Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4Zd4WdBx9xUIN7KstDU_8z79gxw.cer
File:                     4Zd4WdBx9xUIN7KstDU_8z79gxw.cer (raw, json)
Hash identifier:          n+4fdnyeovsl0+ienokMa6ZaKp2tnmNkjWEIdVmha/E=
Subject key identifier:   E1:97:78:59:D0:71:F7:15:08:37:B2:AC:B4:35:3F:F3:3E:FD:83:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018E7F8BCAD2FAD263748FFBC11E88D8E52A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/4Zd4WdBx9xUIN7KstDU_8z79gxw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 27 Mar 2024 10:54:11 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215219
                          IP: 193.221.125.0/24
                          IP: 2a10:bd40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7f:8b:ca:d2:fa:d2:63:74:8f:fb:c1:1e:88:d8:e5:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 27 10:54:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e1977859d071f7150837b2acb4353ff33efd831c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d6:64:ac:bc:1c:18:07:4f:59:64:69:51:5d:
                    1e:ce:9c:bc:06:3c:a5:47:fe:33:7b:b3:f5:a3:03:
                    e7:50:9d:76:2d:3f:2a:ac:a2:97:be:e5:48:73:d6:
                    c4:f1:02:ea:02:0b:54:1b:78:93:82:74:5d:fe:01:
                    c9:19:7c:a9:e0:7e:99:e2:91:3f:49:5b:99:d7:fd:
                    2c:c3:38:6b:f2:3c:ff:86:1f:62:61:84:59:07:b3:
                    a1:55:d5:fb:f0:23:ae:14:c3:b3:63:26:b0:a6:84:
                    52:6b:ac:f5:25:36:d4:d3:a6:5b:98:54:6b:47:0b:
                    5b:13:b5:53:f7:03:f6:93:c6:6b:63:0b:5c:6c:a9:
                    b1:bc:2e:a7:d1:b5:e8:b6:0d:75:6d:6d:79:8f:10:
                    83:39:7d:80:ea:31:61:96:dd:d9:e7:2b:b0:9b:a5:
                    ae:64:d6:7a:32:6c:88:09:10:1e:8c:c5:be:00:bf:
                    5e:a3:a2:8b:2b:81:dc:a2:23:22:17:6e:61:83:7a:
                    64:0b:40:4c:ee:a2:35:d0:e5:d7:38:22:01:c5:dd:
                    d2:81:f6:b9:91:77:75:aa:9e:78:47:29:a9:68:b7:
                    12:dc:f5:e8:5f:ae:01:29:84:86:2b:2d:7b:cb:14:
                    cb:dd:37:8c:63:3c:63:23:63:5f:01:cc:29:59:5a:
                    73:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:97:78:59:D0:71:F7:15:08:37:B2:AC:B4:35:3F:F3:3E:FD:83:1C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/4Zd4WdBx9xUIN7KstDU_8z79gxw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.221.125.0/24
                IPv6:
                  2a10:bd40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215219

    Signature Algorithm: sha256WithRSAEncryption
         0f:a9:c1:8b:75:c7:f6:0c:51:1a:e0:04:a7:52:b9:28:29:09:
         a5:9d:32:6e:72:76:29:96:6e:44:8f:dd:f6:4a:9c:80:2d:17:
         3e:49:83:00:66:13:97:8e:fe:93:40:58:6b:00:7a:f5:20:0a:
         19:54:26:5d:e9:c5:23:70:0b:02:ad:91:ed:b9:98:f5:8e:9e:
         b5:27:cd:8d:a1:ec:c9:04:e3:a8:4e:a1:6b:b0:3d:dc:17:aa:
         c2:8b:ab:60:b0:e2:4e:cf:ff:0f:db:9f:d3:62:25:f4:54:fd:
         23:7d:f1:ef:21:8e:1a:7c:7d:37:fa:56:4c:27:5d:a6:ac:e3:
         2d:0d:08:44:ce:fb:c7:f1:da:5d:9e:8b:25:44:6b:26:d8:77:
         6d:ad:d9:2b:92:de:f6:f0:1f:99:cf:79:39:4f:f2:e3:a6:6c:
         d2:ad:ad:dd:22:86:cd:57:86:57:e7:a8:9f:a3:0c:6a:40:10:
         ec:95:44:3a:e3:23:6b:27:82:b6:aa:7d:3b:a0:12:11:e2:2b:
         1d:e2:43:0d:db:35:37:41:df:fe:3b:51:0f:3e:c0:d1:94:d9:
         1d:3a:e7:7b:88:9c:2a:39:c7:29:3d:2d:1f:f1:a5:ce:a2:1a:
         8b:06:fe:77:b6:f5:e3:b5:25:48:82:8f:bd:40:66:98:9d:05:
         6c:14:65:5d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY5/i8rS+tJjdI/7wR6I2OUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzI3MTA1NDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTk3Nzg1OWQwNzFmNzE1MDgzN2IyYWNiNDM1M2ZmMzNlZmQ4MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNZkrLwcGAdPWWRpUV0ezpy8Bjyl
R/4ze7P1owPnUJ12LT8qrKKXvuVIc9bE8QLqAgtUG3iTgnRd/gHJGXyp4H6Z4pE/
SVuZ1/0swzhr8jz/hh9iYYRZB7OhVdX78COuFMOzYyawpoRSa6z1JTbU06ZbmFRr
RwtbE7VT9wP2k8ZrYwtcbKmxvC6n0bXotg11bW15jxCDOX2A6jFhlt3Z5yuwm6Wu
ZNZ6MmyICRAejMW+AL9eo6KLK4HcoiMiF25hg3pkC0BM7qI10OXXOCIBxd3Sgfa5
kXd1qp54RympaLcS3PXoX64BKYSGKy17yxTL3TeMYzxjI2NfAcwpWVpzXQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOGXeFnQcfcVCDeyrLQ1P/M+/YMcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc2LzlkN2Nk
Ny1lZTYzLTQ4ODYtOGZlMS1iNWNlNmI2ZmQ0ZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYvOWQ3Y2Q3
LWVlNjMtNDg4Ni04ZmUxLWI1Y2U2YjZmZDRkMS8xLzRaZDRXZEJ4OXhVSU43S3N0
RFVfOHo3OWd4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwd19MA0EAgACMAcDBQMqEL1AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNIszANBgkqhkiG9w0BAQsFAAOCAQEAD6nBi3XH9gxR
GuAEp1K5KCkJpZ0ybnJ2KZZuRI/d9kqcgC0XPkmDAGYTl47+k0BYawB69SAKGVQm
XenFI3ALAq2R7bmY9Y6etSfNjaHsyQTjqE6ha7A93BeqwourYLDiTs//D9uf02Il
9FT9I33x7yGOGnx9N/pWTCddpqzjLQ0IRM77x/HaXZ6LJURrJth3ba3ZK5Le9vAf
mc95OU/y46Zs0q2t3SKGzVeGV+eon6MMakAQ7JVEOuMjayeCtqp9O6ASEeIrHeJD
Dds1N0Hf/jtRDz7A0ZTZHTrne4icKjnHKT0tH/GlzqIaiwb+d7b147UlSIKPvUBm
mJ0FbBRlXQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:16 2024 by rpki-client on console-fra.rpki-client.org