Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
File:                     5bz8EHfPh2iI-2x1suOUkjIF87U.cer (raw, json)
Hash identifier:          WKQZipNETM+hUUfbiP3G7gIJnCGodDJC+1rD1CPrDTA=
Subject key identifier:   E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4938EE71617DB0968588CCE4B83A16D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:30:53 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 211836

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:8e:e7:16:17:db:09:68:58:8c:ce:4b:83:a1:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:30:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5a:58:7e:9c:ed:49:e3:29:ec:a6:4a:9d:5e:
                    8a:39:6f:4b:e6:81:65:0d:86:c9:83:98:9c:d9:42:
                    77:0f:99:37:34:6f:5d:67:b2:e2:f5:24:62:1a:cc:
                    7a:85:09:1a:63:28:48:e8:05:ff:ef:b0:b7:30:4b:
                    73:be:b5:6c:dd:47:37:d2:e1:54:72:cc:23:db:ad:
                    01:4a:36:f0:8e:f2:f5:2f:0a:2c:30:12:a1:48:aa:
                    17:2b:14:cb:c1:de:81:80:43:0c:ad:4b:29:aa:fa:
                    d1:25:55:c3:8c:b7:0b:d1:bb:04:96:ac:5d:53:2a:
                    8d:b9:5d:6a:3f:eb:42:5f:0e:e8:42:a3:04:bf:db:
                    38:a7:b0:c2:15:6e:64:82:bb:8f:b7:9e:2e:13:53:
                    57:7f:41:82:38:97:e9:58:e9:bb:bd:93:eb:0a:06:
                    12:9a:28:af:b6:33:bc:1e:9d:b0:75:47:65:41:d1:
                    ba:f2:77:22:28:7f:bd:73:c1:99:c8:77:68:6a:51:
                    6c:9a:ac:8c:a6:4a:5f:d0:c7:3b:ae:07:d0:f8:76:
                    a8:06:be:10:59:a8:40:07:44:6d:ae:2f:07:01:7d:
                    f5:a0:81:9c:76:1c:97:3a:1f:22:25:2d:ad:e6:a9:
                    03:99:1a:3c:ab:42:20:6a:7d:fb:ba:3b:1d:c0:2f:
                    1d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211836

    Signature Algorithm: sha256WithRSAEncryption
         29:d0:3d:15:ea:33:fa:ff:7f:30:9b:6a:f5:5d:c3:99:c0:e4:
         3d:b6:06:5e:90:60:c7:45:df:90:36:16:1f:2e:c2:1f:33:8b:
         29:c0:ed:47:45:a4:54:11:f2:02:42:33:46:9a:d0:4b:8e:da:
         9a:a5:9f:f0:12:7b:7b:eb:49:88:0a:45:cf:d1:42:24:b8:9e:
         52:3a:08:71:4a:67:d3:da:5c:9b:e8:ab:f1:5e:3f:db:d6:88:
         96:8d:fa:e6:1d:fe:ca:68:cb:0e:f0:54:03:b3:3b:dd:77:4a:
         6f:25:b3:64:dd:dd:c3:41:9c:3b:45:46:a0:20:39:0d:51:48:
         58:fe:2b:6a:30:e2:32:70:12:b4:9c:84:b0:38:bf:fc:58:ec:
         5f:21:f2:8e:3f:e9:ab:20:63:70:20:e6:e2:65:ad:e9:2b:98:
         63:ba:31:b2:68:4e:89:2b:17:52:02:0e:8a:48:72:27:c3:75:
         9d:1b:1d:e1:37:85:32:c7:1c:2e:58:fa:fb:a1:dc:86:13:f7:
         86:1b:83:d7:08:38:3b:44:cc:92:e6:3d:9c:f5:4a:76:c0:9a:
         6c:4e:31:fc:fb:92:6d:6c:e6:06:41:3e:9c:b5:e2:96:12:9e:
         c5:00:9f:11:a8:92:79:c0:88:b0:dd:52:2e:12:9a:7e:c2:e0:
         27:bf:38:54
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzEk47nFhfbCWhYjM5Lg6FtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJjZmMxMDc3Y2Y4NzY4ODhmYjZjNzViMmUzOTQ5MjMyMDVmM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lpYfpztSeMp7KZKnV6KOW9L5oFl
DYbJg5ic2UJ3D5k3NG9dZ7Li9SRiGsx6hQkaYyhI6AX/77C3MEtzvrVs3Uc30uFU
cswj260BSjbwjvL1LwosMBKhSKoXKxTLwd6BgEMMrUspqvrRJVXDjLcL0bsElqxd
UyqNuV1qP+tCXw7oQqMEv9s4p7DCFW5kgruPt54uE1NXf0GCOJfpWOm7vZPrCgYS
miivtjO8Hp2wdUdlQdG68nciKH+9c8GZyHdoalFsmqyMpkpf0Mc7rgfQ+HaoBr4Q
WahAB0Rtri8HAX31oIGcdhyXOh8iJS2t5qkDmRo8q0Igan37ujsdwC8ddwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOW8/BB3z4doiPtsdbLjlJIyBfO1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmL2UwNWU3
Ny0xMmFlLTRmNTktOTQ5MS1jYWRkMTEyOWM5OGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvZTA1ZTc3
LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8xLzViejhFSGZQaDJpSS0yeDFz
dU9Va2pJRjg3VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM7fDANBgkqhkiG9w0BAQsFAAOCAQEAKdA9Feoz+v9/
MJtq9V3DmcDkPbYGXpBgx0XfkDYWHy7CHzOLKcDtR0WkVBHyAkIzRprQS47amqWf
8BJ7e+tJiApFz9FCJLieUjoIcUpn09pcm+ir8V4/29aIlo365h3+ymjLDvBUA7M7
3XdKbyWzZN3dw0GcO0VGoCA5DVFIWP4rajDiMnAStJyEsDi//FjsXyHyjj/pqyBj
cCDm4mWt6SuYY7oxsmhOiSsXUgIOikhyJ8N1nRsd4TeFMsccLlj6+6HchhP3hhuD
1wg4O0TMkuY9nPVKdsCabE4x/PuSbWzmBkE+nLXilhKexQCfEaiSecCIsN1SLhKa
fsLgJ784VA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:23:40 2024 by rpki-client on console-fra.rpki-client.org