Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer
File:                     6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer (raw, json)
Hash identifier:          OI0fvWbe2RTW079TCpWTQVdplzkI2vzZTywq2K2cfZg=
Subject key identifier:   E9:8D:C5:E7:82:58:E4:26:73:9B:D8:8C:2D:4C:20:0A:AD:F3:BF:13
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DD006361EECE36B4B8A7C461DF4602
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/6Y3F54JY5CZzm9iMLUwgCq3zvxM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:30:44 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201376
                          IP: 185.1.2.0/24
                          IP: 2001:7f8:81::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dd:00:63:61:ee:ce:36:b4:b8:a7:c4:61:df:46:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:30:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e98dc5e78258e426739bd88c2d4c200aadf3bf13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e8:27:fb:8e:11:cf:41:01:6c:40:d8:c5:06:
                    7a:50:09:3c:32:b1:8b:95:ab:97:d5:79:36:f2:01:
                    df:19:9b:ac:48:75:b3:42:78:c2:bb:e7:0e:23:86:
                    a7:9b:bf:51:d4:c8:ea:90:52:fe:4b:3b:8f:f3:e9:
                    37:cb:e4:c6:82:a6:88:94:b0:28:6f:ad:94:2e:d9:
                    08:4a:b5:01:4d:71:65:e5:45:55:7f:8e:cf:6d:52:
                    5f:b2:d5:d3:a4:0e:0c:89:0a:3a:cb:7b:c7:c2:a7:
                    cb:15:fe:e6:4a:ff:9f:12:40:f7:61:b4:2b:21:70:
                    10:31:85:76:b0:69:02:40:0d:6c:0a:4c:97:b3:9c:
                    7a:99:05:28:a0:65:56:4b:80:aa:e8:9d:f6:22:fb:
                    26:37:ce:bf:28:4c:f1:c8:6f:8c:ee:1d:18:e4:d1:
                    e7:4e:9b:1d:65:a8:ea:53:59:da:fd:94:87:bc:0a:
                    3e:91:6b:65:a8:1e:9c:64:7e:3d:0b:8a:94:31:23:
                    1b:25:e9:9f:3f:07:88:5a:2e:24:d3:85:59:28:ba:
                    8c:a5:0f:e9:b5:54:20:2e:71:95:51:36:50:9a:c4:
                    45:15:0f:53:83:0f:7e:57:70:b7:d3:09:c9:6c:3b:
                    85:45:29:52:7d:68:92:ea:d3:3b:0e:a0:25:3f:d0:
                    5a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:8D:C5:E7:82:58:E4:26:73:9B:D8:8C:2D:4C:20:0A:AD:F3:BF:13
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/6Y3F54JY5CZzm9iMLUwgCq3zvxM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.2.0/24
                IPv6:
                  2001:7f8:81::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201376

    Signature Algorithm: sha256WithRSAEncryption
         26:b8:09:15:0d:1c:fc:27:64:09:4b:88:b4:4a:4b:d9:e0:96:
         32:85:7b:c3:5b:ff:9f:68:f6:11:70:96:94:77:9c:49:07:d9:
         75:e6:ad:00:b3:20:00:d0:6f:33:fa:1f:8b:dd:fa:0b:92:fa:
         00:46:31:16:25:75:15:28:b9:ad:81:81:da:6c:3e:a4:5a:b8:
         7f:55:25:a0:ee:cb:f1:c9:d2:76:5a:01:91:fb:6d:88:56:94:
         28:ff:b6:c8:c2:8e:ba:9a:2d:8b:78:ad:aa:c2:0b:27:bf:f9:
         ef:c3:a4:83:4e:f2:2c:75:76:23:a0:a2:df:1b:58:6a:a7:24:
         ca:72:10:5d:98:df:84:db:fb:8c:94:86:42:84:d5:fa:bc:a8:
         ba:4f:a4:42:5e:38:51:72:f7:8b:12:98:57:5e:d3:71:91:8f:
         ba:71:00:5d:30:f7:3d:fd:4c:6c:c4:c2:e1:4b:b3:f3:66:30:
         c8:8d:34:aa:73:f6:28:9c:43:b0:f8:e1:33:bd:c9:47:ae:b0:
         27:ad:a1:9c:29:2a:93:db:9b:83:08:23:a3:ae:c4:49:97:c5:
         0b:f9:ac:93:40:ef:38:5c:53:29:4f:f4:88:bd:58:4c:d9:82:
         1e:05:f9:69:a0:1b:a6:97:cf:14:bd:1c:4c:f7:a3:d1:08:b3:
         b1:5c:25:0c
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYzF3QBjYe7ONrS4p8Rh30YCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThkYzVlNzgyNThlNDI2NzM5YmQ4OGMyZDRjMjAwYWFkZjNiZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyegn+44Rz0EBbEDYxQZ6UAk8MrGL
lauX1Xk28gHfGZusSHWzQnjCu+cOI4anm79R1MjqkFL+SzuP8+k3y+TGgqaIlLAo
b62ULtkISrUBTXFl5UVVf47PbVJfstXTpA4MiQo6y3vHwqfLFf7mSv+fEkD3YbQr
IXAQMYV2sGkCQA1sCkyXs5x6mQUooGVWS4Cq6J32IvsmN86/KEzxyG+M7h0Y5NHn
TpsdZajqU1na/ZSHvAo+kWtlqB6cZH49C4qUMSMbJemfPweIWi4k04VZKLqMpQ/p
tVQgLnGVUTZQmsRFFQ9Tgw9+V3C30wnJbDuFRSlSfWiS6tM7DqAlP9BakQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFOmNxeeCWOQmc5vYjC1MIAqt878TMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U4LzRkN2Y2
ZS1jNmRmLTQxZDctOGZmZC01MDg5YjYwMmJmYzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgvNGQ3ZjZl
LWM2ZGYtNDFkNy04ZmZkLTUwODliNjAyYmZjMi8xLzZZM0Y1NEpZNUNaem05aU1M
VXdnQ3EzenZ4TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAuQECMA8EAgACMAkDBwAgAQf4AIEwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAxKgMA0GCSqGSIb3DQEBCwUAA4IBAQAmuAkVDRz8
J2QJS4i0SkvZ4JYyhXvDW/+faPYRcJaUd5xJB9l15q0AsyAA0G8z+h+L3foLkvoA
RjEWJXUVKLmtgYHabD6kWrh/VSWg7svxydJ2WgGR+22IVpQo/7bIwo66mi2LeK2q
wgsnv/nvw6SDTvIsdXYjoKLfG1hqpyTKchBdmN+E2/uMlIZChNX6vKi6T6RCXjhR
cveLEphXXtNxkY+6cQBdMPc9/UxsxMLhS7PzZjDIjTSqc/YonEOw+OEzvclHrrAn
raGcKSqT25uDCCOjrsRJl8UL+ayTQO84XFMpT/SIvVhM2YIeBflpoBuml88UvRxM
96PRCLOxXCUM
-----END CERTIFICATE-----
Generated at Thu Mar 28 17:37:53 2024 by rpki-client on console-fra.rpki-client.org