Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6QOzpacoCqn-K_-pBlwrKgGld8w.cer
File:                     6QOzpacoCqn-K_-pBlwrKgGld8w.cer (raw, json)
Hash identifier:          3BUvLIwGnSu7YCqxCDIxKupXqtsiZW4BM6MvIyF14JM=
Subject key identifier:   E9:03:B3:A5:A7:28:0A:A9:FE:2B:FF:A9:06:5C:2B:2A:01:A5:77:CC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DF179AAC6C37F9BEE1749699DB13E7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/25/58b557-27a9-46aa-9dee-4cec696833ed/1/6QOzpacoCqn-K_-pBlwrKgGld8w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/25/58b557-27a9-46aa-9dee-4cec696833ed/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:52 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201441
                          IP: 193.168.16.0 -- 193.168.45.255

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:17:9a:ac:6c:37:f9:be:e1:74:96:99:db:13:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e903b3a5a7280aa9fe2bffa9065c2b2a01a577cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:79:e3:94:d9:8d:29:b8:9f:4a:e5:3a:5a:c7:
                    b8:6e:78:ee:ba:49:f8:74:db:2a:88:fb:e4:ab:59:
                    8a:82:9a:dc:b7:db:96:18:d1:b2:05:71:16:1f:2e:
                    c7:e1:2c:e2:c0:06:dc:33:1c:72:8d:fe:e3:89:93:
                    b5:bc:9a:27:14:79:8e:b8:c3:3a:91:5a:4a:54:82:
                    bf:0e:a1:e5:1e:3b:5c:5c:c9:0e:ad:1f:19:48:8c:
                    27:67:56:1a:bd:d2:b4:ee:ae:6d:d6:87:7b:db:04:
                    7f:99:29:c4:53:b9:f4:83:01:f1:49:3f:d1:c7:7e:
                    3c:ef:0e:35:4a:b8:da:12:40:1e:84:33:95:11:c9:
                    0d:cb:b0:5c:91:ab:9e:47:51:fb:32:bd:f6:ec:31:
                    b6:9d:32:86:77:f7:a0:fc:ef:34:ff:b7:b0:5e:8e:
                    cd:1c:77:e0:cc:08:9b:5d:5d:5c:48:04:92:56:a4:
                    fb:b8:fa:cd:fc:a7:83:0a:a2:9d:1f:64:b7:60:17:
                    7b:f8:ba:75:4b:40:6a:11:9f:03:b2:56:db:07:54:
                    18:36:d3:b1:8e:9f:53:7f:65:f0:85:0c:54:16:9f:
                    5b:32:48:af:c1:2d:34:8b:83:33:19:3f:e3:a8:23:
                    18:32:7b:d8:04:83:ae:d6:ec:cf:3f:4d:79:5f:7c:
                    99:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:03:B3:A5:A7:28:0A:A9:FE:2B:FF:A9:06:5C:2B:2A:01:A5:77:CC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58b557-27a9-46aa-9dee-4cec696833ed/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58b557-27a9-46aa-9dee-4cec696833ed/1/6QOzpacoCqn-K_-pBlwrKgGld8w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.168.16.0-193.168.45.255

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201441

    Signature Algorithm: sha256WithRSAEncryption
         05:05:3f:6c:a8:0b:77:da:cf:3f:76:56:85:d4:43:e2:a2:76:
         5e:00:5a:13:60:be:b2:83:33:16:36:6d:57:99:c5:89:05:75:
         6f:95:ab:f0:00:c0:e2:57:ad:8d:de:25:c3:d1:fe:05:91:a8:
         64:44:4b:d6:0f:a6:5a:db:f4:ca:8b:fd:3e:53:92:8f:36:b8:
         5b:5e:a2:84:c2:e0:92:d6:f5:09:c9:dc:03:f4:fe:85:04:5c:
         45:45:03:63:42:b6:b1:fc:8f:b6:a2:42:cc:09:d3:7f:f8:13:
         55:5e:72:4d:2f:68:5a:20:d5:08:2c:0a:52:ee:d4:50:fb:f9:
         6e:64:ac:b6:2b:47:83:bd:9e:1b:7a:6c:c7:29:1b:e6:67:19:
         c2:09:b2:9d:42:45:24:ec:17:87:fc:58:a1:9c:6b:45:46:b1:
         39:cd:0b:bc:0c:c5:c5:11:eb:be:a5:da:8c:39:3a:26:44:69:
         68:7b:c0:7e:b3:e5:45:1c:a3:24:3e:56:8f:06:58:39:1c:9d:
         e0:3f:1e:a4:63:71:38:81:0b:68:81:b5:87:11:0f:1c:3f:71:
         58:2d:dd:97:f1:b5:be:20:59:20:25:ea:a1:91:ab:1f:db:90:
         ad:82:3b:1e:d8:9b:ab:db:aa:91:36:15:b5:7a:73:0f:ad:84:
         f0:3d:85:a6
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYzI3xearGw3+b7hdJaZ2xPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTAzYjNhNWE3MjgwYWE5ZmUyYmZmYTkwNjVjMmIyYTAxYTU3N2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXnjlNmNKbifSuU6Wse4bnjuukn4
dNsqiPvkq1mKgprct9uWGNGyBXEWHy7H4SziwAbcMxxyjf7jiZO1vJonFHmOuMM6
kVpKVIK/DqHlHjtcXMkOrR8ZSIwnZ1YavdK07q5t1od72wR/mSnEU7n0gwHxST/R
x3487w41SrjaEkAehDOVEckNy7BckaueR1H7Mr327DG2nTKGd/eg/O80/7ewXo7N
HHfgzAibXV1cSASSVqT7uPrN/KeDCqKdH2S3YBd7+Lp1S0BqEZ8DslbbB1QYNtOx
jp9Tf2XwhQxUFp9bMkivwS00i4MzGT/jqCMYMnvYBIOu1uzPP015X3yZHwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFOkDs6WnKAqp/iv/qQZcKyoBpXfMMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzU4YjU1
Ny0yN2E5LTQ2YWEtOWRlZS00Y2VjNjk2ODMzZWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvNThiNTU3
LTI3YTktNDZhYS05ZGVlLTRjZWM2OTY4MzNlZC8xLzZRT3pwYWNvQ3FuLUtfLXBC
bHdyS2dHbGQ4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF
BwEHAQH/BBgwFjAUBAIAATAOMAwDBATBqBADBAHBqCwwGgYIKwYBBQUHAQgBAf8E
CzAJoAcwBQIDAxLhMA0GCSqGSIb3DQEBCwUAA4IBAQAFBT9sqAt32s8/dlaF1EPi
onZeAFoTYL6ygzMWNm1XmcWJBXVvlavwAMDiV62N3iXD0f4FkahkREvWD6Za2/TK
i/0+U5KPNrhbXqKEwuCS1vUJydwD9P6FBFxFRQNjQrax/I+2okLMCdN/+BNVXnJN
L2haINUILApS7tRQ+/luZKy2K0eDvZ4bemzHKRvmZxnCCbKdQkUk7BeH/FihnGtF
RrE5zQu8DMXFEeu+pdqMOTomRGloe8B+s+VFHKMkPlaPBlg5HJ3gPx6kY3E4gQto
gbWHEQ8cP3FYLd2X8bW+IFkgJeqhkasf25Ctgjse2Jur26qRNhW1enMPrYTwPYWm
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:59:39 2024 by rpki-client on console-fra.rpki-client.org