Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3Cc-HiGEHOLDNf4clhznaAF-7ik.cer
File:                     3Cc-HiGEHOLDNf4clhznaAF-7ik.cer (raw, json)
Hash identifier:          davfO93LAeNq8ixbfNio4LRHkIaKzFBQuRx+GBsgES8=
Subject key identifier:   DC:27:3E:1E:21:84:1C:E2:C3:35:FE:1C:96:1C:E7:68:01:7E:EE:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4935DAB9CC609C17E86FF12796A1E31
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:30:41 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.232.212.0/22
                          IP: 2a0c:c100::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:5d:ab:9c:c6:09:c1:7e:86:ff:12:79:6a:1e:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:30:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dc273e1e21841ce2c335fe1c961ce768017eee29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:50:94:1f:59:7f:79:02:ba:a8:fd:45:db:c2:
                    88:d3:36:c6:68:d8:23:fa:ca:c4:cb:3c:85:dc:6b:
                    ba:8f:82:ed:b7:18:1f:86:a7:7e:3c:e6:85:be:3a:
                    e1:eb:21:fd:82:c9:04:45:d0:c8:f0:af:4f:31:25:
                    da:fc:25:37:bd:1d:57:f7:b7:45:4f:22:a3:10:d3:
                    9b:58:ee:d3:28:97:97:99:00:cc:69:c4:65:0e:d4:
                    43:98:00:07:84:e7:6b:1f:84:77:62:90:73:69:60:
                    c7:3d:be:4b:01:52:de:f3:cb:60:13:02:2c:70:de:
                    1b:54:35:8a:23:02:10:d8:d0:6d:e3:da:40:b4:fe:
                    b0:bd:75:dd:31:83:e9:c0:b2:02:09:79:c2:1b:b0:
                    c6:6d:7a:6c:9a:2f:64:41:eb:9b:96:3a:eb:33:c2:
                    7e:aa:a3:c2:6d:11:35:3e:f6:d9:ad:76:7d:33:64:
                    1f:63:57:38:d8:d2:27:f9:6b:74:c6:99:72:9c:dc:
                    59:c3:9e:34:6c:30:ed:fd:a5:11:0a:66:99:2f:33:
                    f9:27:c8:14:fb:ee:4f:f4:d6:72:84:8b:36:31:69:
                    73:ae:97:84:8a:b4:11:ad:d8:95:34:a7:b7:d3:69:
                    c3:50:33:d7:24:cc:4c:5b:21:7e:72:b2:b0:37:60:
                    2e:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:27:3E:1E:21:84:1C:E2:C3:35:FE:1C:96:1C:E7:68:01:7E:EE:29
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.212.0/22
                IPv6:
                  2a0c:c100::/29

    Signature Algorithm: sha256WithRSAEncryption
         0a:2e:62:68:c6:d9:30:9d:86:b6:28:d6:a5:26:21:ba:5f:75:
         0a:cc:5f:c3:8a:6d:63:54:2d:76:f8:a7:13:e8:13:6c:ca:e7:
         24:f3:92:de:8c:50:8a:b7:5f:06:57:b1:cd:9c:63:f6:9b:88:
         61:19:c2:80:90:8c:0f:09:d6:56:b0:24:cb:11:f1:42:4f:8e:
         fe:5d:d4:59:7c:9c:78:3c:7b:7f:69:02:61:94:59:bf:b7:91:
         19:84:89:47:00:15:b2:13:99:a0:0f:87:6f:43:fe:54:bf:50:
         4b:57:46:f6:4a:b7:89:67:87:f9:ee:92:33:09:ce:f6:3a:a0:
         f7:10:d2:1f:08:e1:8e:e0:a4:ef:0d:b2:cd:5f:41:d7:2b:72:
         b4:55:35:a6:07:bf:2e:a6:7d:7a:9d:1f:ca:89:df:42:9e:86:
         4f:a5:ff:c4:a8:93:de:ce:a5:16:95:af:b0:84:36:db:1d:61:
         53:ed:69:1f:0c:5b:7d:d3:71:74:36:ee:d1:c9:e7:d9:3e:50:
         98:eb:e7:ba:f5:1d:f8:36:e2:2f:54:67:d2:1c:6b:24:00:19:
         59:d9:a3:9f:25:17:fb:9e:6e:af:64:e4:33:1a:ee:0f:b6:73:
         c7:0e:91:05:ab:56:d9:48:5b:c6:6c:f8:7f:96:44:d5:7c:a2:
         bc:15:6c:bb
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzEk12rnMYJwX6G/xJ5ah4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzI3M2UxZTIxODQxY2UyYzMzNWZlMWM5NjFjZTc2ODAxN2VlZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVCUH1l/eQK6qP1F28KI0zbGaNgj
+srEyzyF3Gu6j4Lttxgfhqd+POaFvjrh6yH9gskERdDI8K9PMSXa/CU3vR1X97dF
TyKjENObWO7TKJeXmQDMacRlDtRDmAAHhOdrH4R3YpBzaWDHPb5LAVLe88tgEwIs
cN4bVDWKIwIQ2NBt49pAtP6wvXXdMYPpwLICCXnCG7DGbXpsmi9kQeubljrrM8J+
qqPCbRE1PvbZrXZ9M2QfY1c42NIn+Wt0xplynNxZw540bDDt/aURCmaZLzP5J8gU
++5P9NZyhIs2MWlzrpeEirQRrdiVNKe302nDUDPXJMxMWyF+crKwN2AucwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNwnPh4hhBziwzX+HJYc52gBfu4pMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YwL2I0YTcx
YS1lYjM3LTQ2OWEtOGJiNS0yNzg0MWY1MDc3MzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAvYjRhNzFh
LWViMzctNDY5YS04YmI1LTI3ODQxZjUwNzczNS8xLzNDYy1IaUdFSE9MRE5mNGNs
aHpuYUFGLTdpay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuejUMA0EAgACMAcDBQMqDMEAMA0GCSqGSIb3
DQEBCwUAA4IBAQAKLmJoxtkwnYa2KNalJiG6X3UKzF/Dim1jVC12+KcT6BNsyuck
85LejFCKt18GV7HNnGP2m4hhGcKAkIwPCdZWsCTLEfFCT47+XdRZfJx4PHt/aQJh
lFm/t5EZhIlHABWyE5mgD4dvQ/5Uv1BLV0b2SreJZ4f57pIzCc72OqD3ENIfCOGO
4KTvDbLNX0HXK3K0VTWmB78upn16nR/Kid9CnoZPpf/EqJPezqUWla+whDbbHWFT
7WkfDFt903F0Nu7RyefZPlCY6+e69R34NuIvVGfSHGskABlZ2aOfJRf7nm6vZOQz
Gu4PtnPHDpEFq1bZSFvGbPh/lkTVfKK8FWy7
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:47:06 2024 by rpki-client on console-fra.rpki-client.org