Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
File:                     6g92KC31MgmljAMC50-Kl8o6_wU.cer (raw, json)
Hash identifier:          //B3zsY8u5yQMwnzv7JD2UEBf3wY4syJM9257BdlcME=
Subject key identifier:   EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC348B59CE86EB366B3481AC61C25C3CB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:29:31 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 42512
                          AS: 42768
                          AS: 197575
                          IP: 31.43.168.0/22
                          IP: 31.43.180.0/22
                          IP: 91.208.65.0/24
                          IP: 91.225.120.0/22
                          IP: 193.110.76.0/22
                          IP: 194.110.126.0/24
                          IP: 2001:67c:a28::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:b5:9c:e8:6e:b3:66:b3:48:1a:c6:1c:25:c3:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c8:cb:f7:b1:d0:78:2a:67:9c:8e:56:5a:eb:
                    ac:e8:7a:26:ea:c6:12:23:ae:69:f1:bc:0b:40:45:
                    8d:17:bf:cb:1f:f2:9c:22:f1:ba:e2:ee:7f:50:2c:
                    6b:d5:a6:08:29:4b:e1:6c:b1:e2:13:77:d6:b0:20:
                    a9:24:7c:b0:39:d7:9e:57:d0:c9:8f:47:69:eb:4c:
                    9f:cf:bb:30:0b:81:a6:b6:73:f0:3a:85:41:eb:b3:
                    88:e4:49:cf:cd:6f:f4:08:e0:b7:6d:2b:f6:e4:78:
                    de:3c:51:79:97:a4:98:83:61:08:63:7f:45:91:6c:
                    30:3b:d2:22:c8:17:90:e6:2e:f6:09:aa:21:fc:98:
                    0b:8b:34:e0:be:f8:7f:f9:f2:3c:4c:4e:16:cc:3a:
                    12:11:dd:69:85:e3:23:17:28:4d:f2:21:a6:95:a8:
                    c9:82:da:27:71:62:2d:5b:fc:1a:61:32:c9:fc:97:
                    cc:85:e0:e1:97:b8:25:23:dd:7b:df:ae:05:d2:1c:
                    06:70:f0:82:9f:9c:82:f3:3d:1f:16:f8:b4:93:ca:
                    6b:59:9e:ce:0d:4a:81:0d:e1:31:ea:e5:25:13:2e:
                    c9:f0:c0:e4:f0:41:d0:35:83:e3:2d:bb:8e:77:e6:
                    80:02:05:e0:33:e8:a6:05:c7:e0:41:04:ff:b1:a0:
                    46:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.168.0/22
                  31.43.180.0/22
                  91.208.65.0/24
                  91.225.120.0/22
                  193.110.76.0/22
                  194.110.126.0/24
                IPv6:
                  2001:67c:a28::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  42512
                  42768
                  197575

    Signature Algorithm: sha256WithRSAEncryption
         51:60:91:06:70:8a:49:ec:dc:28:a3:94:ad:01:d6:58:a6:35:
         35:13:40:96:32:cc:43:af:3f:ea:97:a1:fd:45:8b:6a:ec:72:
         83:a0:0e:b3:5e:cf:ba:5d:66:e9:b6:5c:10:5e:1a:37:1f:97:
         e7:4f:ae:71:c2:a5:73:19:26:94:84:4e:e6:d2:f9:bb:a9:e2:
         aa:c4:73:fb:35:51:73:73:19:53:7d:55:39:e4:3d:14:56:06:
         db:8c:b4:6b:61:e5:19:53:f7:b7:e9:cc:80:7d:e9:50:54:5d:
         42:4d:88:52:b1:8e:74:b9:c0:e2:06:9f:d3:a9:d6:d8:95:98:
         55:a8:5a:01:36:31:0d:4d:91:62:15:54:01:9f:5f:6f:3a:e1:
         3c:0b:fa:7f:f5:1f:a6:ad:cf:c1:bf:8c:c8:7b:3a:26:de:c1:
         b1:f8:e2:c1:39:54:15:ae:b3:fa:66:2e:b4:40:da:9d:00:03:
         12:7c:74:ed:f4:db:db:c3:5a:ec:51:6c:fb:f6:b4:4a:b8:a3:
         86:20:ab:cc:03:81:0a:54:26:cd:45:9a:c5:b9:2e:63:e4:d7:
         fd:f8:74:74:37:62:d1:20:d6:e7:20:97:14:f2:50:dc:6c:c7:
         9a:c7:52:99:cb:ba:fe:ac:92:a3:21:f0:44:e0:b1:32:67:0b:
         86:1e:ee:08
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYzDSLWc6G6zZrNIGsYcJcPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTBmNzYyODJkZjUzMjA5YTU4YzAzMDJlNzRmOGE5N2NhM2FmZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sjL97HQeCpnnI5WWuus6Hom6sYS
I65p8bwLQEWNF7/LH/KcIvG64u5/UCxr1aYIKUvhbLHiE3fWsCCpJHywOdeeV9DJ
j0dp60yfz7swC4GmtnPwOoVB67OI5EnPzW/0COC3bSv25HjePFF5l6SYg2EIY39F
kWwwO9IiyBeQ5i72Caoh/JgLizTgvvh/+fI8TE4WzDoSEd1pheMjFyhN8iGmlajJ
gtoncWItW/waYTLJ/JfMheDhl7glI917364F0hwGcPCCn5yC8z0fFvi0k8prWZ7O
DUqBDeEx6uUlEy7J8MDk8EHQNYPjLbuOd+aAAgXgM+imBcfgQQT/saBGFwIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFOoPdigt9TIJpYwDAudPipfKOv8FMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU2L2U3ZmE1
NS01OTI1LTRiYTktYWQzOC1iZTdjODE5NDgzMjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYvZTdmYTU1
LTU5MjUtNGJhOS1hZDM4LWJlN2M4MTk0ODMyNC8xLzZnOTJLQzMxTWdtbGpBTUM1
MC1LbDhvNl93VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME4GCCsGAQUF
BwEHAQH/BD8wPTAqBAIAATAkAwQCHyuoAwQCHyu0AwQAW9BBAwQCW+F4AwQCwW5M
AwQAwm5+MA8EAgACMAkDBwAgAQZ8CigwJAYIKwYBBQUHAQgBAf8EFTAToBEwDwID
AKYQAgMApxACAwMDxzANBgkqhkiG9w0BAQsFAAOCAQEAUWCRBnCKSezcKKOUrQHW
WKY1NRNAljLMQ68/6peh/UWLauxyg6AOs17Pul1m6bZcEF4aNx+X50+uccKlcxkm
lIRO5tL5u6niqsRz+zVRc3MZU31VOeQ9FFYG24y0a2HlGVP3t+nMgH3pUFRdQk2I
UrGOdLnA4gaf06nW2JWYVahaATYxDU2RYhVUAZ9fbzrhPAv6f/Ufpq3Pwb+MyHs6
Jt7BsfjiwTlUFa6z+mYutEDanQADEnx07fTb28Na7FFs+/a0SrijhiCrzAOBClQm
zUWaxbkuY+TX/fh0dDdi0SDW5yCXFPJQ3GzHmsdSmcu6/qySoyHwROCxMmcLhh7u
CA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 09:16:47 2024 by rpki-client on console-fra.rpki-client.org