Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3uEtjAkpJFLGazo1IQlTM6ns_pU.cer
File:                     3uEtjAkpJFLGazo1IQlTM6ns_pU.cer (raw, json)
Hash identifier:          n442cSJ2Ki9CHuyjXnC8ClnUeygjeVLSGUyKUXtZVGE=
Subject key identifier:   DE:E1:2D:8C:09:29:24:52:C6:6B:3A:35:21:09:53:33:A9:EC:FE:95
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B82ACE4F5D77A7B534FB94DA03C1DA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/3uEtjAkpJFLGazo1IQlTM6ns_pU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:30:07 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 211298
                          IP: 87.236.176.0/24
                          IP: 193.163.125.0/24
                          IP: 2a06:4880::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:2a:ce:4f:5d:77:a7:b5:34:fb:94:da:03:c1:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:30:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dee12d8c09292452c66b3a3521095333a9ecfe95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:0b:00:a9:3c:c5:1d:57:b5:96:54:11:43:f0:
                    aa:87:eb:17:d8:01:b7:24:00:29:5f:f2:88:22:cb:
                    ae:31:b6:bc:c3:e7:ce:47:e7:8b:3f:49:f7:27:44:
                    52:c4:5b:da:ad:78:f9:e1:38:9c:c5:68:3e:6d:41:
                    bb:31:f9:66:cb:cd:b6:e6:0c:ac:65:87:ab:61:4a:
                    d9:32:9f:c6:db:8c:de:0b:b1:8f:0e:e2:1d:47:18:
                    cc:32:4f:c4:d0:1b:94:a9:1d:8b:f8:b0:5e:54:38:
                    61:84:df:12:7b:8b:b6:78:45:20:46:79:1e:e9:0e:
                    26:74:12:8a:4f:7f:dd:7e:d6:97:3e:29:cb:e4:51:
                    6b:99:69:8d:06:ce:01:c1:5b:be:e4:b7:12:e0:df:
                    fa:26:18:77:3f:26:99:96:67:7c:1e:2e:b4:7f:bc:
                    3f:50:2c:88:49:40:58:95:6e:74:17:41:5d:60:57:
                    cf:b5:12:48:56:83:fb:c9:3d:26:0b:35:ef:fc:34:
                    30:4d:f3:73:96:93:d0:71:99:e5:1a:e0:07:46:56:
                    a4:bd:79:47:33:97:10:ee:98:7e:29:a4:91:be:27:
                    92:ff:df:7d:ef:dd:d2:ea:be:33:b9:90:d8:67:41:
                    7a:59:c8:98:c0:34:88:59:92:68:94:b2:19:75:e4:
                    5e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:E1:2D:8C:09:29:24:52:C6:6B:3A:35:21:09:53:33:A9:EC:FE:95
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/3uEtjAkpJFLGazo1IQlTM6ns_pU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.176.0/24
                  193.163.125.0/24
                IPv6:
                  2a06:4880::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211298

    Signature Algorithm: sha256WithRSAEncryption
         48:57:10:a9:58:d2:25:ac:18:0e:8d:78:85:06:07:27:13:34:
         b6:0b:5d:91:c2:79:5c:4f:97:7c:35:60:56:b5:5c:05:89:d8:
         06:67:6e:b6:32:94:c4:90:a3:97:ee:7a:ad:fc:2f:bb:27:8a:
         88:30:75:57:36:93:42:a2:74:94:34:c3:64:1f:53:74:dc:7b:
         63:e9:36:4e:e6:bb:30:6e:2a:70:ca:39:bd:63:f6:f9:df:02:
         7d:01:e9:91:64:a7:df:55:48:c2:7d:31:e9:c1:fa:67:c4:37:
         58:b4:de:f7:dd:c6:88:a7:83:0f:af:8c:f9:96:55:22:b1:94:
         ac:9f:96:95:6e:33:c4:32:52:25:62:04:1d:bd:b6:96:19:51:
         00:38:ca:d7:3c:2d:a3:6d:2d:51:2c:d9:53:f9:69:53:a5:94:
         e0:a7:7e:82:c5:8d:1f:b7:f6:1b:68:74:29:f8:cc:e7:35:46:
         c3:21:24:fb:14:78:c2:5b:53:11:ea:61:81:02:cc:41:ce:b4:
         16:63:7a:f4:a4:58:6c:0f:92:03:5a:e0:a9:33:03:ad:6d:71:
         4e:68:b4:28:69:c3:09:13:7a:c8:32:79:2e:2c:10:db:56:2e:
         7b:8b:68:47:24:c5:de:5a:5c:74:43:39:35:c9:ab:2d:65:79:
         b2:b2:15:3f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzGuCrOT113p7U0+5TaA8HaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUxMmQ4YzA5MjkyNDUyYzY2YjNhMzUyMTA5NTMzM2E5ZWNmZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigsAqTzFHVe1llQRQ/Cqh+sX2AG3
JAApX/KIIsuuMba8w+fOR+eLP0n3J0RSxFvarXj54TicxWg+bUG7Mflmy8225gys
ZYerYUrZMp/G24zeC7GPDuIdRxjMMk/E0BuUqR2L+LBeVDhhhN8Se4u2eEUgRnke
6Q4mdBKKT3/dftaXPinL5FFrmWmNBs4BwVu+5LcS4N/6Jhh3PyaZlmd8Hi60f7w/
UCyISUBYlW50F0FdYFfPtRJIVoP7yT0mCzXv/DQwTfNzlpPQcZnlGuAHRlakvXlH
M5cQ7ph+KaSRvieS/999793S6r4zuZDYZ0F6WciYwDSIWZJolLIZdeRejwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFN7hLYwJKSRSxms6NSEJUzOp7P6VMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MwL2IyMWRm
ZS1mMTM4LTQwNmMtOTBhYy04ODIzYWMzNDliOGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvYjIxZGZl
LWYxMzgtNDA2Yy05MGFjLTg4MjNhYzM0OWI4ZS8xLzN1RXRqQWtwSkZMR2F6bzFJ
UWxUTTZuc19wVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAV+ywAwQAwaN9MA0EAgACMAcDBQMqBkiAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM5YjANBgkqhkiG9w0BAQsFAAOCAQEASFcQ
qVjSJawYDo14hQYHJxM0tgtdkcJ5XE+XfDVgVrVcBYnYBmdutjKUxJCjl+56rfwv
uyeKiDB1VzaTQqJ0lDTDZB9TdNx7Y+k2Tua7MG4qcMo5vWP2+d8CfQHpkWSn31VI
wn0x6cH6Z8Q3WLTe993GiKeDD6+M+ZZVIrGUrJ+WlW4zxDJSJWIEHb22lhlRADjK
1zwto20tUSzZU/lpU6WU4Kd+gsWNH7f2G2h0KfjM5zVGwyEk+xR4wltTEephgQLM
Qc60FmN69KRYbA+SA1rgqTMDrW1xTmi0KGnDCRN6yDJ5LiwQ21Yue4toRyTF3lpc
dEM5NcmrLWV5srIVPw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 17:25:51 2024 by rpki-client on console-fra.rpki-client.org