Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9X3FmWyBeMDeLqIEme696t5AI-s.cer
File:                     9X3FmWyBeMDeLqIEme696t5AI-s.cer (raw, json)
Hash identifier:          0cx+JsiB+xrmNL+POb0JVvFh5AP2/dLn51PyhkG3WNA=
Subject key identifier:   F5:7D:C5:99:6C:81:78:C0:DE:2E:A2:04:99:EE:BD:EA:DE:40:23:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86FD111AE6E9719542ECEEF439D5D27
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/9X3FmWyBeMDeLqIEme696t5AI-s.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:30:20 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 59755
                          IP: 185.71.8.0/22
                          IP: 2a03:37a0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:d1:11:ae:6e:97:19:54:2e:ce:ef:43:9d:5d:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:30:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f57dc5996c8178c0de2ea20499eebdeade4023eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:aa:7d:96:a2:78:38:0b:ec:29:35:fd:e8:5f:
                    bd:bb:7e:ce:4c:fc:9a:5d:da:fd:26:3a:04:e9:1e:
                    02:41:97:48:c8:a4:c7:c1:3b:88:44:ce:73:9c:79:
                    ee:de:a4:0e:ce:bd:1b:b1:df:f1:b6:9d:48:fd:c3:
                    a4:3a:e2:63:93:33:1a:b6:89:72:38:50:32:11:51:
                    e2:b8:f5:08:23:3b:3e:ba:6f:3b:22:9d:11:a3:fa:
                    98:cf:67:75:79:0f:20:70:23:d0:a0:71:08:58:18:
                    8d:f4:e8:6c:17:a9:6b:f8:f3:64:be:3e:dd:0d:1f:
                    bc:0e:b5:ae:7f:a7:a6:dd:e8:8a:12:da:40:98:87:
                    56:d0:86:32:5f:04:de:b9:b3:48:31:2d:e0:33:90:
                    23:f9:55:27:11:e3:a5:77:b3:a9:a5:a8:ae:97:af:
                    fa:9d:c2:d0:ef:02:cc:47:5c:08:43:af:9d:4b:bb:
                    36:af:5c:74:77:f4:a0:7d:54:4c:79:77:c0:b8:f0:
                    52:15:89:d7:fc:0b:46:0d:14:b0:20:b1:fa:f7:ff:
                    95:f5:00:80:85:81:a1:f6:4b:1a:51:76:de:61:12:
                    fa:b9:37:df:8c:5e:76:a0:19:88:9c:6c:29:fe:49:
                    3d:b5:7c:b9:5d:41:53:65:2c:4d:13:c3:fb:2e:db:
                    a9:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:7D:C5:99:6C:81:78:C0:DE:2E:A2:04:99:EE:BD:EA:DE:40:23:EB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/9X3FmWyBeMDeLqIEme696t5AI-s.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.8.0/22
                IPv6:
                  2a03:37a0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59755

    Signature Algorithm: sha256WithRSAEncryption
         38:2d:9e:8a:91:a6:8b:d4:7b:19:ba:15:d4:a5:5d:c5:49:42:
         e1:ba:a1:f0:89:71:06:96:a7:6d:e5:9f:d2:08:45:92:bc:23:
         de:48:24:26:4d:30:f4:33:da:52:b7:8a:b7:a9:b7:fa:a0:8b:
         65:13:2d:a8:0c:30:d9:d9:bd:28:6d:13:f4:cd:12:94:0d:35:
         b3:19:0e:fb:74:8d:34:3f:c3:9d:bc:04:64:f1:06:02:f7:66:
         fd:1e:e8:3c:7c:c5:20:0c:7d:cb:2f:c5:0a:e7:b5:fd:d0:af:
         0a:85:9f:f3:15:78:ab:ce:2f:44:19:4c:45:01:71:bb:cc:30:
         a8:80:7a:b7:2d:c2:5f:a0:40:58:7f:5b:1c:23:d9:40:fa:dd:
         37:58:ac:e8:47:de:7b:b4:24:f0:b1:2c:33:d8:a3:d2:84:18:
         09:b3:47:b5:26:f8:19:59:4e:17:dc:39:71:a6:15:28:d8:1e:
         68:07:dc:1d:85:47:7e:96:05:56:23:44:59:9d:29:a5:d2:97:
         73:21:3c:c4:fb:b6:c8:43:5a:7c:cd:dd:69:4c:6e:be:90:12:
         5b:e0:79:9a:98:61:43:6d:fe:13:ff:4e:96:b6:01:a9:a0:42:
         d7:04:65:02:47:1c:75:77:42:24:b3:6f:ab:7e:d6:fd:3f:9e:
         34:44:a9:b1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIb9ERrm6XGVQuzu9DnV0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTdkYzU5OTZjODE3OGMwZGUyZWEyMDQ5OWVlYmRlYWRlNDAyM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoap9lqJ4OAvsKTX96F+9u37OTPya
Xdr9JjoE6R4CQZdIyKTHwTuIRM5znHnu3qQOzr0bsd/xtp1I/cOkOuJjkzMatoly
OFAyEVHiuPUIIzs+um87Ip0Ro/qYz2d1eQ8gcCPQoHEIWBiN9OhsF6lr+PNkvj7d
DR+8DrWuf6em3eiKEtpAmIdW0IYyXwTeubNIMS3gM5Aj+VUnEeOld7Oppaiul6/6
ncLQ7wLMR1wIQ6+dS7s2r1x0d/SgfVRMeXfAuPBSFYnX/AtGDRSwILH69/+V9QCA
hYGh9ksaUXbeYRL6uTffjF52oBmInGwp/kk9tXy5XUFTZSxNE8P7LtupTQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPV9xZlsgXjA3i6iBJnuvereQCPrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgzLzY3ZTNh
Yy1jMzMyLTRkMTMtODNlZi1jN2IxMGQ1MDVjZmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMvNjdlM2Fj
LWMzMzItNGQxMy04M2VmLWM3YjEwZDUwNWNmZS8xLzlYM0ZtV3lCZU1EZUxxSUVt
ZTY5NnQ1QUktcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuUcIMA0EAgACMAcDBQAqAzegMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDpazANBgkqhkiG9w0BAQsFAAOCAQEAOC2eipGmi9R7
GboV1KVdxUlC4bqh8IlxBpanbeWf0ghFkrwj3kgkJk0w9DPaUreKt6m3+qCLZRMt
qAww2dm9KG0T9M0SlA01sxkO+3SNND/DnbwEZPEGAvdm/R7oPHzFIAx9yy/FCue1
/dCvCoWf8xV4q84vRBlMRQFxu8wwqIB6ty3CX6BAWH9bHCPZQPrdN1is6Efee7Qk
8LEsM9ij0oQYCbNHtSb4GVlOF9w5caYVKNgeaAfcHYVHfpYFViNEWZ0ppdKXcyE8
xPu2yENafM3daUxuvpASW+B5mphhQ23+E/9OlrYBqaBC1wRlAkccdXdCJLNvq37W
/T+eNESpsQ==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:01:03 2024 by rpki-client on console-fra.rpki-client.org