Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4B14knq5nJ5ziv6bAWIUpIgK0VQ.cer
File:                     4B14knq5nJ5ziv6bAWIUpIgK0VQ.cer (raw, json)
Hash identifier:          0pcIqNVyRmcQaU7yekUYuw7MarSI6iiZZ+1qXVveBGQ=
Subject key identifier:   E0:1D:78:92:7A:B9:9C:9E:73:8A:FE:9B:01:62:14:A4:88:0A:D1:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D18248E4F0FA697B06787C333D8BD
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/4B14knq5nJ5ziv6bAWIUpIgK0VQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207252
                          AS: 216043

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:18:24:8e:4f:0f:a6:97:b0:67:87:c3:33:d8:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e01d78927ab99c9e738afe9b016214a4880ad154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:6a:04:32:8e:bb:67:90:d7:bf:4c:83:60:a3:
                    30:23:52:09:e2:a7:a1:66:26:1b:85:43:2c:d8:36:
                    d9:03:2b:3b:9f:ba:8f:e4:a7:c3:67:7a:18:3a:3e:
                    07:0e:33:73:c5:84:ef:9d:ff:38:4f:b7:ed:0c:68:
                    2e:e9:c5:df:c8:0b:4b:7d:48:b9:8a:0a:b0:cd:d1:
                    69:43:46:8f:90:0c:7d:1b:d8:0a:90:97:b0:19:f3:
                    bc:e0:33:23:28:82:0a:57:5a:51:10:17:e1:77:8f:
                    a0:9f:71:0c:c7:76:a9:79:8f:a2:34:52:d4:02:7c:
                    1d:0c:b3:d1:a6:9e:ea:b6:fb:75:1c:45:64:a2:b4:
                    f0:8d:3b:23:06:63:04:18:ab:36:82:32:d9:1d:31:
                    10:71:1d:21:cf:13:8e:5f:4b:ff:79:c7:a5:04:ee:
                    5e:93:ea:d7:c0:fc:92:db:9d:71:87:32:09:fb:e2:
                    39:47:46:20:76:dd:f4:0f:32:f6:8b:96:9e:05:49:
                    80:af:f4:f7:ac:f7:41:ea:7b:0c:c9:ce:d1:a2:8b:
                    ab:bd:9a:3e:bd:36:66:c8:c1:38:53:31:84:c4:0d:
                    e4:c9:d5:64:e5:6b:73:26:a1:fe:a7:f2:1f:b6:6e:
                    ea:c7:b9:0c:98:ad:97:84:8b:95:15:1f:94:11:f8:
                    5e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:1D:78:92:7A:B9:9C:9E:73:8A:FE:9B:01:62:14:A4:88:0A:D1:54
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/4B14knq5nJ5ziv6bAWIUpIgK0VQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207252
                  216043

    Signature Algorithm: sha256WithRSAEncryption
         20:4f:bf:94:c6:d1:d9:dc:dd:f5:90:8b:10:d0:a5:83:05:13:
         a5:7a:28:c2:e6:b6:45:5c:21:9f:a4:73:ef:9c:6c:ad:04:11:
         fe:ca:71:8a:a1:6f:a1:ab:cc:fa:b3:48:08:76:1e:6a:7d:0a:
         aa:3c:84:b1:b4:e2:00:cd:41:7f:d2:d3:a1:29:ba:2d:26:ec:
         9f:20:36:0a:ea:35:81:6c:8f:45:25:8d:70:66:da:78:d7:a3:
         92:5d:6f:1c:70:87:0f:4a:9c:dd:84:70:d3:fc:f6:5d:dc:c9:
         fb:b2:5c:77:cc:5d:0c:f5:f8:2f:58:f6:a7:91:5d:1c:17:18:
         f7:fc:44:67:20:0a:57:18:7d:84:06:1e:36:18:27:97:f5:df:
         2e:dd:68:19:26:34:be:c1:9a:eb:8a:65:e2:5b:03:12:2d:2b:
         63:19:47:38:c1:4e:77:2d:08:4f:61:a7:31:6a:c8:28:b7:5f:
         cc:fe:5b:c9:79:38:df:52:18:51:f4:00:14:f2:ad:70:04:28:
         bc:e7:0f:ad:f2:95:74:7a:2d:b2:2e:0b:b3:fb:74:0d:d6:35:
         08:91:8e:f3:84:c3:df:26:af:3a:32:49:dd:1e:01:49:dc:95:
         85:fb:e9:0d:a2:9f:6a:d3:a2:06:34:34:50:99:be:c2:69:4f:
         e0:ec:42:19
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzCbRgkjk8PppewZ4fDM9i9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDFkNzg5MjdhYjk5YzllNzM4YWZlOWIwMTYyMTRhNDg4MGFkMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WoEMo67Z5DXv0yDYKMwI1IJ4qeh
ZiYbhUMs2DbZAys7n7qP5KfDZ3oYOj4HDjNzxYTvnf84T7ftDGgu6cXfyAtLfUi5
igqwzdFpQ0aPkAx9G9gKkJewGfO84DMjKIIKV1pREBfhd4+gn3EMx3apeY+iNFLU
AnwdDLPRpp7qtvt1HEVkorTwjTsjBmMEGKs2gjLZHTEQcR0hzxOOX0v/ecelBO5e
k+rXwPyS251xhzIJ++I5R0Ygdt30DzL2i5aeBUmAr/T3rPdB6nsMyc7RoourvZo+
vTZmyME4UzGExA3kydVk5WtzJqH+p/Iftm7qx7kMmK2XhIuVFR+UEfhejQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFOAdeJJ6uZyec4r+mwFiFKSICtFUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QxL2I4ZmJj
NS01YThiLTRhMmItOTQxNC03MDg5MGU1NGRhOGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEvYjhmYmM1
LTVhOGItNGEyYi05NDE0LTcwODkwZTU0ZGE4Yi8xLzRCMTRrbnE1bko1eml2NmJB
V0lVcElnSzBWUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwMplAIDA0vrMA0GCSqGSIb3DQEBCwUAA4IBAQAgT7+U
xtHZ3N31kIsQ0KWDBROleijC5rZFXCGfpHPvnGytBBH+ynGKoW+hq8z6s0gIdh5q
fQqqPISxtOIAzUF/0tOhKbotJuyfIDYK6jWBbI9FJY1wZtp416OSXW8ccIcPSpzd
hHDT/PZd3Mn7slx3zF0M9fgvWPankV0cFxj3/ERnIApXGH2EBh42GCeX9d8u3WgZ
JjS+wZrrimXiWwMSLStjGUc4wU53LQhPYacxasgot1/M/lvJeTjfUhhR9AAU8q1w
BCi85w+t8pV0ei2yLguz+3QN1jUIkY7zhMPfJq86MkndHgFJ3JWF++kNop9q06IG
NDRQmb7CaU/g7EIZ
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:21:58 2024 by rpki-client on console-fra.rpki-client.org