Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer
File:                     AEcY56Jj6-RedwZzkkHsbWrljnQ.cer (raw, json)
Hash identifier:          fR+0zbL1kMM1n/lqyNFCF2VDwIScF8o4Ubdw7fEP7h4=
Subject key identifier:   00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC870F514B8C22D852C0ED5FF1EF1BEC2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:31:35 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 196860
                          IP: 193.107.200.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:f5:14:b8:c2:2d:85:2c:0e:d5:ff:1e:f1:be:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:31:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=004718e7a263ebe45e7706739241ec6d6ae58e74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:65:2a:7b:22:4d:14:68:9d:cf:71:ae:02:61:
                    f1:cf:44:21:67:a0:16:8f:98:0d:a1:c4:47:47:da:
                    58:99:c9:53:f9:f4:69:af:fa:9a:4f:0e:84:3d:ce:
                    09:2d:81:20:e5:6a:14:60:b5:bb:68:54:09:aa:45:
                    f7:7c:42:ad:df:7f:79:6c:33:8d:76:e0:dc:b9:7d:
                    ef:77:5c:38:85:ac:3e:8b:31:98:90:0c:2d:49:db:
                    ae:fb:b0:54:fa:03:e2:bf:57:3f:71:99:a4:95:26:
                    35:00:89:d4:2d:fc:4d:be:35:ea:d7:1b:a8:69:4f:
                    80:23:ec:88:d5:c6:34:de:19:33:94:79:91:76:55:
                    4a:b0:f5:df:7c:f4:98:2f:30:b9:a1:b0:5f:56:94:
                    27:02:9b:36:c6:f9:60:2b:15:59:3c:b1:1c:8c:d1:
                    e0:c5:5a:ed:a9:4f:33:6c:61:99:c7:9d:c9:39:f2:
                    06:4e:3a:72:b3:fa:6f:07:4a:db:14:ce:48:6f:88:
                    9d:f0:8c:f5:03:ae:93:2a:9b:9d:bd:3e:72:4d:24:
                    a5:62:01:7e:3f:7a:a9:bd:7c:22:7a:e9:de:84:e3:
                    9f:d5:54:6b:89:c3:62:6f:25:e0:21:8d:41:da:bb:
                    26:be:b5:61:9a:3c:64:18:5f:12:aa:48:00:0d:62:
                    71:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.200.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  196860

    Signature Algorithm: sha256WithRSAEncryption
         aa:61:05:d3:c0:be:d4:81:45:d6:9e:50:ea:f5:8f:d5:9a:67:
         dd:b3:ef:4a:9e:0e:ae:2c:ee:f6:ac:9b:5c:40:7d:13:b8:c9:
         7b:e1:b6:da:58:1f:ff:97:9b:2e:36:4c:55:9f:8d:0d:81:a8:
         ee:33:ea:06:6a:00:dd:0c:e5:61:7e:2a:ae:2c:04:fe:aa:27:
         ed:6a:f4:26:ff:c3:24:93:18:78:c7:be:2a:37:fd:34:06:fe:
         e1:64:c5:14:29:97:07:45:c7:61:0c:dd:fa:75:93:12:e9:ac:
         0a:70:88:b7:db:d5:00:59:fd:bc:b8:05:39:81:31:c9:dc:02:
         43:5e:a7:5e:a6:c8:fa:f3:c5:71:0b:38:e5:97:94:d2:0e:03:
         82:0c:7a:6d:0e:24:a3:02:16:28:6e:b5:4c:79:86:c3:67:ea:
         07:03:ec:8d:c5:bf:7a:83:92:ae:7e:e9:3a:d0:16:e5:23:2c:
         6c:c8:48:20:58:a3:0c:ed:cb:95:da:cf:0c:d2:98:ba:0d:67:
         29:b5:45:39:97:aa:1b:4e:57:6a:3e:4d:db:10:fe:eb:08:74:
         58:ec:01:dd:c9:42:e4:51:48:1a:d7:c8:ed:a5:8d:f0:9a:96:
         88:ed:c8:cc:89:72:23:87:f9:5d:bc:fc:80:8c:fe:50:61:4a:
         5f:41:88:2f
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzIcPUUuMIthSwO1f8e8b7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQ3MThlN2EyNjNlYmU0NWU3NzA2NzM5MjQxZWM2ZDZhZTU4ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmUqeyJNFGidz3GuAmHxz0QhZ6AW
j5gNocRHR9pYmclT+fRpr/qaTw6EPc4JLYEg5WoUYLW7aFQJqkX3fEKt3395bDON
duDcuX3vd1w4haw+izGYkAwtSduu+7BU+gPiv1c/cZmklSY1AInULfxNvjXq1xuo
aU+AI+yI1cY03hkzlHmRdlVKsPXffPSYLzC5obBfVpQnAps2xvlgKxVZPLEcjNHg
xVrtqU8zbGGZx53JOfIGTjpys/pvB0rbFM5Ib4id8Iz1A66TKpudvT5yTSSlYgF+
P3qpvXwieunehOOf1VRricNibyXgIY1B2rsmvrVhmjxkGF8SqkgADWJx/QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFABHGOeiY+vkXncGc5JB7G1q5Y50MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzNlZWNm
OC1lYjA0LTQxY2UtYTlmNi0zYTkxYTYxM2E0MDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvM2VlY2Y4
LWViMDQtNDFjZS1hOWY2LTNhOTFhNjEzYTQwNy8xL0FFY1k1NkpqNi1SZWR3Wnpr
a0hzYldybGpuUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCwWvIMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMA/DANBgkqhkiG9w0BAQsFAAOCAQEAqmEF08C+1IFF1p5Q6vWP1Zpn3bPvSp4O
rizu9qybXEB9E7jJe+G22lgf/5ebLjZMVZ+NDYGo7jPqBmoA3QzlYX4qriwE/qon
7Wr0Jv/DJJMYeMe+Kjf9NAb+4WTFFCmXB0XHYQzd+nWTEumsCnCIt9vVAFn9vLgF
OYExydwCQ16nXqbI+vPFcQs45ZeU0g4Dggx6bQ4kowIWKG61THmGw2fqBwPsjcW/
eoOSrn7pOtAW5SMsbMhIIFijDO3LldrPDNKYug1nKbVFOZeqG05Xaj5N2xD+6wh0
WOwB3clC5FFIGtfI7aWN8JqWiO3IzIlyI4f5Xbz8gIz+UGFKX0GILw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:11:57 2024 by rpki-client on console-ams.rpki-client.org