Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6IPR0jE6FOhln2BKZdZc45o_gms.cer
File:                     6IPR0jE6FOhln2BKZdZc45o_gms.cer (raw, json)
Hash identifier:          aq/deIvUOVhXCR/atQy1IU8xdjH+aLFwDvhJHa9qrzY=
Subject key identifier:   E8:83:D1:D2:31:3A:14:E8:65:9F:60:4A:65:D6:5C:E3:9A:3F:82:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26CF0D751EC4CC90190A3759E6C8408
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.folf.systems/repo/Folf-Systems/0/E883D1D2313A14E8659F604A65D65CE39A3F826B.mft
caRepository:             rsync://rpki.folf.systems/repo/Folf-Systems/0/
Notify URL:               https://rpki.folf.systems/rrdp/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200360
                          IP: 2001:67c:b38::/48
                          IP: 2001:67c:b3c::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6c:f0:d7:51:ec:4c:c9:01:90:a3:75:9e:6c:84:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e883d1d2313a14e8659f604a65d65ce39a3f826b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:80:99:40:c6:3a:5c:02:2d:77:f7:89:6c:9a:
                    c7:86:6a:0a:6a:55:e9:1a:46:1b:43:a3:83:1f:96:
                    b4:11:db:c6:00:57:3c:59:cd:23:4b:1c:ef:20:57:
                    60:4a:85:8c:27:33:df:75:ab:19:53:05:9b:29:30:
                    ae:7e:8b:90:a2:98:4f:f4:24:49:2f:d0:d6:29:9b:
                    22:30:97:5c:90:5b:a3:50:3b:85:84:da:16:67:8c:
                    6f:2d:c7:75:1d:e9:2a:11:e6:9c:1b:29:7b:aa:d8:
                    d0:2f:e1:dd:1b:38:20:1b:10:41:35:f4:b5:d0:73:
                    13:03:72:bf:ac:d7:69:92:be:d6:f8:3d:eb:ce:b1:
                    6a:54:0b:7d:f4:f4:d2:ef:cc:24:ba:87:ff:36:4a:
                    57:13:be:a1:7d:39:6f:54:d6:e4:18:d9:3b:d1:cd:
                    0f:01:e2:e4:2d:da:38:10:cf:69:02:9d:ae:3a:59:
                    50:38:73:67:5f:6f:25:be:80:b6:34:6f:db:4d:2d:
                    eb:ae:9a:ae:d6:a3:b2:a0:ec:22:64:c9:1e:9a:d4:
                    8a:e9:68:d1:fb:ad:c1:c6:43:a9:3d:5e:46:91:42:
                    cb:30:96:90:73:fc:ec:3e:26:36:8e:24:48:cc:2a:
                    5b:4d:7c:0c:fc:db:20:ae:6c:84:17:7e:c6:16:a2:
                    e3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:83:D1:D2:31:3A:14:E8:65:9F:60:4A:65:D6:5C:E3:9A:3F:82:6B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.folf.systems/repo/Folf-Systems/0/
                RPKI Manifest - URI:rsync://rpki.folf.systems/repo/Folf-Systems/0/E883D1D2313A14E8659F604A65D65CE39A3F826B.mft
                RPKI Notify - URI:https://rpki.folf.systems/rrdp/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:b38::/48
                  2001:67c:b3c::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200360

