Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8WsoQW3b85-ySwmWaGrPrOdsmNU.cer
File:                     8WsoQW3b85-ySwmWaGrPrOdsmNU.cer (raw, json)
Hash identifier:          76CQ7MoaSqBzaByN2KbTRrvB30h4TkgIx4rmYdGOBDw=
Subject key identifier:   F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC801BCE050C432234FAA8168ADC18FB5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:30:06 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 85.119.104.0/21
                          IP: 185.85.112.0/22
                          IP: 2a01:9780::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:bc:e0:50:c4:32:23:4f:aa:81:68:ad:c1:8f:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:30:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f16b28416ddbf39fb24b0996686acface76c98d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:59:69:55:1d:8e:6d:9d:88:b2:f1:84:31:d6:
                    d4:18:93:70:1b:27:82:f8:ff:91:96:99:3d:33:78:
                    2d:c7:ec:dc:ff:6d:9a:c4:0d:78:6a:97:a5:a2:17:
                    35:15:01:3f:c3:0d:ff:51:29:4d:a8:af:c6:31:87:
                    f2:84:d7:fe:bb:2b:8b:e7:0c:b5:20:bc:e7:45:57:
                    ab:97:15:07:a5:69:dd:52:f3:f0:ab:01:66:64:83:
                    b6:cd:26:a3:2a:c5:55:af:74:f7:9f:47:f9:e3:50:
                    56:6f:3c:ef:b5:ad:54:8d:51:82:4b:8b:c2:5f:9b:
                    30:0c:46:9d:04:23:b9:d2:24:8c:ec:b0:d5:03:24:
                    b7:a0:f8:f6:f3:c7:71:f4:a1:92:85:2e:78:7d:12:
                    da:d6:b7:41:91:fd:c2:75:6f:66:47:8f:cb:4a:38:
                    a5:89:8f:27:92:fc:52:d4:3c:8f:74:81:cb:8a:5d:
                    cb:4a:da:08:74:d9:d2:dc:68:db:0b:07:85:d6:92:
                    69:1e:62:bc:5a:e1:fa:e2:ad:b5:19:1a:11:ca:c2:
                    70:0f:03:af:8c:59:e5:43:6d:4c:32:d0:91:80:85:
                    fc:f2:37:5f:42:9c:72:b8:f3:ad:90:24:35:00:96:
                    5b:ce:c9:f0:04:9d:ae:cc:01:0e:95:6f:c3:3f:51:
                    05:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.119.104.0/21
                  185.85.112.0/22
                IPv6:
                  2a01:9780::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:87:0d:a0:24:1b:15:21:06:b0:45:dd:39:35:b1:b7:a4:ec:
         99:53:78:d2:e2:8b:25:1c:bc:9b:42:c6:c9:18:4e:59:bb:e7:
         e1:91:fa:d4:af:8c:aa:74:f6:aa:7d:60:d6:4e:2c:4a:ed:bf:
         d4:dd:cb:0d:73:ff:1c:19:fa:5c:22:f8:e3:be:da:7f:8b:fe:
         52:26:f2:f7:3f:c4:80:6f:01:5e:77:12:73:3c:b7:10:89:4e:
         86:7f:6b:19:90:c6:ed:8e:7b:c9:0f:de:2f:e4:16:06:b5:55:
         5d:f6:3e:ed:09:4a:02:de:3b:73:33:15:f8:9e:20:f3:ba:3c:
         49:77:8a:71:fa:b4:da:78:ad:ca:40:64:21:4e:00:6b:ab:d0:
         68:34:51:43:28:4f:92:fc:44:d0:40:75:54:91:d7:dd:20:a9:
         e3:7d:14:c6:27:2e:f9:14:25:eb:b0:ea:10:35:59:95:c4:8a:
         b6:52:cb:5e:14:b4:57:66:58:01:c7:70:d8:7a:d8:50:a0:09:
         34:d3:76:25:9d:44:8e:c8:19:17:31:f8:f3:39:6c:49:ca:2e:
         61:0b:13:d5:b9:e5:8e:b7:a2:3d:da:e3:13:35:9e:bb:db:47:
         1a:eb:81:b7:57:67:eb:2b:50:28:13:bc:26:8b:9e:d6:6e:b0:
         b5:80:d7:24
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzIAbzgUMQyI0+qgWitwY+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZiMjg0MTZkZGJmMzlmYjI0YjA5OTY2ODZhY2ZhY2U3NmM5OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzllpVR2ObZ2IsvGEMdbUGJNwGyeC
+P+Rlpk9M3gtx+zc/22axA14apelohc1FQE/ww3/USlNqK/GMYfyhNf+uyuL5wy1
ILznRVerlxUHpWndUvPwqwFmZIO2zSajKsVVr3T3n0f541BWbzzvta1UjVGCS4vC
X5swDEadBCO50iSM7LDVAyS3oPj288dx9KGShS54fRLa1rdBkf3CdW9mR4/LSjil
iY8nkvxS1DyPdIHLil3LStoIdNnS3GjbCweF1pJpHmK8WuH64q21GRoRysJwDwOv
jFnlQ21MMtCRgIX88jdfQpxyuPOtkCQ1AJZbzsnwBJ2uzAEOlW/DP1EFmQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFPFrKEFt2/OfsksJlmhqz6znbJjVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5L2IxNjVj
YS0yZjMzLTRlOGUtYTg5Ni1jZGFhNTgxNTE4ZjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvYjE2NWNh
LTJmMzMtNGU4ZS1hODk2LWNkYWE1ODE1MThmMy8xLzhXc29RVzNiODUteVN3bVdh
R3JQck9kc21OVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDVXdoAwQCuVVwMA0EAgACMAcDBQAqAZeAMA0G
CSqGSIb3DQEBCwUAA4IBAQAvhw2gJBsVIQawRd05NbG3pOyZU3jS4oslHLybQsbJ
GE5Zu+fhkfrUr4yqdPaqfWDWTixK7b/U3csNc/8cGfpcIvjjvtp/i/5SJvL3P8SA
bwFedxJzPLcQiU6Gf2sZkMbtjnvJD94v5BYGtVVd9j7tCUoC3jtzMxX4niDzujxJ
d4px+rTaeK3KQGQhTgBrq9BoNFFDKE+S/ETQQHVUkdfdIKnjfRTGJy75FCXrsOoQ
NVmVxIq2UsteFLRXZlgBx3DYethQoAk003YlnUSOyBkXMfjzOWxJyi5hCxPVueWO
t6I92uMTNZ6720ca64G3V2frK1AoE7wmi57WbrC1gNck
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:36:11 2024 by rpki-client on console-fra.rpki-client.org