82:46:4d:b0:
                    06:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213883

    Signature Algorithm: sha256WithRSAEncryption
         76:d6:ec:92:66:cf:73:52:ac:f2:89:d2:bd:3f:10:83:68:33:
         74:61:b2:2f:dd:55:c3:f9:7a:b7:3f:d9:ef:df:4c:58:cb:3d:
         1b:f8:39:87:ba:53:f8:05:56:21:a5:70:fc:ce:4b:7c:df:d7:
         90:dd:b1:28:ce:92:e8:8e:f9:50:e3:26:b2:65:6c:af:06:0f:
         02:94:b5:4f:34:9a:4e:57:33:0e:66:ed:75:94:e4:cb:aa:e5:
         27:5d:44:fd:63:a5:bb:63:06:98:27:ee:31:02:15:29:7a:31:
         5c:90:fb:d8:8d:2b:65:5a:cf:49:a1:7e:e3:f9:54:0e:7b:ad:
         c7:9e:3c:15:ac:ee:1d:b5:9c:f5:6a:05:e5:dc:5c:5e:25:43:
         fe:07:d3:9b:16:f2:99:56:24:fc:c2:42:dc:5c:e6:9e:ce:e9:
         55:e8:4b:a1:4f:26:ea:21:96:63:c9:f5:29:2a:e7:b0:53:ea:
         52:10:96:dc:23:b1:7a:4a:93:91:a9:ac:4d:41:03:cb:9d:ff:
         29:1c:82:7d:be:22:78:2c:68:c0:88:d2:fc:20:a7:18:8b:19:
         f3:c3:e4:4b:ba:54:a5:bd:a1:5f:b1:78:fd:4a:c4:54:57:7b:
         23:94:57:c0:b4:59:6e:52:69:4c:13:16:1e:8c:e3:f8:3c:46:
         8c:ee:da:33
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZMzzwa1OZhnst4LSoFMRkv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTE2MDcxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmE1MzY0NjI4ODMyOWRmNjY1NWUyNTNlNTZiMjI4NDgxYmU5NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXeuW3jXfy/grrBFpkMKYM0+aewM
T/j4+L5hi2Ktc8s59l2WlDHwBwHHFsYVojEe1AdkuLWTJHu6vLhaAZ3BOK4oWOA2
gYPPskTX79hzTnJZS/mRp/FLEP9tn0xef5Fr7g00bTt2HwHnobwTeg5LYxHnTgGq
CNEUr9Rh/HypbzIhWelPVLLmUHMhCECF5zctFdC3xDFYD6JOadnsBbDLlqbR8KQX
yfYI1n0ck6EFwzGgsi1/aWr1oBykfZgWJSmUJHAwj21rEMkXPI9fztcu1QUIqvPt
E3Bs8O5qhWwBwuCfOWQQKwRVRtBgTf2mvE+IsNCN73kwcXARg4JGTbAGswIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFN+lNkYogynfZlXiU+VrIoSBvpWWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcyLzQ5ZmUw
Ni0zNmYxLTQxMWMtODVjMy03OWFmZDExODhkMzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvNDlmZTA2
LTM2ZjEtNDExYy04NWMzLTc5YWZkMTE4OGQzNy8xLzM2VTJSaWlES2Q5bVZlSlQ1
V3NpaElHLWxaWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNDezANBgkqhkiG9w0BAQsFAAOCAQEAdtbskmbPc1Ks
8onSvT8Qg2gzdGGyL91Vw/l6tz/Z799MWMs9G/g5h7pT+AVWIaVw/M5LfN/XkN2x
KM6S6I75UOMmsmVsrwYPApS1TzSaTlczDmbtdZTky6rlJ11E/WOlu2MGmCfuMQIV
KXoxXJD72I0rZVrPSaF+4/lUDnutx548FazuHbWc9WoF5dxcXiVD/gfTmxbymVYk
/MJC3Fzmns7pVehLoU8m6iGWY8n1KSrnsFPqUhCW3COxekqTkamsTUEDy53/KRyC
fb4ieCxowIjS/CCnGIsZ88PkS7pUpb2hX7F4/UrEVFd7I5RXwLRZblJpTBMWHozj
+DxGjO7aMw==
-----END CERTIFICATE-----