Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7-H8ahWWWTTFM5PW7RiYTGulb1Y.cer
File:                     7-H8ahWWWTTFM5PW7RiYTGulb1Y.cer (raw, json)
Hash identifier:          9mEk6EOWlU2NsNgR+VlDgQY28Z8vuOi+RZtk2qY6fug=
Subject key identifier:   EF:E1:FC:6A:15:96:59:34:C5:33:93:D6:ED:18:98:4C:6B:A5:6F:56
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B7C91FFD782130900C3823C47543F8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/7f/63b5ec-c2c9-4f68-8d47-4d19937e2f20/1/7-H8ahWWWTTFM5PW7RiYTGulb1Y.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/7f/63b5ec-c2c9-4f68-8d47-4d19937e2f20/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:29:42 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 194.6.243.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:c9:1f:fd:78:21:30:90:0c:38:23:c4:75:43:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=efe1fc6a15965934c53393d6ed18984c6ba56f56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:c3:7c:4a:75:dc:d7:40:6c:bc:b8:17:7a:a0:
                    12:15:1f:52:6b:fb:16:18:5d:a0:9d:ce:49:fb:d2:
                    14:54:98:10:85:fb:ee:ea:be:ba:aa:3a:e5:ab:69:
                    45:fe:ef:20:c8:e1:b2:8f:04:43:63:d6:60:d5:c5:
                    79:31:d9:f6:91:98:35:ee:3d:e8:94:a4:a5:70:3a:
                    51:d6:bd:86:12:3d:0c:53:b1:8b:e6:59:11:cf:f0:
                    fa:ec:86:e7:cd:5b:18:73:01:f6:d0:49:b9:f8:65:
                    44:4d:a1:66:83:22:a2:45:7f:3c:aa:7b:39:0e:ae:
                    b2:2b:c8:d9:c7:c2:24:26:9d:72:a4:25:a0:f8:bf:
                    3e:aa:75:0b:a6:93:a8:85:2d:27:ce:ab:a2:59:21:
                    6f:5b:e5:5a:59:01:5d:16:7e:56:07:d9:8d:2c:2d:
                    a0:67:e8:df:c5:10:f4:86:ac:f2:6e:67:ff:b0:64:
                    df:c2:95:fe:3f:45:c6:f9:15:34:fb:c5:b2:bd:69:
                    de:a3:44:f8:3e:77:ee:d2:2f:98:82:89:9d:ad:7f:
                    e9:b4:22:d7:b3:ed:37:5a:eb:42:18:0f:76:78:4d:
                    98:11:c2:e0:54:51:83:67:eb:a3:f6:11:3b:ac:25:
                    cf:ef:af:45:4e:95:97:ca:d2:ee:ab:97:97:46:bb:
                    49:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:E1:FC:6A:15:96:59:34:C5:33:93:D6:ED:18:98:4C:6B:A5:6F:56
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/63b5ec-c2c9-4f68-8d47-4d19937e2f20/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/63b5ec-c2c9-4f68-8d47-4d19937e2f20/1/7-H8ahWWWTTFM5PW7RiYTGulb1Y.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.6.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:98:51:9b:d9:96:70:a4:9f:22:9a:3c:27:e0:74:e0:28:df:
         a8:b3:ab:e2:cf:8e:08:3d:22:e2:14:33:eb:58:f8:75:21:c2:
         de:72:1e:dc:36:12:5c:f7:40:9d:8b:48:7c:53:c0:22:4e:d6:
         31:4e:b6:5e:20:91:c1:54:85:aa:99:f5:57:59:b8:28:ac:d3:
         ad:2a:04:e8:d3:3c:59:e7:19:46:f5:a1:c0:af:81:20:3d:aa:
         44:a0:df:8f:21:d2:8e:29:92:92:82:fd:a3:bc:93:92:64:ab:
         30:20:0a:8a:5f:2b:dc:ba:6c:6e:1f:b8:21:88:62:31:82:26:
         cb:39:72:fc:59:9c:06:15:81:f1:ce:a3:be:ac:89:a2:c2:40:
         66:a2:2f:0e:5b:20:f1:85:4c:d8:b2:5f:1a:e8:78:62:da:3c:
         10:c2:10:1b:67:76:cd:51:eb:19:b7:5b:b5:d6:ef:32:77:c8:
         d9:37:77:c0:58:ff:e9:99:70:50:b1:34:63:a4:0e:07:59:4f:
         08:78:dd:65:2e:23:57:1d:01:ac:01:53:2b:ca:e8:f7:de:e4:
         91:5a:33:a8:ce:69:c7:d7:cc:cb:f5:9e:bf:ec:8a:be:40:63:
         e3:25:5d:0a:0e:c3:fa:e9:8b:04:b9:58:ca:24:c2:a9:1b:8e:
         06:ff:1f:6a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzGt8kf/XghMJAMOCPEdUP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmUxZmM2YTE1OTY1OTM0YzUzMzkzZDZlZDE4OTg0YzZiYTU2ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+MN8SnXc10BsvLgXeqASFR9Sa/sW
GF2gnc5J+9IUVJgQhfvu6r66qjrlq2lF/u8gyOGyjwRDY9Zg1cV5Mdn2kZg17j3o
lKSlcDpR1r2GEj0MU7GL5lkRz/D67IbnzVsYcwH20Em5+GVETaFmgyKiRX88qns5
Dq6yK8jZx8IkJp1ypCWg+L8+qnULppOohS0nzquiWSFvW+VaWQFdFn5WB9mNLC2g
Z+jfxRD0hqzybmf/sGTfwpX+P0XG+RU0+8WyvWneo0T4Pnfu0i+YgomdrX/ptCLX
s+03WutCGA92eE2YEcLgVFGDZ+uj9hE7rCXP769FTpWXytLuq5eXRrtJbQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFO/h/GoVllk0xTOT1u0YmExrpW9WMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdmLzYzYjVl
Yy1jMmM5LTRmNjgtOGQ0Ny00ZDE5OTM3ZTJmMjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2YvNjNiNWVj
LWMyYzktNGY2OC04ZDQ3LTRkMTk5MzdlMmYyMC8xLzctSDhhaFdXV1RURk01UFc3
UmlZVEd1bGIxWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwgbzMA0GCSqGSIb3DQEBCwUAA4IBAQB8mFGb
2ZZwpJ8imjwn4HTgKN+os6viz44IPSLiFDPrWPh1IcLech7cNhJc90Cdi0h8U8Ai
TtYxTrZeIJHBVIWqmfVXWbgorNOtKgTo0zxZ5xlG9aHAr4EgPapEoN+PIdKOKZKS
gv2jvJOSZKswIAqKXyvcumxuH7ghiGIxgibLOXL8WZwGFYHxzqO+rImiwkBmoi8O
WyDxhUzYsl8a6Hhi2jwQwhAbZ3bNUesZt1u11u8yd8jZN3fAWP/pmXBQsTRjpA4H
WU8IeN1lLiNXHQGsAVMryuj33uSRWjOozmnH18zL9Z6/7Iq+QGPjJV0KDsP66YsE
uVjKJMKpG44G/x9q
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:30:20 2024 by rpki-client on console-ams.rpki-client.org