Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
File:                     6_q_pigGP2uOmIhWb18_z6eYxiE.cer (raw, json)
Hash identifier:          byyKei/boTPkDY6HLZW3IX3xZ9kN0WSW2hTVoBKfX6c=
Subject key identifier:   EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC802FB7DEEDAA46DAF6C84BE51627141
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:31:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 80.79.144.0/20
                          IP: 185.125.156.0/22
                          IP: 2a06:b900::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:fb:7d:ee:da:a4:6d:af:6c:84:be:51:62:71:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:31:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:30:71:c7:ee:a7:60:89:ff:7c:3f:37:1e:7e:
                    61:bf:43:67:35:92:43:47:54:db:d8:3a:4c:fc:68:
                    b9:bc:d5:b3:39:52:ba:bf:da:71:ef:a8:07:82:4e:
                    72:ee:0f:8c:90:df:6d:59:5e:77:1e:06:5c:f3:96:
                    5f:04:26:1b:19:19:ee:21:86:80:b7:67:72:85:ce:
                    b8:de:54:03:3c:0f:3e:ee:00:c9:6d:bb:a6:b9:7c:
                    75:ed:45:0a:48:c5:bd:c9:39:ca:bd:0d:82:5a:f3:
                    17:3a:a7:e1:a7:e4:33:a7:cc:36:2d:a0:86:01:31:
                    9b:83:37:86:1f:61:7c:a8:0e:cd:4b:78:d0:cb:66:
                    81:09:16:b7:cb:cf:69:00:50:95:1b:a2:cf:05:53:
                    1b:ec:36:5b:c1:28:48:9c:f0:98:e1:03:57:52:48:
                    a9:d1:32:6c:85:ae:a1:4c:b0:22:d5:2b:f8:ee:b0:
                    7c:97:83:a8:bd:8b:3a:ad:d5:08:03:b1:ba:88:32:
                    49:20:86:8a:e0:02:0b:0f:1c:6e:5b:5c:24:3d:66:
                    60:5a:32:fe:3e:1c:a3:67:1d:dd:06:82:3d:d7:f6:
                    4b:38:74:d6:7a:4d:cd:64:b3:76:bd:e6:29:6a:b7:
                    d2:3a:cc:b9:fc:e8:fc:7b:f0:aa:72:57:b1:e6:f6:
                    c7:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.79.144.0/20
                  185.125.156.0/22
                IPv6:
                  2a06:b900::/29

    Signature Algorithm: sha256WithRSAEncryption
         a6:21:f9:30:82:db:76:6f:78:fb:c7:64:38:54:ef:09:bd:a1:
         c4:8a:5a:94:bc:0f:95:e5:55:b2:2a:9e:e9:94:a5:c4:33:2e:
         3e:ef:da:f8:41:4d:f1:57:92:04:ec:bf:7e:ea:d8:c0:31:aa:
         02:28:f8:2a:ba:45:33:96:72:fd:4f:ee:2b:df:09:6d:e2:82:
         50:ac:2d:5a:9c:be:28:09:c1:96:a1:9a:9c:f8:b5:ef:04:fb:
         71:da:14:3f:e6:30:e4:10:45:d4:01:91:5c:52:4e:7a:79:73:
         0e:c6:e9:93:12:7a:5b:70:7b:b0:25:d4:8b:71:93:24:9f:71:
         f7:47:64:6a:16:06:23:90:43:ee:45:2f:5b:61:3d:ba:bd:ac:
         46:00:ae:18:7d:4a:d8:37:b9:82:25:33:b6:8a:7c:78:c4:a2:
         3f:32:44:5c:91:0b:2e:65:20:42:a5:6b:10:42:ef:2c:bb:18:
         59:c2:14:02:ff:a0:10:8d:41:10:cb:77:6c:59:f1:11:62:7e:
         a9:b0:d0:be:23:a7:e6:f8:86:bb:15:a8:de:e8:f6:fe:52:a6:
         25:bd:86:8c:4b:48:bd:94:0c:ae:2e:98:05:1c:a0:c1:d5:b8:
         1e:cc:e3:1c:6e:58:40:f5:0c:67:2e:52:f9:eb:8b:c1:93:eb:
         e1:96:8f:23
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzIAvt97tqkba9shL5RYnFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmZhYmZhNjI4MDYzZjZiOGU5ODg4NTY2ZjVmM2ZjZmE3OThjNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTBxx+6nYIn/fD83Hn5hv0NnNZJD
R1Tb2DpM/Gi5vNWzOVK6v9px76gHgk5y7g+MkN9tWV53HgZc85ZfBCYbGRnuIYaA
t2dyhc643lQDPA8+7gDJbbumuXx17UUKSMW9yTnKvQ2CWvMXOqfhp+Qzp8w2LaCG
ATGbgzeGH2F8qA7NS3jQy2aBCRa3y89pAFCVG6LPBVMb7DZbwShInPCY4QNXUkip
0TJsha6hTLAi1Sv47rB8l4OovYs6rdUIA7G6iDJJIIaK4AILDxxuW1wkPWZgWjL+
PhyjZx3dBoI91/ZLOHTWek3NZLN2veYparfSOsy5/Oj8e/Cqclex5vbH8QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFOv6v6YoBj9rjpiIVm9fP8+nmMYhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JkL2EzYTMx
MS0zNzg0LTQ4MTgtYWJmOS1lNWZkNmU5ODQyYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQvYTNhMzEx
LTM3ODQtNDgxOC1hYmY5LWU1ZmQ2ZTk4NDJhYi8xLzZfcV9waWdHUDJ1T21JaFdi
MThfejZlWXhpRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEUE+QAwQCuX2cMA0EAgACMAcDBQMqBrkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCmIfkwgtt2b3j7x2Q4VO8JvaHEilqUvA+V5VWyKp7p
lKXEMy4+79r4QU3xV5IE7L9+6tjAMaoCKPgqukUzlnL9T+4r3wlt4oJQrC1anL4o
CcGWoZqc+LXvBPtx2hQ/5jDkEEXUAZFcUk56eXMOxumTEnpbcHuwJdSLcZMkn3H3
R2RqFgYjkEPuRS9bYT26vaxGAK4YfUrYN7mCJTO2inx4xKI/MkRckQsuZSBCpWsQ
Qu8suxhZwhQC/6AQjUEQy3dsWfERYn6psNC+I6fm+Ia7Faje6Pb+UqYlvYaMS0i9
lAyuLpgFHKDB1bgezOMcblhA9QxnLlL564vBk+vhlo8j
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:20:32 2024 by rpki-client on console-fra.rpki-client.org