Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
File:                     8dpnE1tzfKnS39e5f-WXi48wDWs.cer (raw, json)
Hash identifier:          zO7S2dB2Ftb9F0gyr0HMrehJ6gOyrPPNZ/N375oCO8g=
Subject key identifier:   F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC64B6434E59A7EAF81659C5A2C75E874
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:31:18 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 60486
                          IP: 83.143.72.0/22
                          IP: 85.184.244.0/22
                          IP: 185.29.152.0/22
                          IP: 2a00:a920::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:64:34:e5:9a:7e:af:81:65:9c:5a:2c:75:e8:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:31:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:98:a6:6f:69:af:60:1d:2f:53:db:01:ab:aa:
                    2f:09:a6:b7:de:2e:52:c7:88:7a:3e:94:f8:f3:16:
                    4a:d1:59:f1:9e:f1:9c:b4:76:f1:c0:c7:ce:97:d6:
                    5b:28:4b:f0:c3:e1:66:62:cf:93:38:2a:d8:cc:99:
                    e1:eb:ac:6f:cd:f8:4b:5b:28:32:2b:a3:ad:35:a6:
                    9a:7d:8b:46:15:93:2b:14:34:70:82:2a:a9:94:3e:
                    57:d9:ac:5c:cf:c6:6f:d2:80:62:a6:a0:01:0c:f6:
                    98:82:b6:7a:93:23:c4:0a:0d:52:93:62:b6:a2:73:
                    da:49:f2:e5:de:3f:d3:5a:ef:36:f9:59:df:58:4c:
                    b5:16:07:c1:38:fc:ac:5c:52:37:0f:6b:de:20:c1:
                    92:26:cd:4a:33:b6:28:18:c2:3d:3c:b9:90:bf:de:
                    cd:f9:13:2b:a3:67:4c:46:42:8b:8b:40:a0:83:81:
                    52:76:44:ae:2b:84:ce:09:db:1e:c5:61:01:ef:66:
                    b8:b8:19:d9:e0:1e:3c:4f:15:18:b7:9d:48:f5:78:
                    ce:2a:2a:3f:b1:9c:23:65:6e:69:d1:b8:56:0c:6b:
                    7f:48:15:39:51:3b:cd:a7:a7:f5:fb:b3:a8:97:ff:
                    4d:89:a7:45:df:63:bf:81:45:67:74:64:62:73:eb:
                    85:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.143.72.0/22
                  85.184.244.0/22
                  185.29.152.0/22
                IPv6:
                  2a00:a920::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  60486

    Signature Algorithm: sha256WithRSAEncryption
         ae:57:19:5c:2d:f4:89:fd:ed:33:39:08:66:00:9a:56:a0:d0:
         18:69:d0:eb:3d:2f:cd:83:0b:c7:aa:4f:6a:08:73:89:a4:12:
         07:8f:f6:74:39:05:98:64:ad:c8:96:5c:83:28:11:4b:da:a4:
         a4:16:a8:ea:61:03:de:9a:dd:c9:4e:95:be:b0:f8:dd:64:96:
         ee:e4:e4:c7:7f:f7:33:80:80:74:92:b4:3f:a0:3f:a4:59:b3:
         07:1b:fd:93:b6:3f:35:e2:e4:b0:7d:e5:e3:d2:47:6e:0d:ef:
         1c:21:7e:24:75:b3:ce:bf:80:c0:29:86:90:0b:b6:5b:c9:bd:
         ea:f0:cb:ca:3a:ba:69:81:0b:4f:ce:32:80:eb:54:dc:e6:17:
         e5:a8:e8:6d:65:db:53:d0:aa:bc:09:7e:96:4a:99:b8:cc:af:
         3e:c6:6d:95:bb:a6:13:42:5f:f6:b4:31:cd:34:aa:62:a5:3d:
         03:ce:da:b1:74:20:dc:e1:1c:cc:71:08:69:25:d2:e5:4f:df:
         c9:d0:57:cc:f6:4a:1e:54:92:fe:e3:86:31:96:9f:42:c2:97:
         50:c5:84:fa:ba:4c:b8:03:b0:39:f6:26:7b:6b:d0:f5:1c:9c:
         83:2b:31:0c:44:71:2d:f7:c2:13:1f:83:a1:91:7b:9d:09:a5:
         99:b7:7d:76
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzGS2Q05Zp+r4FlnFosdeh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRhNjcxMzViNzM3Y2E5ZDJkZmQ3Yjk3ZmU1OTc4YjhmMzAwZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZimb2mvYB0vU9sBq6ovCaa33i5S
x4h6PpT48xZK0VnxnvGctHbxwMfOl9ZbKEvww+FmYs+TOCrYzJnh66xvzfhLWygy
K6OtNaaafYtGFZMrFDRwgiqplD5X2axcz8Zv0oBipqABDPaYgrZ6kyPECg1Sk2K2
onPaSfLl3j/TWu82+VnfWEy1FgfBOPysXFI3D2veIMGSJs1KM7YoGMI9PLmQv97N
+RMro2dMRkKLi0Cgg4FSdkSuK4TOCdsexWEB72a4uBnZ4B48TxUYt51I9XjOKio/
sZwjZW5p0bhWDGt/SBU5UTvNp6f1+7Ool/9NiadF32O/gUVndGRic+uFDQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFPHaZxNbc3yp0t/XuX/ll4uPMA1rMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1L2EyY2Ni
MS1hNzI4LTRmMDQtOTY0MS1mYzExMmFlNjNlYTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvYTJjY2Ix
LWE3MjgtNGYwNC05NjQxLWZjMTEyYWU2M2VhNC8xLzhkcG5FMXR6ZktuUzM5ZTVm
LVdYaTQ4d0RXcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCU49IAwQCVbj0AwQCuR2YMA0EAgACMAcDBQAq
AKkgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDsRjANBgkqhkiG9w0BAQsFAAOC
AQEArlcZXC30if3tMzkIZgCaVqDQGGnQ6z0vzYMLx6pPaghziaQSB4/2dDkFmGSt
yJZcgygRS9qkpBao6mED3prdyU6VvrD43WSW7uTkx3/3M4CAdJK0P6A/pFmzBxv9
k7Y/NeLksH3l49JHbg3vHCF+JHWzzr+AwCmGkAu2W8m96vDLyjq6aYELT84ygOtU
3OYX5ajobWXbU9CqvAl+lkqZuMyvPsZtlbumE0Jf9rQxzTSqYqU9A87asXQg3OEc
zHEIaSXS5U/fydBXzPZKHlSS/uOGMZafQsKXUMWE+rpMuAOwOfYme2vQ9Rycgysx
DERxLffCEx+DoZF7nQmlmbd9dg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:37:13 2024 by rpki-client on console-fra.rpki-client.org