Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3y4c6U6IoT84_n-UO3lBa8B6HfA.cer
File:                     3y4c6U6IoT84_n-UO3lBa8B6HfA.cer (raw, json)
Hash identifier:          aobDqIzDoWF0s0v/TeIEC9h0cnmKGsXdTGWEMR810s4=
Subject key identifier:   DF:2E:1C:E9:4E:88:A1:3F:38:FE:7F:94:3B:79:41:6B:C0:7A:1D:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B730AD4BB04A7A749DD50E0088A810
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:30:11 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200129
                          IP: 185.36.180.0/22
                          IP: 2a00:e860::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:30:ad:4b:b0:4a:7a:74:9d:d5:0e:00:88:a8:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:30:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=df2e1ce94e88a13f38fe7f943b79416bc07a1df0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:99:2f:40:03:21:58:d8:98:a2:49:22:60:b5:
                    a5:23:bc:05:3a:23:28:13:46:76:d4:b6:ad:2d:5c:
                    97:92:41:c3:52:6b:d4:e0:0e:73:dc:f8:3d:1f:32:
                    da:df:c0:96:37:d5:c1:f9:75:74:e3:8b:94:47:b5:
                    14:3c:14:f9:85:11:5b:29:55:f7:b6:79:4e:17:26:
                    c8:4c:1c:e1:5a:8e:6f:a5:74:97:02:d4:1e:60:05:
                    a0:59:d8:cb:a2:72:15:15:14:46:5c:c1:06:e7:cb:
                    68:20:6d:7c:24:cc:4a:e6:9a:82:63:2e:64:64:c5:
                    78:8b:38:34:ac:61:bf:41:2c:62:81:b2:54:3f:23:
                    90:bd:9d:1d:08:8c:d7:92:a9:c1:0f:fb:ae:89:f0:
                    4b:38:46:2c:11:65:fc:51:63:2c:fc:2b:f8:79:f7:
                    fd:5f:4d:f7:3b:8e:1c:92:ce:e8:51:16:79:9e:b5:
                    dc:25:d6:8a:11:2c:b2:4b:7a:da:8d:ac:43:f1:c9:
                    b1:9c:e8:6b:6f:fa:ba:e4:65:90:4c:31:83:d2:81:
                    83:34:47:d5:a8:6f:d4:da:e2:bb:41:0f:27:b4:80:
                    e9:44:40:4c:79:e7:6d:2b:81:b1:eb:be:bc:44:74:
                    e1:78:ed:62:71:93:04:f9:04:a0:67:37:34:bd:73:
                    fb:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:2E:1C:E9:4E:88:A1:3F:38:FE:7F:94:3B:79:41:6B:C0:7A:1D:F0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.36.180.0/22
                IPv6:
                  2a00:e860::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200129

    Signature Algorithm: sha256WithRSAEncryption
         69:c4:67:94:e4:f2:10:4d:0e:a2:78:b7:c1:b8:ff:ba:12:5c:
         0c:bf:95:3b:af:08:2b:07:ef:d5:3e:a4:7a:92:a4:c1:ca:48:
         af:9d:83:68:6f:85:51:05:f2:dc:96:a2:e5:40:ef:ae:11:88:
         56:bc:4d:a6:cf:40:2b:aa:7a:1f:6d:9d:11:91:08:55:50:77:
         14:23:39:70:b8:71:d0:7f:8d:c8:86:a3:26:35:de:60:5d:ed:
         37:7e:42:e9:6e:01:21:40:44:16:0f:ec:12:13:c5:c8:e2:b9:
         c0:29:0e:be:60:97:c9:2d:0e:55:e0:cb:be:54:d6:5a:b5:67:
         c1:40:58:3b:38:e2:4c:1f:08:33:f4:9a:4a:52:38:77:ae:2b:
         8c:08:30:f2:af:c4:ba:12:aa:e8:bd:6c:fa:87:db:fb:18:15:
         9c:62:da:c1:36:e6:50:d5:8a:95:48:01:da:23:06:c7:3b:13:
         c4:4a:5e:df:5a:23:b6:2b:7e:51:1e:5f:5b:f9:bd:b9:29:53:
         ba:b6:c1:b0:25:c1:0b:bd:48:d8:ad:71:36:92:4f:7b:d7:07:
         9f:cb:f1:fe:ab:6c:09:a0:70:81:52:5a:4f:76:9a:02:c8:9f:
         ad:04:bb:83:4a:49:4f:df:34:0f:92:04:e4:7d:e1:8a:07:73:
         30:1f:bd:2b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzDtzCtS7BKenSd1Q4AiKgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJlMWNlOTRlODhhMTNmMzhmZTdmOTQzYjc5NDE2YmMwN2ExZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5kvQAMhWNiYokkiYLWlI7wFOiMo
E0Z21LatLVyXkkHDUmvU4A5z3Pg9HzLa38CWN9XB+XV044uUR7UUPBT5hRFbKVX3
tnlOFybITBzhWo5vpXSXAtQeYAWgWdjLonIVFRRGXMEG58toIG18JMxK5pqCYy5k
ZMV4izg0rGG/QSxigbJUPyOQvZ0dCIzXkqnBD/uuifBLOEYsEWX8UWMs/Cv4eff9
X033O44cks7oURZ5nrXcJdaKESyyS3rajaxD8cmxnOhrb/q65GWQTDGD0oGDNEfV
qG/U2uK7QQ8ntIDpREBMeedtK4Gx6768RHTheO1icZME+QSgZzc0vXP7aQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFN8uHOlOiKE/OP5/lDt5QWvAeh3wMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyLzc4ZDhm
NC0zZTBmLTRiYmUtOTIxNC01Mzc0YzdlMGZmYTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvNzhkOGY0
LTNlMGYtNGJiZS05MjE0LTUzNzRjN2UwZmZhMS8xLzN5NGM2VTZJb1Q4NF9uLVVP
M2xCYThCNkhmQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuSS0MA0EAgACMAcDBQAqAOhgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMNwTANBgkqhkiG9w0BAQsFAAOCAQEAacRnlOTyEE0O
oni3wbj/uhJcDL+VO68IKwfv1T6kepKkwcpIr52DaG+FUQXy3Jai5UDvrhGIVrxN
ps9AK6p6H22dEZEIVVB3FCM5cLhx0H+NyIajJjXeYF3tN35C6W4BIUBEFg/sEhPF
yOK5wCkOvmCXyS0OVeDLvlTWWrVnwUBYOzjiTB8IM/SaSlI4d64rjAgw8q/EuhKq
6L1s+ofb+xgVnGLawTbmUNWKlUgB2iMGxzsTxEpe31ojtit+UR5fW/m9uSlTurbB
sCXBC71I2K1xNpJPe9cHn8vx/qtsCaBwgVJaT3aaAsifrQS7g0pJT980D5IE5H3h
igdzMB+9Kw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:41:32 2024 by rpki-client on console-ams.rpki-client.org