Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5tM83lfaCcfZM3ce6hQllAdvmiM.cer
File:                     5tM83lfaCcfZM3ce6hQllAdvmiM.cer (raw, json)
Hash identifier:          SLSSFashJMRP5drM5uveKZp9uOl+rMEdc/qD6qNyZhk=
Subject key identifier:   E6:D3:3C:DE:57:DA:09:C7:D9:33:77:1E:EA:14:25:94:07:6F:9A:23
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC49292BC6BDBB010F9782B1FF13F371D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ed/4f9d4c-1946-4af9-8c22-419753d3f88d/1/5tM83lfaCcfZM3ce6hQllAdvmiM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ed/4f9d4c-1946-4af9-8c22-419753d3f88d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:29:49 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.245.220.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:92:bc:6b:db:b0:10:f9:78:2b:1f:f1:3f:37:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e6d33cde57da09c7d933771eea142594076f9a23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a0:95:46:5a:76:1c:d3:5a:7c:29:35:5c:20:
                    f4:54:9d:9a:77:ad:14:db:e4:ff:2e:76:a4:dd:3c:
                    f7:d9:a1:ed:3f:1a:02:24:77:7a:db:bf:0a:81:85:
                    ac:d7:48:e6:ee:2b:0f:8e:d6:0f:b1:26:d3:42:3a:
                    88:80:af:60:f5:00:a9:8d:a0:00:f6:e7:80:1a:d2:
                    d6:8d:fa:bb:69:18:df:db:25:eb:e0:6d:6f:2b:72:
                    b7:fd:37:34:4c:67:2e:2c:a5:e0:84:7a:f8:a9:aa:
                    32:dd:87:3b:5e:6f:98:c1:b2:12:e8:75:98:74:48:
                    58:a5:fb:8f:29:74:7b:a2:b1:2d:fb:9b:13:5f:ea:
                    5e:82:30:36:68:1a:66:d5:93:2c:b4:54:62:ba:2e:
                    81:c2:36:94:44:2f:d1:7d:4d:a9:1b:06:8a:1b:21:
                    8b:e2:55:9f:c4:2e:d5:5b:0f:2a:11:f0:f5:6c:a8:
                    07:b5:4c:e0:4c:ff:53:5a:93:84:5f:df:05:4a:96:
                    93:8d:da:65:2f:f7:cb:af:96:60:64:6f:43:34:4c:
                    85:01:1c:f0:c0:b6:1f:24:f2:5a:d3:ea:c6:15:71:
                    71:51:84:b5:2d:1e:ee:96:21:ed:a3:12:0f:36:f5:
                    30:7c:da:7c:8f:87:4b:04:f6:b4:89:32:75:ee:48:
                    45:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:D3:3C:DE:57:DA:09:C7:D9:33:77:1E:EA:14:25:94:07:6F:9A:23
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4f9d4c-1946-4af9-8c22-419753d3f88d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4f9d4c-1946-4af9-8c22-419753d3f88d/1/5tM83lfaCcfZM3ce6hQllAdvmiM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:2a:ec:d8:a7:b0:e2:6c:72:39:43:f6:fb:34:1e:29:f2:46:
         70:92:4f:f6:9d:9d:02:9c:1c:41:c7:84:2a:15:44:5d:5d:b6:
         51:62:3c:fd:d5:e6:cb:8e:ab:80:ae:e9:f8:2e:72:86:85:ee:
         22:df:ab:de:70:76:97:54:a6:ad:2e:75:cc:02:2b:8c:25:28:
         65:ba:60:84:5a:41:2f:10:a8:68:0e:65:15:65:62:1e:1a:80:
         d5:bb:f9:3f:32:25:0e:fc:3e:bd:11:a0:8d:7e:c2:d3:15:5c:
         e6:52:7d:c6:fd:45:85:76:ae:16:34:b6:af:55:2d:d2:08:0a:
         5e:79:0e:13:c9:19:e8:62:6e:9d:f8:ff:d7:39:1c:cc:18:93:
         f6:44:2d:a4:10:4a:25:5a:aa:ca:bf:b1:a7:b0:a1:3c:f8:5e:
         b6:2b:44:8e:c2:fb:f4:f4:38:58:12:b9:1a:d5:ec:5f:69:14:
         3e:4b:78:23:aa:19:ca:82:2a:26:27:21:de:16:40:ff:ab:ee:
         95:52:a8:31:ff:71:65:cf:f5:24:a3:d4:59:d8:24:00:70:27:
         12:13:8b:ad:2e:f0:87:db:44:59:17:08:47:ce:9c:a5:00:db:
         94:e9:bb:77:98:b5:29:a2:14:be:fb:1b:78:ba:7f:16:9b:d6:
         03:8a:e1:e3
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzEkpK8a9uwEPl4Kx/xPzcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQzM2NkZTU3ZGEwOWM3ZDkzMzc3MWVlYTE0MjU5NDA3NmY5YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6CVRlp2HNNafCk1XCD0VJ2ad60U
2+T/Lnak3Tz32aHtPxoCJHd6278KgYWs10jm7isPjtYPsSbTQjqIgK9g9QCpjaAA
9ueAGtLWjfq7aRjf2yXr4G1vK3K3/Tc0TGcuLKXghHr4qaoy3Yc7Xm+YwbIS6HWY
dEhYpfuPKXR7orEt+5sTX+pegjA2aBpm1ZMstFRiui6BwjaURC/RfU2pGwaKGyGL
4lWfxC7VWw8qEfD1bKgHtUzgTP9TWpOEX98FSpaTjdplL/fLr5ZgZG9DNEyFARzw
wLYfJPJa0+rGFXFxUYS1LR7uliHtoxIPNvUwfNp8j4dLBPa0iTJ17khFWQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFObTPN5X2gnH2TN3HuoUJZQHb5ojMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkLzRmOWQ0
Yy0xOTQ2LTRhZjktOGMyMi00MTk3NTNkM2Y4OGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvNGY5ZDRj
LTE5NDYtNGFmOS04YzIyLTQxOTc1M2QzZjg4ZC8xLzV0TTgzbGZhQ2NmWk0zY2U2
aFFsbEFkdm1pTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCufXcMA0GCSqGSIb3DQEBCwUAA4IBAQAiKuzY
p7DibHI5Q/b7NB4p8kZwkk/2nZ0CnBxBx4QqFURdXbZRYjz91ebLjquArun4LnKG
he4i36vecHaXVKatLnXMAiuMJShlumCEWkEvEKhoDmUVZWIeGoDVu/k/MiUO/D69
EaCNfsLTFVzmUn3G/UWFdq4WNLavVS3SCApeeQ4TyRnoYm6d+P/XORzMGJP2RC2k
EEolWqrKv7GnsKE8+F62K0SOwvv09DhYErka1exfaRQ+S3gjqhnKgiomJyHeFkD/
q+6VUqgx/3Flz/Uko9RZ2CQAcCcSE4utLvCH20RZFwhHzpylANuU6bt3mLUpohS+
+xt4un8Wm9YDiuHj
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:40:11 2024 by rpki-client on console-ams.rpki-client.org