Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AAtPqsebsZaQw69aB4xssUqRrUI.cer
File:                     AAtPqsebsZaQw69aB4xssUqRrUI.cer (raw, json)
Hash identifier:          qmbLGH07chPD8zs3CufOxxAHmuoZyv6HIujyKvd9JKE=
Subject key identifier:   00:0B:4F:AA:C7:9B:B1:96:90:C3:AF:5A:07:8C:6C:B1:4A:91:AD:42
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC726FF3F502F039B887DCF3664783BC2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/51/990bb5-fe42-4985-9caf-a096eecda793/1/AAtPqsebsZaQw69aB4xssUqRrUI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/51/990bb5-fe42-4985-9caf-a096eecda793/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:31:10 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 52054
                          IP: 185.156.192.0/22
                          IP: 2a03:afa0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:ff:3f:50:2f:03:9b:88:7d:cf:36:64:78:3b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:31:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=000b4faac79bb19690c3af5a078c6cb14a91ad42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7b:43:14:6d:c2:b3:5c:02:d6:b5:3e:9d:34:
                    dc:11:08:81:4e:cd:c6:aa:31:fd:84:dd:ad:1b:95:
                    2f:b5:6f:8d:16:8b:5e:c0:5d:52:42:f2:0a:a5:24:
                    7b:06:a2:9b:b1:49:3f:73:05:b5:cf:2f:d9:2a:8a:
                    02:a9:96:4e:5c:2d:e3:88:cb:2c:74:90:cc:d3:3f:
                    b9:28:f4:d3:da:10:79:6a:80:24:5e:61:ed:7a:70:
                    3d:3f:83:81:f9:3b:b4:5b:95:9e:27:65:56:f1:58:
                    86:6b:6c:3c:28:ee:f1:fe:4d:11:ca:8f:95:b7:8e:
                    ff:cf:42:56:a5:a4:53:32:45:f5:68:cf:9f:fc:55:
                    4e:57:f2:1a:3e:c3:9c:c7:0f:c6:0a:4c:42:3b:81:
                    1a:10:18:5f:3c:cd:23:a6:94:dd:90:f1:99:24:82:
                    96:8a:9c:3a:18:e7:42:a7:59:da:19:11:7f:63:b3:
                    bc:b8:a5:29:35:26:62:63:f3:41:e4:27:f7:f4:40:
                    d6:ab:92:e2:44:53:aa:8d:8a:ab:5e:44:5f:ad:a2:
                    e4:aa:a8:14:b0:64:5c:5d:16:0a:9b:7c:0d:47:c7:
                    eb:9b:c9:22:88:f4:d9:8c:d0:96:45:08:cf:f6:d5:
                    87:33:87:8a:2a:9d:b3:ce:7f:7d:65:9b:5d:a2:f1:
                    a0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:0B:4F:AA:C7:9B:B1:96:90:C3:AF:5A:07:8C:6C:B1:4A:91:AD:42
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/990bb5-fe42-4985-9caf-a096eecda793/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/990bb5-fe42-4985-9caf-a096eecda793/1/AAtPqsebsZaQw69aB4xssUqRrUI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.156.192.0/22
                IPv6:
                  2a03:afa0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  52054

    Signature Algorithm: sha256WithRSAEncryption
         83:13:d1:88:19:c9:49:d8:91:f3:21:68:b8:65:86:b9:9a:86:
         21:47:cb:08:2d:0d:6b:9b:52:4a:27:ff:16:d6:43:a2:b5:06:
         f9:91:05:da:2b:9b:82:3b:f0:b4:5a:83:25:1d:89:00:f9:a5:
         f1:d0:2f:b1:d1:7f:91:bf:b5:30:a8:f1:8c:64:23:af:d6:a5:
         fb:e0:a1:be:ed:e2:ea:f9:02:3b:10:53:22:9b:a9:8e:e1:29:
         ec:98:bc:8f:cb:7b:00:13:89:9f:5a:23:51:f4:1b:02:e3:b3:
         51:f0:37:f3:2f:2a:da:ed:6f:40:f1:72:80:e3:db:09:ab:4e:
         2d:e1:7f:52:96:3d:e3:4e:5f:cd:90:c3:e0:11:85:d7:7e:ca:
         cf:e6:c9:3e:f5:0e:8a:fa:3a:fc:53:42:c8:09:08:f8:5c:d9:
         9f:62:01:df:90:fa:b4:5a:59:05:d9:db:90:e3:6a:82:6c:ad:
         eb:e7:b4:7b:92:2a:f7:f3:08:ad:b6:64:c7:ef:36:04:86:a9:
         61:c5:ba:bc:10:b8:19:6d:41:f7:7d:61:c7:c0:5c:81:4d:f2:
         20:f0:c1:75:b2:32:ee:f6:52:95:83:ee:11:df:12:5a:12:6a:
         48:60:8a:3c:43:c5:fd:86:cc:75:0c:e8:62:30:56:52:c0:15:
         74:f3:84:1e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHJv8/UC8Dm4h9zzZkeDvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBiNGZhYWM3OWJiMTk2OTBjM2FmNWEwNzhjNmNiMTRhOTFhZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3tDFG3Cs1wC1rU+nTTcEQiBTs3G
qjH9hN2tG5UvtW+NFotewF1SQvIKpSR7BqKbsUk/cwW1zy/ZKooCqZZOXC3jiMss
dJDM0z+5KPTT2hB5aoAkXmHtenA9P4OB+Tu0W5WeJ2VW8ViGa2w8KO7x/k0Ryo+V
t47/z0JWpaRTMkX1aM+f/FVOV/IaPsOcxw/GCkxCO4EaEBhfPM0jppTdkPGZJIKW
ipw6GOdCp1naGRF/Y7O8uKUpNSZiY/NB5Cf39EDWq5LiRFOqjYqrXkRfraLkqqgU
sGRcXRYKm3wNR8frm8kiiPTZjNCWRQjP9tWHM4eKKp2zzn99ZZtdovGgYQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAALT6rHm7GWkMOvWgeMbLFKka1CMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxLzk5MGJi
NS1mZTQyLTQ5ODUtOWNhZi1hMDk2ZWVjZGE3OTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvOTkwYmI1
LWZlNDItNDk4NS05Y2FmLWEwOTZlZWNkYTc5My8xL0FBdFBxc2Vic1phUXc2OWFC
NHhzc1VxUnJVSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZzAMA0EAgACMAcDBQAqA6+gMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDLVjANBgkqhkiG9w0BAQsFAAOCAQEAgxPRiBnJSdiR
8yFouGWGuZqGIUfLCC0Na5tSSif/FtZDorUG+ZEF2iubgjvwtFqDJR2JAPml8dAv
sdF/kb+1MKjxjGQjr9al++Chvu3i6vkCOxBTIpupjuEp7Ji8j8t7ABOJn1ojUfQb
AuOzUfA38y8q2u1vQPFygOPbCatOLeF/UpY9405fzZDD4BGF137Kz+bJPvUOivo6
/FNCyAkI+FzZn2IB35D6tFpZBdnbkONqgmyt6+e0e5Iq9/MIrbZkx+82BIapYcW6
vBC4GW1B931hx8BcgU3yIPDBdbIy7vZSlYPuEd8SWhJqSGCKPEPF/YbMdQzoYjBW
UsAVdPOEHg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 14:31:07 2024 by rpki-client on console-ams.rpki-client.org