Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6suWQTrI8sFrlHlWiRdNenIgHvU.cer
File:                     6suWQTrI8sFrlHlWiRdNenIgHvU.cer (raw, json)
Hash identifier:          KBgwi290JAuAlzFqnA2LdNRvOCtgGtAxXEuTg9ctypg=
Subject key identifier:   EA:CB:96:41:3A:C8:F2:C1:6B:94:79:56:89:17:4D:7A:72:20:1E:F5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC7261383489D6061D0308349EB24CA62
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/6suWQTrI8sFrlHlWiRdNenIgHvU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:30:10 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 20634
                          IP: 80.66.224.0/20
                          IP: 80.72.48.0/20
                          IP: 80.248.192.0/20
                          IP: 89.248.144.0/20
                          IP: 185.112.48.0/22
                          IP: 217.173.224.0/20
                          IP: 2a00:ec0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:13:83:48:9d:60:61:d0:30:83:49:eb:24:ca:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eacb96413ac8f2c16b94795689174d7a72201ef5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:af:84:91:6b:35:39:e2:71:29:e1:1c:8c:d9:
                    51:cb:09:c9:9f:3c:bc:5c:c3:8c:cc:b6:7b:2b:41:
                    be:fc:70:30:d0:9f:2c:99:01:0b:b3:4d:4c:2b:10:
                    67:60:93:ae:03:6d:da:9f:29:f1:aa:a9:e4:ad:62:
                    35:b5:13:73:e3:2b:b9:23:a4:ff:5e:96:c7:68:8d:
                    0a:ef:4f:12:aa:8a:46:2b:69:31:55:1e:e7:6c:89:
                    f3:88:59:33:b9:fe:72:f9:54:c6:47:08:e2:8e:4a:
                    ee:6a:b7:dd:d0:31:ac:e4:f4:93:87:99:c8:ef:66:
                    36:99:6d:8f:72:f6:8b:51:39:e1:e9:c5:b1:7d:cf:
                    2b:5f:b2:4a:e2:1b:9d:3f:19:a8:e9:13:18:0a:65:
                    ad:c3:e9:31:0b:57:e9:8d:13:ad:2f:bb:9c:3b:22:
                    c9:16:9d:79:00:25:79:9c:be:09:70:92:9d:93:84:
                    da:b4:c3:0d:d9:18:02:44:bf:ab:a5:93:1e:e3:93:
                    27:6c:16:ad:cd:f0:a2:02:53:cb:1e:4c:b1:b2:94:
                    bc:93:2b:5a:8c:ab:be:a8:8a:d6:09:6e:98:c2:8a:
                    17:42:ee:ec:3a:3c:2f:e8:e1:60:d4:43:27:70:0c:
                    ce:c7:8f:e4:6a:36:00:cc:3c:89:81:f0:4f:f4:c1:
                    cf:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:CB:96:41:3A:C8:F2:C1:6B:94:79:56:89:17:4D:7A:72:20:1E:F5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/6suWQTrI8sFrlHlWiRdNenIgHvU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.224.0/20
                  80.72.48.0/20
                  80.248.192.0/20
                  89.248.144.0/20
                  185.112.48.0/22
                  217.173.224.0/20
                IPv6:
                  2a00:ec0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  20634

    Signature Algorithm: sha256WithRSAEncryption
         10:61:03:1d:42:1d:62:34:06:3b:fa:24:4a:bd:16:36:2e:62:
         a7:f9:4d:9e:99:b5:13:2c:89:30:cf:42:d0:21:d4:22:ea:9b:
         ce:76:a6:6a:4f:50:6b:4a:24:f3:bf:84:6d:06:67:1f:b8:e5:
         21:51:0f:70:08:dd:a0:5d:2b:97:74:97:bb:63:13:f1:92:f4:
         68:16:e2:85:42:08:49:fa:0b:05:13:21:db:b8:5f:80:d9:b5:
         08:68:30:d7:c3:c0:1e:53:4c:9f:11:bc:10:08:9a:5c:3f:f6:
         36:fd:f9:61:c2:79:fa:fe:5b:38:f4:93:8c:c4:36:ed:15:e0:
         79:52:ad:dd:67:7b:28:e7:ed:af:4d:67:b7:4a:36:09:89:f3:
         f5:16:7c:e2:5c:1d:ac:8b:28:fa:1e:76:76:98:02:7b:1c:40:
         f0:93:d9:26:50:f7:74:f4:e6:d0:d6:54:b5:fa:a3:82:5d:7e:
         3e:5e:65:b1:fa:b7:4c:26:e1:dd:66:e1:59:ea:de:65:0f:bf:
         df:c7:15:2b:ee:22:64:b5:f6:50:1c:7c:b2:57:4e:45:36:b4:
         9f:09:0e:89:ec:b1:9f:23:f9:21:ea:a1:6d:04:e4:4f:52:ea:
         d4:b1:db:f8:70:c0:74:40:79:84:06:17:8e:ba:d2:6c:bf:4f:
         6d:b5:78:4f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYzHJhODSJ1gYdAwg0nrJMpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWNiOTY0MTNhYzhmMmMxNmI5NDc5NTY4OTE3NGQ3YTcyMjAxZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa+EkWs1OeJxKeEcjNlRywnJnzy8
XMOMzLZ7K0G+/HAw0J8smQELs01MKxBnYJOuA23anynxqqnkrWI1tRNz4yu5I6T/
XpbHaI0K708SqopGK2kxVR7nbInziFkzuf5y+VTGRwjijkruarfd0DGs5PSTh5nI
72Y2mW2PcvaLUTnh6cWxfc8rX7JK4hudPxmo6RMYCmWtw+kxC1fpjROtL7ucOyLJ
Fp15ACV5nL4JcJKdk4TatMMN2RgCRL+rpZMe45MnbBatzfCiAlPLHkyxspS8kyta
jKu+qIrWCW6YwooXQu7sOjwv6OFg1EMncAzOx4/kajYAzDyJgfBP9MHPzQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFOrLlkE6yPLBa5R5VokXTXpyIB71MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgzL2Q0MWRm
Ny05NDFkLTQ3YWUtYjE1Yy0zN2ZlNmI2NWY2OGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMvZDQxZGY3
LTk0MWQtNDdhZS1iMTVjLTM3ZmU2YjY1ZjY4Zi8xLzZzdVdRVHJJOHNGcmxIbFdp
UmROZW5JZ0h2VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF
BwEHAQH/BD0wOzAqBAIAATAkAwQEUELgAwQEUEgwAwQEUPjAAwQEWfiQAwQCuXAw
AwQE2a3gMA0EAgACMAcDBQAqAA7AMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAlCa
MA0GCSqGSIb3DQEBCwUAA4IBAQAQYQMdQh1iNAY7+iRKvRY2LmKn+U2embUTLIkw
z0LQIdQi6pvOdqZqT1BrSiTzv4RtBmcfuOUhUQ9wCN2gXSuXdJe7YxPxkvRoFuKF
QghJ+gsFEyHbuF+A2bUIaDDXw8AeU0yfEbwQCJpcP/Y2/flhwnn6/ls49JOMxDbt
FeB5Uq3dZ3so5+2vTWe3SjYJifP1FnziXB2siyj6HnZ2mAJ7HEDwk9kmUPd09ObQ
1lS1+qOCXX4+XmWx+rdMJuHdZuFZ6t5lD7/fxxUr7iJktfZQHHyyV05FNrSfCQ6J
7LGfI/kh6qFtBORPUurUsdv4cMB0QHmEBheOutJsv09ttXhP
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:24:05 2024 by rpki-client on console-ams.rpki-client.org