Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4COOIod_cwOWQAfOPjQG9frZSWI.cer
File:                     4COOIod_cwOWQAfOPjQG9frZSWI.cer (raw, json)
Hash identifier:          8hZXIU0kNaB5E2Pva8Euqf2+tGivBvXIXEYbNJq7tjE=
Subject key identifier:   E0:23:8E:22:87:7F:73:03:96:40:07:CE:3E:34:06:F5:FA:D9:49:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC870ACE06CB8F3779005C84DE5F37F1D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/4COOIod_cwOWQAfOPjQG9frZSWI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:31:16 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 202670
                          IP: 185.151.4.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:ac:e0:6c:b8:f3:77:90:05:c8:4d:e5:f3:7f:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e0238e22877f7303964007ce3e3406f5fad94962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1f:68:d3:b7:3c:e8:2b:8f:26:7b:4b:39:80:
                    e3:34:a7:9d:bb:c3:9f:18:13:6a:43:a8:22:40:5d:
                    ac:5b:46:33:8c:fe:ed:a2:83:33:38:a5:2d:2e:85:
                    4b:cc:2d:66:95:f7:fe:3c:d0:3c:bb:78:dd:8b:a4:
                    a4:ce:89:54:1f:ff:88:89:70:b6:48:ff:8d:cd:f7:
                    90:8c:c3:f3:f3:b7:d6:84:fe:01:cd:3f:89:22:5f:
                    34:49:ee:8f:5b:7d:e8:ba:da:46:f8:3a:fa:6a:1b:
                    e2:cc:e2:43:a8:ab:cd:e5:65:11:8f:6a:06:3d:71:
                    a2:b0:a9:10:69:08:0a:2c:30:77:b7:20:45:44:d4:
                    f6:56:f1:a9:a0:f8:65:8d:97:39:ce:be:26:91:e9:
                    52:01:fe:25:98:e9:53:e5:7c:d3:c9:43:7e:b6:56:
                    f8:34:9d:90:d7:5c:90:5c:59:35:65:81:f7:c7:c2:
                    d0:87:c3:e1:b5:cb:13:6d:be:f9:b9:19:33:ed:f8:
                    ab:31:c2:7f:7e:c2:1d:c4:5e:12:4c:55:ec:f3:2b:
                    30:c9:8f:d7:9b:87:9b:dd:e2:63:eb:62:1d:ec:a4:
                    5e:e3:f4:d6:b6:88:dc:f7:e0:2d:79:bd:53:6b:46:
                    c4:fe:04:41:45:a9:b1:89:71:0d:bc:bb:04:88:70:
                    a7:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:23:8E:22:87:7F:73:03:96:40:07:CE:3E:34:06:F5:FA:D9:49:62
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/4COOIod_cwOWQAfOPjQG9frZSWI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.4.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202670

    Signature Algorithm: sha256WithRSAEncryption
         7c:72:33:3c:c9:13:72:72:8f:ee:53:31:f0:74:26:ac:0c:5b:
         ed:02:e7:0a:3c:4a:db:92:74:9a:43:83:a7:bc:95:d7:0c:61:
         11:1d:4b:2e:86:21:dd:61:96:bd:e5:79:4c:ab:b2:de:7a:bb:
         00:6d:02:08:b1:ec:3d:32:01:5e:3b:94:9b:3f:00:d6:e6:62:
         1c:71:07:db:09:fb:40:6b:9a:c9:fe:5e:4b:da:6e:d3:26:21:
         b1:9a:b5:0f:02:92:44:ff:95:b4:d7:3f:32:18:74:d4:b6:5b:
         81:bc:5e:83:95:3e:ad:40:d3:6e:0b:7c:18:64:30:01:c7:b6:
         c4:fc:10:99:98:55:c0:2e:fc:a0:e8:f3:e5:3f:73:10:2c:10:
         ba:40:13:51:2d:86:82:e2:11:6f:73:70:df:24:6f:37:a6:92:
         3a:d3:4f:98:e6:98:ab:83:74:3f:5e:e6:73:bb:3b:a7:6a:4b:
         88:71:d2:93:2a:f8:07:93:4c:3e:b2:6a:e6:e9:d7:90:3d:43:
         9b:9c:2a:34:fb:0e:12:89:94:fd:78:2e:a2:39:97:f2:d1:ff:
         4c:e3:0d:c0:38:74:7d:97:73:13:4e:30:58:a6:72:f1:a8:12:
         ad:dd:0a:9f:61:02:25:0e:e0:1f:09:7e:33:46:ab:f7:dd:0a:
         19:bd:62:40
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzIcKzgbLjzd5AFyE3l838dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIzOGUyMjg3N2Y3MzAzOTY0MDA3Y2UzZTM0MDZmNWZhZDk0OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB9o07c86CuPJntLOYDjNKedu8Of
GBNqQ6giQF2sW0YzjP7tooMzOKUtLoVLzC1mlff+PNA8u3jdi6SkzolUH/+IiXC2
SP+NzfeQjMPz87fWhP4BzT+JIl80Se6PW33outpG+Dr6ahvizOJDqKvN5WURj2oG
PXGisKkQaQgKLDB3tyBFRNT2VvGpoPhljZc5zr4mkelSAf4lmOlT5XzTyUN+tlb4
NJ2Q11yQXFk1ZYH3x8LQh8PhtcsTbb75uRkz7firMcJ/fsIdxF4STFXs8yswyY/X
m4eb3eJj62Id7KRe4/TWtojc9+Ateb1Ta0bE/gRBRamxiXENvLsEiHCn7wIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFOAjjiKHf3MDlkAHzj40BvX62UliMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxL2RhMjI3
Ni02ZGJmLTQyMmUtOWViYi01NjExNzVmMDRkOGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvZGEyMjc2
LTZkYmYtNDIyZS05ZWJiLTU2MTE3NWYwNGQ4ZS8xLzRDT09Jb2RfY3dPV1FBZk9Q
alFHOWZyWlNXSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuZcEMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMXrjANBgkqhkiG9w0BAQsFAAOCAQEAfHIzPMkTcnKP7lMx8HQmrAxb7QLnCjxK
25J0mkODp7yV1wxhER1LLoYh3WGWveV5TKuy3nq7AG0CCLHsPTIBXjuUmz8A1uZi
HHEH2wn7QGuayf5eS9pu0yYhsZq1DwKSRP+VtNc/Mhh01LZbgbxeg5U+rUDTbgt8
GGQwAce2xPwQmZhVwC78oOjz5T9zECwQukATUS2GguIRb3Nw3yRvN6aSOtNPmOaY
q4N0P17mc7s7p2pLiHHSkyr4B5NMPrJq5unXkD1Dm5wqNPsOEomU/XguojmX8tH/
TOMNwDh0fZdzE04wWKZy8agSrd0Kn2ECJQ7gHwl+M0ar990KGb1iQA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:10:49 2024 by rpki-client on console-fra.rpki-client.org