Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8OlKP3YsIdcztI_yssV0VgXCvjM.cer
File:                     8OlKP3YsIdcztI_yssV0VgXCvjM.cer (raw, json)
Hash identifier:          Pj1IFMzT9mGihgVAZxRY3SCfzKv1VyaLFEBGMhtshtI=
Subject key identifier:   F0:E9:4A:3F:76:2C:21:D7:33:B4:8F:F2:B2:C5:74:56:05:C2:BE:33
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA995DD58090F70D24A577AB3931102A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/33/0de973-6a91-4651-a3e3-7d5394531d18/1/8OlKP3YsIdcztI_yssV0VgXCvjM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/33/0de973-6a91-4651-a3e3-7d5394531d18/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 14:34:57 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 197942
                          IP: 2001:67c:2384::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:5d:d5:80:90:f7:0d:24:a5:77:ab:39:31:10:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:34:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f0e94a3f762c21d733b48ff2b2c5745605c2be33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:cc:e6:52:c4:97:35:11:6d:1e:9f:2f:b8:4e:
                    dc:07:9f:3d:f9:e2:61:5b:3e:2d:41:c5:8a:af:68:
                    ac:b6:03:3c:e3:6c:7a:28:7f:af:1f:70:5e:cc:9a:
                    43:b6:df:e6:ed:c9:34:dd:ea:36:ed:5f:af:45:4d:
                    12:36:a3:b2:88:4b:60:6d:5b:1f:06:6c:be:3a:40:
                    7b:f7:e7:28:6c:15:db:75:7d:5b:58:1c:88:90:67:
                    1e:e1:e4:d9:e2:3b:db:56:34:a3:ab:80:7e:f3:79:
                    eb:19:fd:6f:9f:b6:da:cc:5f:8b:f9:ef:58:37:05:
                    bd:cb:e4:a8:06:8c:04:22:60:32:6e:5f:3d:96:d4:
                    83:cf:99:50:3e:8d:a0:ae:ad:33:5a:67:66:dc:fb:
                    91:dd:b9:22:52:41:f2:1d:f6:c5:6d:6a:e6:10:43:
                    24:d1:82:10:49:7c:10:06:d6:33:f0:03:c7:c1:43:
                    7b:f6:cf:ed:76:03:ad:8d:9e:39:3f:ab:7d:98:8b:
                    a2:00:26:48:0c:00:5d:0f:52:59:d5:31:84:cb:2b:
                    b8:3a:cd:6d:33:06:7f:ac:56:f0:bd:62:87:88:f5:
                    29:19:76:4d:ca:ca:1e:90:9c:2f:cd:9c:51:18:cf:
                    e1:48:9d:01:51:fc:f3:e2:ee:79:aa:1b:ff:2a:2d:
                    4a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:E9:4A:3F:76:2C:21:D7:33:B4:8F:F2:B2:C5:74:56:05:C2:BE:33
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0de973-6a91-4651-a3e3-7d5394531d18/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0de973-6a91-4651-a3e3-7d5394531d18/1/8OlKP3YsIdcztI_yssV0VgXCvjM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2384::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  197942

    Signature Algorithm: sha256WithRSAEncryption
         2a:12:64:2d:3b:06:86:23:d3:d9:0a:0e:1b:7c:94:12:53:30:
         0f:47:f3:a7:e2:d3:bc:fb:67:f9:96:b4:ab:e3:cb:8f:39:01:
         0c:53:e3:f7:42:5d:82:3f:bb:c2:b4:61:0b:e3:6f:a6:89:4c:
         be:e5:14:66:49:06:cd:60:0a:5d:52:0d:c4:e9:b2:b7:cc:c1:
         20:cd:c8:db:04:5a:50:f4:1e:a6:c4:c6:89:6e:0d:aa:f3:92:
         43:46:a8:e9:c1:21:c5:24:92:01:78:e7:1b:d6:b9:6b:e1:4e:
         b3:35:d2:fa:24:8c:16:49:bf:1f:8f:49:cc:74:f8:90:21:24:
         3f:3a:31:1b:1f:d8:70:d5:42:81:8c:4b:22:f5:08:fe:80:12:
         b0:27:06:1e:1b:17:a3:c9:73:bf:2d:94:4a:fa:d4:0e:6e:4e:
         5b:3b:9d:3d:8e:a6:6f:c5:a5:03:e0:30:9f:03:0c:2d:2a:05:
         8a:c2:d6:6c:73:e6:d7:52:7b:cf:e3:1c:9a:14:d1:0a:26:4e:
         ca:8b:71:58:43:f6:b4:58:99:ef:2a:33:ae:f8:99:e7:ee:e4:
         b5:4d:6f:68:19:3e:cc:4a:3e:15:51:fc:5f:71:81:d9:e1:f5:
         43:16:1e:57:f7:80:cf:1f:7b:67:15:5e:e2:1d:20:9d:bf:3e:
         6e:4b:6f:10
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzKmV3VgJD3DSSld6s5MRAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGU5NGEzZjc2MmMyMWQ3MzNiNDhmZjJiMmM1NzQ1NjA1YzJiZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsczmUsSXNRFtHp8vuE7cB589+eJh
Wz4tQcWKr2istgM842x6KH+vH3BezJpDtt/m7ck03eo27V+vRU0SNqOyiEtgbVsf
Bmy+OkB79+cobBXbdX1bWByIkGce4eTZ4jvbVjSjq4B+83nrGf1vn7bazF+L+e9Y
NwW9y+SoBowEImAybl89ltSDz5lQPo2grq0zWmdm3PuR3bkiUkHyHfbFbWrmEEMk
0YIQSXwQBtYz8APHwUN79s/tdgOtjZ45P6t9mIuiACZIDABdD1JZ1TGEyyu4Os1t
MwZ/rFbwvWKHiPUpGXZNysoekJwvzZxRGM/hSJ0BUfzz4u55qhv/Ki1KlQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFPDpSj92LCHXM7SP8rLFdFYFwr4zMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzLzBkZTk3
My02YTkxLTQ2NTEtYTNlMy03ZDUzOTQ1MzFkMTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvMGRlOTcz
LTZhOTEtNDY1MS1hM2UzLTdkNTM5NDUzMWQxOC8xLzhPbEtQM1lzSWRjenRJX3lz
c1YwVmdYQ3ZqTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCOEMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMFNjANBgkqhkiG9w0BAQsFAAOCAQEAKhJkLTsGhiPT2QoOG3yUElMwD0fz
p+LTvPtn+Za0q+PLjzkBDFPj90Jdgj+7wrRhC+NvpolMvuUUZkkGzWAKXVINxOmy
t8zBIM3I2wRaUPQepsTGiW4NqvOSQ0ao6cEhxSSSAXjnG9a5a+FOszXS+iSMFkm/
H49JzHT4kCEkPzoxGx/YcNVCgYxLIvUI/oASsCcGHhsXo8lzvy2USvrUDm5OWzud
PY6mb8WlA+AwnwMMLSoFisLWbHPm11J7z+McmhTRCiZOyotxWEP2tFiZ7yozrviZ
5+7ktU1vaBk+zEo+FVH8X3GB2eH1QxYeV/eAzx97ZxVe4h0gnb8+bktvEA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 09:23:57 2024 by rpki-client on console-fra.rpki-client.org