Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5OF-B7BNx2ydbJH6_C1ahALGS44.cer
File:                     5OF-B7BNx2ydbJH6_C1ahALGS44.cer (raw, json)
Hash identifier:          2FrVoiTZUg5ZSPr54cN/N1gsBfTYxG2IdFmk/jEX1Sc=
Subject key identifier:   E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC424CC01A9001A5635E605FCB8CCE204
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:29:55 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 206141
                          IP: 147.28.48.0/20
                          IP: 185.155.188.0/22
                          IP: 2a07:9540::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:cc:01:a9:00:1a:56:35:e6:05:fc:b8:cc:e2:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:29:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e4e17e07b04dc76c9d6c91fafc2d5a8402c64b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b5:e4:16:54:43:32:1a:c9:4a:4b:69:be:91:
                    eb:29:f2:ec:7e:4a:7f:64:d0:1e:98:fb:f9:d3:36:
                    bf:71:69:e4:22:ea:39:c8:1c:9d:53:97:4e:a0:83:
                    09:00:b2:f2:04:29:4f:f2:84:ad:f9:4d:94:ab:7f:
                    23:cd:2f:b4:c3:b7:de:46:b0:fc:e7:f1:41:b4:67:
                    dd:cc:4a:a8:3f:e5:ae:57:77:0c:13:88:3f:c5:54:
                    02:d1:a5:3f:29:4d:c8:8a:a8:50:52:03:6a:e7:3e:
                    17:0a:06:c7:3b:37:71:4c:82:f6:74:0b:1c:d7:70:
                    25:f7:31:26:5b:1d:7d:52:f1:4c:dc:31:a4:7f:13:
                    1e:25:bf:15:50:f0:d2:76:01:01:7c:f3:70:e5:d4:
                    43:2e:69:7f:2c:61:c7:df:65:43:72:55:9f:9f:4b:
                    d4:8e:45:6e:96:a5:c9:7e:74:c8:9b:a8:d9:c1:7b:
                    64:34:fb:3f:4a:f6:0d:28:53:77:a3:54:c6:f1:d3:
                    d3:5a:46:84:a7:c7:c2:ed:02:19:33:9e:93:a2:6d:
                    8b:64:52:2d:ff:2f:f7:47:aa:4a:8f:55:3d:58:c2:
                    d9:8b:6e:af:04:53:70:39:bb:fe:b8:f0:98:7c:bd:
                    6c:24:00:ec:f2:8b:6c:e4:60:aa:5d:2e:92:d1:d9:
                    3b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.48.0/20
                  185.155.188.0/22
                IPv6:
                  2a07:9540::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206141

    Signature Algorithm: sha256WithRSAEncryption
         6a:ee:78:78:31:61:9c:d5:b0:32:57:40:fe:e9:38:69:4a:e6:
         a1:88:fb:92:dc:b2:39:8a:ff:36:c9:11:f1:39:01:64:89:3f:
         56:69:b2:af:8c:11:99:d1:7c:91:39:95:b7:cf:e3:96:86:de:
         b3:0c:4c:3b:1d:ba:08:c4:ca:5e:85:7d:12:4f:3f:cf:90:ec:
         aa:3f:fe:9b:7a:11:98:78:1a:ed:b3:3f:d2:5d:7f:10:13:bc:
         63:f0:ec:0a:2d:06:85:c2:db:77:47:bb:ad:a7:85:68:6a:7c:
         5a:53:0e:23:ce:d2:a1:66:92:43:1b:29:48:cd:30:6c:13:1d:
         0b:47:21:10:f9:cd:89:aa:32:88:ad:88:85:9a:c0:a0:27:86:
         4a:a7:f4:0c:72:39:3f:b2:78:1c:dd:63:f4:6f:c8:1b:f0:a0:
         61:f4:a2:8c:98:0d:d5:94:72:ea:c2:34:4c:34:75:c4:cd:fb:
         a5:b6:c3:e6:b0:18:f5:4d:59:89:7d:0d:76:74:de:4a:79:84:
         d1:e4:85:c0:13:00:56:ef:9e:aa:25:fa:5f:03:c3:aa:11:69:
         b5:32:0d:9c:03:13:8b:d7:23:5a:70:f8:26:10:59:34:76:e2:
         a3:2a:f2:3c:c0:07:31:35:62:a8:33:8b:f1:d2:f8:4b:05:08:
         a8:2f:08:0e
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzEJMwBqQAaVjXmBfy4zOIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUxN2UwN2IwNGRjNzZjOWQ2YzkxZmFmYzJkNWE4NDAyYzY0YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bXkFlRDMhrJSktpvpHrKfLsfkp/
ZNAemPv50za/cWnkIuo5yBydU5dOoIMJALLyBClP8oSt+U2Uq38jzS+0w7feRrD8
5/FBtGfdzEqoP+WuV3cME4g/xVQC0aU/KU3IiqhQUgNq5z4XCgbHOzdxTIL2dAsc
13Al9zEmWx19UvFM3DGkfxMeJb8VUPDSdgEBfPNw5dRDLml/LGHH32VDclWfn0vU
jkVulqXJfnTIm6jZwXtkNPs/SvYNKFN3o1TG8dPTWkaEp8fC7QIZM56Tom2LZFIt
/y/3R6pKj1U9WMLZi26vBFNwObv+uPCYfL1sJADs8ots5GCqXS6S0dk7TQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFOThfgewTcdsnWyR+vwtWoQCxkuOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzQyYmU1
Zi0yNDMyLTQ4OTktYTRmZi0xOThhZGRhNWEyODEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNDJiZTVm
LTI0MzItNDg5OS1hNGZmLTE5OGFkZGE1YTI4MS8xLzVPRi1CN0JOeDJ5ZGJKSDZf
QzFhaEFMR1M0NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEkxwwAwQCuZu8MA0EAgACMAcDBQMqB5VAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMlPTANBgkqhkiG9w0BAQsFAAOCAQEAau54
eDFhnNWwMldA/uk4aUrmoYj7ktyyOYr/NskR8TkBZIk/Vmmyr4wRmdF8kTmVt8/j
lobeswxMOx26CMTKXoV9Ek8/z5Dsqj/+m3oRmHga7bM/0l1/EBO8Y/DsCi0GhcLb
d0e7raeFaGp8WlMOI87SoWaSQxspSM0wbBMdC0chEPnNiaoyiK2IhZrAoCeGSqf0
DHI5P7J4HN1j9G/IG/CgYfSijJgN1ZRy6sI0TDR1xM37pbbD5rAY9U1ZiX0NdnTe
SnmE0eSFwBMAVu+eqiX6XwPDqhFptTINnAMTi9cjWnD4JhBZNHbioyryPMAHMTVi
qDOL8dL4SwUIqC8IDg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:36 2024 by rpki-client on console-ams.rpki-client.org