    Signature Algorithm: sha256WithRSAEncryption
         9c:44:a4:e6:da:6b:ac:bb:fa:a7:e9:e0:ff:3f:5f:d4:b2:38:
         7f:2e:61:40:03:77:2a:7c:91:5d:6b:0e:5c:d2:6d:9d:06:24:
         74:80:61:9d:8d:38:dd:b2:94:58:b4:35:3d:98:4e:bb:79:ea:
         24:df:59:4a:7b:84:cd:c6:78:03:a2:75:5a:80:7a:ae:f3:d8:
         8a:e0:95:33:00:0d:fc:5b:ba:bc:32:97:8b:da:cd:01:1d:06:
         f3:96:a5:8d:30:a8:41:00:b9:f3:83:e4:06:ba:77:8c:4b:43:
         c5:87:9f:c1:d4:7e:18:2b:fa:01:69:a3:92:d4:b6:5b:1a:09:
         0c:da:70:ec:12:45:d9:ce:cc:09:4c:dd:72:39:6f:b5:95:da:
         79:fc:ff:6b:8c:56:ab:2a:e3:1d:2a:de:68:8c:ef:fa:03:40:
         24:c8:c3:18:a3:20:de:0d:ef:d3:a7:09:1a:d3:bd:5f:4d:00:
         9d:aa:1a:00:4f:5b:cb:3b:a9:c2:88:48:a7:18:72:27:d6:08:
         fb:39:0a:21:94:7f:6a:cd:b9:65:bb:b9:72:c3:93:92:c7:12:
         2c:79:43:3d:54:d4:b2:47:90:ec:61:ec:30:be:71:02:4f:a8:
         53:a3:af:ea:ea:0d:e5:72:f1:16:ea:c9:c4:6e:ad:8d:38:fc:
         76:00:66:ff
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzCbPDXUexMyQGQo3WebIQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODgzZDFkMjMxM2ExNGU4NjU5ZjYwNGE2NWQ2NWNlMzlhM2Y4MjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYCZQMY6XAItd/eJbJrHhmoKalXp
GkYbQ6ODH5a0EdvGAFc8Wc0jSxzvIFdgSoWMJzPfdasZUwWbKTCufouQophP9CRJ
L9DWKZsiMJdckFujUDuFhNoWZ4xvLcd1HekqEeacGyl7qtjQL+HdGzggGxBBNfS1
0HMTA3K/rNdpkr7W+D3rzrFqVAt99PTS78wkuof/NkpXE76hfTlvVNbkGNk70c0P
AeLkLdo4EM9pAp2uOllQOHNnX28lvoC2NG/bTS3rrpqu1qOyoOwiZMkemtSK6WjR
+63BxkOpPV5GkULLMJaQc/zsPiY2jiRIzCpbTXwM/NsgrmyEF37GFqLjAwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFOiD0dIxOhToZZ9gSmXWXOOaP4JrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgfEGCCsGAQUFBwELBIHkMIHhMDoGCCsGAQUFBzAFhi5yc3lu
YzovL3Jwa2kuZm9sZi5zeXN0ZW1zL3JlcG8vRm9sZi1TeXN0ZW1zLzAvMGYGCCsG
AQUFBzAKhlpyc3luYzovL3Jwa2kuZm9sZi5zeXN0ZW1zL3JlcG8vRm9sZi1TeXN0
ZW1zLzAvRTg4M0QxRDIzMTNBMTRFODY1OUY2MDRBNjVENjVDRTM5QTNGODI2Qi5t
ZnQwOwYIKwYBBQUHMA2GL2h0dHBzOi8vcnBraS5mb2xmLnN5c3RlbXMvcnJkcC9u
b3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhW
VjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAIAEGfAs4AwcAIAEGfAs8MBoGCCsGAQUFBwEIAQH/
BAswCaAHMAUCAwMOqDANBgkqhkiG9w0BAQsFAAOCAQEAnESk5tprrLv6p+ng/z9f
1LI4fy5hQAN3KnyRXWsOXNJtnQYkdIBhnY043bKUWLQ1PZhOu3nqJN9ZSnuEzcZ4
A6J1WoB6rvPYiuCVMwAN/Fu6vDKXi9rNAR0G85aljTCoQQC584PkBrp3jEtDxYef
wdR+GCv6AWmjktS2WxoJDNpw7BJF2c7MCUzdcjlvtZXaefz/a4xWqyrjHSreaIzv
+gNAJMjDGKMg3g3v06cJGtO9X00AnaoaAE9byzupwohIpxhyJ9YI+zkKIZR/as25
Zbu5csOTkscSLHlDPVTUskeQ7GHsML5xAk+oU6Ov6uoN5XLxFurJxG6tjTj8dgBm
/w==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:42:42 2024 by rpki-client on console-ams.rpki-client.org