Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6_WDiMYxyXfqUfyttQzSCnSS9ec.cer
File:                     6_WDiMYxyXfqUfyttQzSCnSS9ec.cer (raw, json)
Hash identifier:          GlTB0yV9gjyIUmb7YifV3TtecwVPjJFSEzg5zdqYxbw=
Subject key identifier:   EB:F5:83:88:C6:31:C9:77:EA:51:FC:AD:B5:0C:D2:0A:74:92:F5:E7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2A4121FC87FDA2FA84B002A6C581F8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/6_WDiMYxyXfqUfyttQzSCnSS9ec.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 213270
                          IP: 37.200.86.0/24
                          IP: 2a02:f980::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:41:21:fc:87:fd:a2:fa:84:b0:02:a6:c5:81:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ebf58388c631c977ea51fcadb50cd20a7492f5e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9a:5b:88:7a:27:f8:04:20:0e:80:45:ac:d2:
                    26:38:1f:09:3a:c5:74:f5:0d:c9:28:3f:bf:71:b3:
                    1e:81:e4:e2:55:e7:50:7f:44:fb:ba:9d:ad:2b:aa:
                    53:f0:ef:b3:37:0d:2d:59:5d:37:18:8d:6a:43:24:
                    3b:60:08:0a:0d:3c:6d:af:c2:68:5f:c5:bd:a4:23:
                    d7:b4:15:17:db:41:f9:7b:82:b0:db:9f:03:36:68:
                    5b:1a:51:ad:95:e1:0b:af:d8:2f:48:59:3f:10:9a:
                    4c:13:db:2c:b6:6b:4c:65:48:a8:6c:6e:41:46:6c:
                    42:88:a9:20:88:e4:cf:f6:76:2f:1b:48:cd:6a:be:
                    bb:a2:d4:cf:9b:c0:05:34:1d:54:0f:8c:b7:47:9c:
                    cb:6f:9b:6e:58:c1:77:0d:e9:04:84:1c:01:a2:54:
                    9c:a2:32:88:b0:25:07:a7:3f:29:ca:af:44:ec:67:
                    42:90:b1:ef:32:89:6f:05:7b:76:a8:0d:a8:33:8d:
                    48:45:ba:79:f5:8a:65:0d:34:2a:17:ad:fd:8e:49:
                    84:4e:e4:24:f8:2f:0b:b9:96:8c:20:44:82:1c:83:
                    d5:8b:82:93:31:c0:00:1d:91:aa:ad:f1:de:c1:57:
                    71:c6:ed:3f:39:47:ce:bd:aa:97:e7:2e:db:9e:19:
                    e3:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:F5:83:88:C6:31:C9:77:EA:51:FC:AD:B5:0C:D2:0A:74:92:F5:E7
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/6_WDiMYxyXfqUfyttQzSCnSS9ec.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.200.86.0/24
                IPv6:
                  2a02:f980::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213270

    Signature Algorithm: sha256WithRSAEncryption
         0c:0d:d5:0a:c7:f7:11:9a:c7:1e:73:0e:d0:fb:2d:9d:79:ef:
         97:a6:93:50:83:97:ad:68:82:a5:96:cf:63:2e:cd:13:cf:e7:
         90:1a:a2:ae:7d:00:72:5e:c1:ef:08:7a:5f:96:bb:0d:61:cf:
         4c:71:0c:e9:1c:c7:59:85:93:ca:a7:76:dd:30:f5:1a:4e:a6:
         5d:5c:3e:e9:fb:c4:07:58:7f:05:d3:25:dc:e9:ca:cc:fe:46:
         61:91:fd:58:2b:c4:2f:e1:53:d2:70:89:23:c2:a3:b0:8c:5f:
         7b:98:bc:6b:02:2d:4e:62:35:6c:78:f3:e6:3f:e9:3b:6d:24:
         0b:a0:b8:a9:93:d7:b2:31:a2:91:9f:71:28:60:d8:a5:5c:16:
         b5:ef:02:15:be:27:ff:63:19:8b:d1:5e:47:82:60:92:27:10:
         e1:2d:d1:91:cd:6a:be:05:ea:b0:07:ff:2e:95:cd:9c:6d:52:
         ec:11:77:44:87:03:8f:5b:0f:c4:21:88:a6:63:91:fd:8c:96:
         78:6f:c4:98:97:c0:9b:15:01:23:71:fa:a2:41:bb:4c:9b:22:
         6a:83:ed:1a:6c:88:d1:61:f5:f2:f2:b9:a0:7f:ae:f2:11:2e:
         07:d0:ac:8b:8b:66:c1:16:dc:3c:34:58:e5:de:a1:20:23:a4:
         8d:33:64:a8
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzKKkEh/If9ovqEsAKmxYH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmY1ODM4OGM2MzFjOTc3ZWE1MWZjYWRiNTBjZDIwYTc0OTJmNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZpbiHon+AQgDoBFrNImOB8JOsV0
9Q3JKD+/cbMegeTiVedQf0T7up2tK6pT8O+zNw0tWV03GI1qQyQ7YAgKDTxtr8Jo
X8W9pCPXtBUX20H5e4Kw258DNmhbGlGtleELr9gvSFk/EJpME9sstmtMZUiobG5B
RmxCiKkgiOTP9nYvG0jNar67otTPm8AFNB1UD4y3R5zLb5tuWMF3DekEhBwBolSc
ojKIsCUHpz8pyq9E7GdCkLHvMolvBXt2qA2oM41IRbp59YplDTQqF639jkmETuQk
+C8LuZaMIESCHIPVi4KTMcAAHZGqrfHewVdxxu0/OUfOvaqX5y7bnhnjdQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOv1g4jGMcl36lH8rbUM0gp0kvXnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzczLzFjOGJl
ZS04ZGY4LTQxMDItYTRlYy00ZjFhZGUxZGEyMGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMvMWM4YmVl
LThkZjgtNDEwMi1hNGVjLTRmMWFkZTFkYTIwZC8xLzZfV0RpTVl4eVhmcVVmeXR0
UXpTQ25TUzllYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAJchWMA0EAgACMAcDBQAqAvmAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNBFjANBgkqhkiG9w0BAQsFAAOCAQEADA3VCsf3EZrH
HnMO0PstnXnvl6aTUIOXrWiCpZbPYy7NE8/nkBqirn0Acl7B7wh6X5a7DWHPTHEM
6RzHWYWTyqd23TD1Gk6mXVw+6fvEB1h/BdMl3OnKzP5GYZH9WCvEL+FT0nCJI8Kj
sIxfe5i8awItTmI1bHjz5j/pO20kC6C4qZPXsjGikZ9xKGDYpVwWte8CFb4n/2MZ
i9FeR4JgkicQ4S3Rkc1qvgXqsAf/LpXNnG1S7BF3RIcDj1sPxCGIpmOR/YyWeG/E
mJfAmxUBI3H6okG7TJsiaoPtGmyI0WH18vK5oH+u8hEuB9Csi4tmwRbcPDRY5d6h
ICOkjTNkqA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:55 2024 by rpki-client on console-ams.rpki-client.org