Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer
File:                     3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer (raw, json)
Hash identifier:          or5zB4qjXrnBK0tilNWg2M3dyu1rqjj9AKAX00W7BI4=
Subject key identifier:   DE:B0:46:B6:E3:09:E9:A8:66:52:2C:2A:40:C6:6F:FC:42:FB:B8:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94AB5D75DAD21FFBEE4DAC13F5FE853
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:29:25 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 24713
                          IP: 80.248.160.0/20
                          IP: 81.22.160.0/20
                          IP: 185.134.88.0/22
                          IP: 2a03:d640::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4a:b5:d7:5d:ad:21:ff:be:e4:da:c1:3f:5f:e8:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=deb046b6e309e9a866522c2a40c66ffc42fbb843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6f:ea:d5:20:02:ad:73:20:81:a8:cb:0c:b4:
                    f5:0c:a2:9b:b2:4a:a5:91:b6:ec:5e:26:5d:9d:92:
                    73:bc:f3:13:d0:75:56:f4:1f:64:9d:f7:66:af:f0:
                    41:0f:67:be:a6:b4:14:06:45:96:de:60:4e:ac:ac:
                    6e:96:cb:43:61:a4:5e:0a:df:53:f6:a1:6f:de:9c:
                    02:cd:0d:17:47:d5:38:67:81:da:9c:aa:67:87:cd:
                    35:76:26:f1:e8:3a:55:c1:c4:7d:75:2e:df:35:55:
                    5c:2f:9e:cf:c0:f7:ab:80:c1:7f:1a:74:8c:7e:c8:
                    52:21:17:77:65:5b:29:fc:e0:44:2e:be:60:34:6d:
                    08:0a:7d:37:6e:ca:6c:d6:dd:3c:ae:20:ac:8f:c0:
                    8f:de:9c:0f:1f:08:05:54:49:12:6c:17:03:de:30:
                    78:73:af:90:e3:a4:da:3b:1e:2c:1a:c2:9c:fb:78:
                    44:84:48:6c:10:5f:fe:dd:59:97:8a:19:09:67:be:
                    10:34:75:8c:8f:c4:93:d9:f6:4c:34:e3:65:96:13:
                    de:fd:1f:08:6e:23:72:8a:a0:f5:f6:f3:d9:6d:0d:
                    c8:d8:c9:57:cb:01:b2:c4:79:b5:88:06:01:0f:e3:
                    88:d9:ef:95:83:2a:6e:ff:81:a0:0f:36:d2:00:41:
                    ed:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:B0:46:B6:E3:09:E9:A8:66:52:2C:2A:40:C6:6F:FC:42:FB:B8:43
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.248.160.0/20
                  81.22.160.0/20
                  185.134.88.0/22
                IPv6:
                  2a03:d640::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24713

    Signature Algorithm: sha256WithRSAEncryption
         1b:a0:23:4d:15:88:da:87:ee:d4:a5:de:e1:0b:46:0b:ec:2c:
         27:ee:bf:a0:8a:6e:08:dc:1f:91:31:07:98:5c:35:ed:af:51:
         60:fe:ba:80:9e:44:b1:85:b2:31:3c:11:aa:87:5d:0b:cd:6a:
         03:a2:df:6a:85:ef:ef:6d:10:a0:c2:f5:cb:5d:eb:e1:94:89:
         fb:ed:7d:fe:16:21:dc:ee:30:b2:92:3e:81:bf:05:0d:7d:c2:
         df:60:2b:29:08:ae:b7:1a:79:4c:af:16:6c:38:85:87:6c:d1:
         6d:ce:ef:e6:86:40:5a:b8:91:8a:c9:0b:a9:76:9d:0c:91:dc:
         e4:42:a9:4a:16:89:f0:6f:1c:6a:64:e2:66:25:2f:09:ba:36:
         61:5c:e1:e9:73:c6:fa:e3:60:91:79:15:4b:c8:4d:66:23:57:
         ac:e6:72:c6:37:16:35:99:b8:95:de:7c:5f:a6:82:9e:71:fb:
         20:0c:8b:c4:2b:e1:13:a9:e0:5d:e4:79:07:73:f8:78:fb:f8:
         48:66:58:a0:c9:6c:83:5b:09:44:5e:49:ef:55:3c:5f:1d:d8:
         22:4b:af:56:48:ef:f6:7c:29:0a:c7:7e:38:1a:9f:6e:03:87:
         5b:ad:f5:4b:e6:a6:d6:d8:59:2e:7b:32:df:1e:a0:dd:b4:54:
         aa:a3:af:67
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYzJSrXXXa0h/77k2sE/X+hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWIwNDZiNmUzMDllOWE4NjY1MjJjMmE0MGM2NmZmYzQyZmJiODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2/q1SACrXMggajLDLT1DKKbskql
kbbsXiZdnZJzvPMT0HVW9B9knfdmr/BBD2e+prQUBkWW3mBOrKxulstDYaReCt9T
9qFv3pwCzQ0XR9U4Z4HanKpnh801dibx6DpVwcR9dS7fNVVcL57PwPergMF/GnSM
fshSIRd3ZVsp/OBELr5gNG0ICn03bsps1t08riCsj8CP3pwPHwgFVEkSbBcD3jB4
c6+Q46TaOx4sGsKc+3hEhEhsEF/+3VmXihkJZ74QNHWMj8ST2fZMNONllhPe/R8I
biNyiqD19vPZbQ3I2MlXywGyxHm1iAYBD+OI2e+Vgypu/4GgDzbSAEHtlQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFN6wRrbjCemoZlIsKkDGb/xC+7hDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UzL2QyNGJj
Mi00MmYzLTQ2ZDktYmRkOS0xYzk0OTIyNDVjYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvZDI0YmMy
LTQyZjMtNDZkOS1iZGQ5LTFjOTQ5MjI0NWNhYi8xLzNyQkd0dU1KNmFobVVpd3FR
TVp2X0VMN3VFTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQEUPigAwQEURagAwQCuYZYMA0EAgACMAcDBQAq
A9ZAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAmCJMA0GCSqGSIb3DQEBCwUAA4IB
AQAboCNNFYjah+7Upd7hC0YL7Cwn7r+gim4I3B+RMQeYXDXtr1Fg/rqAnkSxhbIx
PBGqh10LzWoDot9qhe/vbRCgwvXLXevhlIn77X3+FiHc7jCykj6BvwUNfcLfYCsp
CK63GnlMrxZsOIWHbNFtzu/mhkBauJGKyQupdp0MkdzkQqlKFonwbxxqZOJmJS8J
ujZhXOHpc8b642CReRVLyE1mI1es5nLGNxY1mbiV3nxfpoKecfsgDIvEK+ETqeBd
5HkHc/h4+/hIZligyWyDWwlEXknvVTxfHdgiS69WSO/2fCkKx344Gp9uA4dbrfVL
5qbW2FkuezLfHqDdtFSqo69n
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:31:46 2024 by rpki-client on console-ams.rpki-client.org