Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7rUm_mgRGJVkQSJxM7Mg9e-9_Ws.cer
File:                     7rUm_mgRGJVkQSJxM7Mg9e-9_Ws.cer (raw, json)
Hash identifier:          qMFmzRhsW/SyZVDAW/+9v901FYvCcOSXgdSHRvpF/q0=
Subject key identifier:   EE:B5:26:FE:68:11:18:95:64:41:22:71:33:B3:20:F5:EF:BD:FD:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC649BDD4DF39EF8966E5D1BE869776B2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/73/6018cb-339a-416f-af4c-1244ba9eacd9/1/7rUm_mgRGJVkQSJxM7Mg9e-9_Ws.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/73/6018cb-339a-416f-af4c-1244ba9eacd9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:29:30 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 31669
                          IP: 89.106.240.0/21
                          IP: 195.28.164.0/23
                          IP: 2a01:b0::/31

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:bd:d4:df:39:ef:89:66:e5:d1:be:86:97:76:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eeb526fe681118956441227133b320f5efbdfd6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e8:e7:19:4f:81:5a:1c:eb:42:4b:df:45:83:
                    42:dc:c4:3e:cd:50:75:56:a0:31:d7:03:5f:5a:27:
                    bf:9b:eb:15:86:32:91:47:e6:70:80:a0:56:03:7c:
                    5d:fa:04:f1:f4:14:11:37:4f:f3:ef:75:1b:67:87:
                    8d:9b:c5:f5:36:f2:60:7d:ed:03:1d:9b:0d:18:6f:
                    0c:ae:97:b1:32:5d:89:f8:d0:4c:4c:9f:5e:a1:18:
                    17:57:e2:1f:95:d8:e6:ac:ce:e4:09:86:a2:ae:be:
                    ca:28:86:b3:f8:ba:02:51:ce:85:c1:32:ce:50:a2:
                    12:aa:fd:50:39:69:e4:d7:f9:4d:a3:2c:3d:aa:17:
                    69:d7:fa:33:2c:cc:58:64:7b:1f:b0:67:12:95:c2:
                    63:22:eb:cc:2c:3e:a4:e0:07:bf:7a:ae:5f:1e:22:
                    10:83:86:33:77:7f:9a:b8:6d:9d:79:d8:6c:23:2f:
                    af:7e:ce:6c:e8:b1:6e:78:a4:b4:fd:b3:0d:5f:5e:
                    31:25:8c:f0:40:91:87:0d:07:bb:82:6e:34:b8:a1:
                    30:3c:76:01:59:de:56:df:bb:6d:78:27:d2:47:cd:
                    77:95:8a:ac:d7:96:e4:7b:43:9a:6c:a8:4e:ce:88:
                    50:d1:e4:d1:ff:28:a5:84:fd:51:35:26:f8:4d:8d:
                    b0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B5:26:FE:68:11:18:95:64:41:22:71:33:B3:20:F5:EF:BD:FD:6B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6018cb-339a-416f-af4c-1244ba9eacd9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6018cb-339a-416f-af4c-1244ba9eacd9/1/7rUm_mgRGJVkQSJxM7Mg9e-9_Ws.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.106.240.0/21
                  195.28.164.0/23
                IPv6:
                  2a01:b0::/31

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  31669

    Signature Algorithm: sha256WithRSAEncryption
         8e:15:9d:b1:43:57:d9:93:8a:35:6e:7c:0b:05:74:ea:62:eb:
         ab:bd:53:e1:e0:e4:8b:92:cc:a3:f1:e1:f4:65:fd:06:c9:4c:
         34:db:7f:fb:5f:d7:fd:7e:5d:58:b6:ae:5e:8d:94:5c:fa:4d:
         92:09:fe:94:09:aa:c2:c2:42:20:5c:48:37:ec:72:c3:aa:82:
         01:e4:32:d2:59:3b:e7:55:0d:5c:9a:e7:fb:77:81:cd:f5:0f:
         8b:66:d9:93:2e:95:38:4d:c4:d3:16:ef:11:1e:0f:d2:01:02:
         c2:1c:ca:89:2b:e0:d6:e5:07:3a:44:88:1c:e6:f9:e1:d5:5f:
         ac:de:14:42:b7:06:b6:88:23:79:15:67:3a:1f:46:35:53:04:
         36:f7:5c:1e:1c:ac:ac:04:7f:bf:69:54:1e:66:50:cb:bc:fd:
         a9:6f:97:dc:f2:dc:08:bf:99:c5:f1:35:b7:43:46:ba:af:06:
         2b:c4:12:0b:ec:cd:e4:d9:98:2a:12:4b:f9:7d:5a:1f:d5:80:
         f2:fb:6d:a5:cb:43:ae:4c:f4:cc:d6:23:d8:8a:fc:72:89:ed:
         90:e4:1d:5e:e9:53:2a:34:26:1f:0b:0c:85:e3:79:f1:0d:43:
         eb:33:3a:23:00:3b:00:de:c2:47:13:2a:c5:13:29:bd:ca:d5:
         32:b2:d1:2c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYzGSb3U3znviWbl0b6Gl3ayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWI1MjZmZTY4MTExODk1NjQ0MTIyNzEzM2IzMjBmNWVmYmRmZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwejnGU+BWhzrQkvfRYNC3MQ+zVB1
VqAx1wNfWie/m+sVhjKRR+ZwgKBWA3xd+gTx9BQRN0/z73UbZ4eNm8X1NvJgfe0D
HZsNGG8MrpexMl2J+NBMTJ9eoRgXV+IfldjmrM7kCYairr7KKIaz+LoCUc6FwTLO
UKISqv1QOWnk1/lNoyw9qhdp1/ozLMxYZHsfsGcSlcJjIuvMLD6k4Ae/eq5fHiIQ
g4Yzd3+auG2dedhsIy+vfs5s6LFueKS0/bMNX14xJYzwQJGHDQe7gm40uKEwPHYB
Wd5W37tteCfSR813lYqs15bke0OabKhOzohQ0eTR/yilhP1RNSb4TY2wpQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFO61Jv5oERiVZEEicTOzIPXvvf1rMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzczLzYwMThj
Yi0zMzlhLTQxNmYtYWY0Yy0xMjQ0YmE5ZWFjZDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMvNjAxOGNi
LTMzOWEtNDE2Zi1hZjRjLTEyNDRiYTllYWNkOS8xLzdyVW1fbWdSR0pWa1FTSnhN
N01nOWUtOV9Xcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDWWrwAwQBwxykMA0EAgACMAcDBQEqAQCwMBkG
CCsGAQUFBwEIAQH/BAowCKAGMAQCAnu1MA0GCSqGSIb3DQEBCwUAA4IBAQCOFZ2x
Q1fZk4o1bnwLBXTqYuurvVPh4OSLksyj8eH0Zf0GyUw023/7X9f9fl1Ytq5ejZRc
+k2SCf6UCarCwkIgXEg37HLDqoIB5DLSWTvnVQ1cmuf7d4HN9Q+LZtmTLpU4TcTT
Fu8RHg/SAQLCHMqJK+DW5Qc6RIgc5vnh1V+s3hRCtwa2iCN5FWc6H0Y1UwQ291we
HKysBH+/aVQeZlDLvP2pb5fc8twIv5nF8TW3Q0a6rwYrxBIL7M3k2ZgqEkv5fVof
1YDy+22ly0OuTPTM1iPYivxyie2Q5B1e6VMqNCYfCwyF43nxDUPrMzojADsA3sJH
EyrFEym9ytUystEs
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:24:59 2024 by rpki-client on console-ams.rpki-client.org