Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5PsAkkl_gp8ZtQL3ed8DEKIt3Wk.cer
File:                     5PsAkkl_gp8ZtQL3ed8DEKIt3Wk.cer (raw, json)
Hash identifier:          D4/x2RQuvHwmJUzxvlvPJLFGmxwsztE8eBSt4nJD+KQ=
Subject key identifier:   E4:FB:00:92:49:7F:82:9F:19:B5:02:F7:79:DF:03:10:A2:2D:DD:69
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC1EA8F53F6AF1EEE87120584E68ED
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2e/96f45f-2450-4612-8400-92c272f38c3e/1/5PsAkkl_gp8ZtQL3ed8DEKIt3Wk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2e/96f45f-2450-4612-8400-92c272f38c3e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:29:46 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 199825

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:1e:a8:f5:3f:6a:f1:ee:e8:71:20:58:4e:68:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e4fb0092497f829f19b502f779df0310a22ddd69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a5:d5:ec:3e:f2:5f:1e:8c:2e:54:86:28:d4:
                    51:eb:0a:f7:4c:d5:78:c7:ed:90:8e:8f:ae:76:00:
                    c1:7f:25:18:ba:ee:aa:ba:f3:36:b9:8d:db:f9:db:
                    62:ab:d9:7b:ef:7e:a8:fc:1d:d3:c2:d2:35:13:6a:
                    45:41:fd:e2:8f:82:b4:b8:71:e3:6a:bb:90:c5:5b:
                    84:ae:02:22:8e:f3:35:e3:f0:1f:7a:03:66:1b:1d:
                    d7:5e:4d:06:81:b6:e6:86:82:63:66:36:16:13:a2:
                    5f:78:b7:c0:e2:26:54:65:03:a9:b1:1a:60:c8:7b:
                    6a:1b:84:1b:54:75:c7:81:88:7d:ed:60:70:58:6b:
                    55:08:12:b1:40:ec:34:17:24:19:0b:4d:a9:6c:78:
                    c2:6a:dc:e5:2f:b5:28:2f:6a:44:f4:f1:3b:68:5a:
                    ff:12:22:ec:b0:c2:f8:10:bc:cd:ac:11:d1:43:07:
                    94:9e:5b:39:42:10:e8:09:d0:b7:18:f5:46:76:d8:
                    5b:2f:92:15:31:a0:66:a0:16:fb:5d:0d:f5:ed:4c:
                    fa:41:37:d5:99:cf:2b:a7:a8:e8:a5:9b:7e:13:60:
                    21:3b:17:3d:fa:84:2b:dd:dd:10:b9:5a:78:2d:71:
                    1a:0a:2a:52:2c:63:60:5c:a4:64:13:f5:c8:a6:9d:
                    2f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:FB:00:92:49:7F:82:9F:19:B5:02:F7:79:DF:03:10:A2:2D:DD:69
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/96f45f-2450-4612-8400-92c272f38c3e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/96f45f-2450-4612-8400-92c272f38c3e/1/5PsAkkl_gp8ZtQL3ed8DEKIt3Wk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199825

    Signature Algorithm: sha256WithRSAEncryption
         07:8a:db:fc:83:f6:89:ef:00:5f:9e:9d:6d:60:bb:68:ed:e8:
         d0:72:c5:65:d0:6d:a3:f9:5e:f2:e2:63:21:12:df:68:a4:22:
         7a:e7:cf:72:26:01:cc:f2:a4:4c:1c:6f:60:c0:23:b5:c7:5b:
         95:a3:47:3b:55:53:6c:65:3b:9e:eb:7c:05:97:a8:54:5c:b2:
         b6:db:52:7a:28:9c:5d:68:c4:fb:c7:96:fc:04:d2:00:69:e6:
         b8:37:b9:68:63:59:e1:f1:18:36:66:46:9f:de:61:e0:a6:ab:
         84:ba:25:f6:38:e1:41:c3:70:c9:e9:70:3b:46:40:36:7d:91:
         6e:1f:7c:97:0b:ae:7e:d7:6e:3a:58:36:f1:e0:3e:cd:c6:fb:
         22:f0:97:86:a8:3a:e3:a7:cb:81:46:d1:61:cd:59:73:a5:49:
         eb:54:75:9e:f2:93:da:eb:be:6d:1f:16:05:ba:c0:2d:e6:33:
         4b:db:89:6a:5c:0b:48:b5:8f:a0:e2:bf:5c:4e:21:f5:84:6e:
         38:29:a6:a9:02:49:7f:f3:10:d4:e3:6e:38:ac:03:bb:82:fe:
         c5:1f:45:75:20:83:ca:6b:33:ba:16:85:74:fd:c7:55:ac:bd:
         13:cc:c4:40:6a:e6:51:b4:58:76:eb:6c:0a:36:ac:1b:08:a6:
         1c:3b:66:ba
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzF3B6o9T9q8e7ocSBYTmjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGZiMDA5MjQ5N2Y4MjlmMTliNTAyZjc3OWRmMDMxMGEyMmRkZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqXV7D7yXx6MLlSGKNRR6wr3TNV4
x+2Qjo+udgDBfyUYuu6quvM2uY3b+dtiq9l7736o/B3TwtI1E2pFQf3ij4K0uHHj
aruQxVuErgIijvM14/AfegNmGx3XXk0GgbbmhoJjZjYWE6JfeLfA4iZUZQOpsRpg
yHtqG4QbVHXHgYh97WBwWGtVCBKxQOw0FyQZC02pbHjCatzlL7UoL2pE9PE7aFr/
EiLssML4ELzNrBHRQweUnls5QhDoCdC3GPVGdthbL5IVMaBmoBb7XQ317Uz6QTfV
mc8rp6jopZt+E2AhOxc9+oQr3d0QuVp4LXEaCipSLGNgXKRkE/XIpp0v/QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOT7AJJJf4KfGbUC93nfAxCiLd1pMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJlLzk2ZjQ1
Zi0yNDUwLTQ2MTItODQwMC05MmMyNzJmMzhjM2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUvOTZmNDVm
LTI0NTAtNDYxMi04NDAwLTkyYzI3MmYzOGMzZS8xLzVQc0Fra2xfZ3A4WnRRTDNl
ZDhERUtJdDNXay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMMkTANBgkqhkiG9w0BAQsFAAOCAQEAB4rb/IP2ie8A
X56dbWC7aO3o0HLFZdBto/le8uJjIRLfaKQieufPciYBzPKkTBxvYMAjtcdblaNH
O1VTbGU7nut8BZeoVFyytttSeiicXWjE+8eW/ATSAGnmuDe5aGNZ4fEYNmZGn95h
4KarhLol9jjhQcNwyelwO0ZANn2Rbh98lwuuftduOlg28eA+zcb7IvCXhqg646fL
gUbRYc1Zc6VJ61R1nvKT2uu+bR8WBbrALeYzS9uJalwLSLWPoOK/XE4h9YRuOCmm
qQJJf/MQ1ONuOKwDu4L+xR9FdSCDymszuhaFdP3HVay9E8zEQGrmUbRYdutsCjas
GwimHDtmug==
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:15:37 2024 by rpki-client on console-fra.rpki-client.org