Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AUjSyoorQ7bK0lsiJlNU_jA5EaA.cer
File:                     AUjSyoorQ7bK0lsiJlNU_jA5EaA.cer (raw, json)
Hash identifier:          DjrtQH+1K2TizORXImPtwREd8slk6/CYWYTSgfBqt4Q=
Subject key identifier:   01:48:D2:CA:8A:2B:43:B6:CA:D2:5B:22:26:53:54:FE:30:39:11:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D0F9D0CAF72273C431A27E9FFB28F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/AUjSyoorQ7bK0lsiJlNU_jA5EaA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 28924
                          IP: 193.178.119.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:0f:9d:0c:af:72:27:3c:43:1a:27:e9:ff:b2:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0148d2ca8a2b43b6cad25b22265354fe303911a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:67:f9:24:41:6d:0f:06:57:bd:e6:e3:a2:40:
                    62:59:bd:db:e2:0a:fa:42:70:2c:e2:e8:73:13:eb:
                    dd:fa:de:bd:e6:dd:f9:77:6f:f0:8e:be:43:b7:8c:
                    55:5a:01:65:86:45:f2:00:69:14:83:d8:10:43:f4:
                    4d:9d:92:16:49:bf:91:df:14:9d:ad:df:42:c4:f5:
                    20:e4:59:f3:18:ab:94:7b:7f:9f:ea:38:52:70:2e:
                    01:b2:e2:08:23:83:5c:62:6f:88:93:c9:50:51:3d:
                    b5:c4:9c:67:70:a8:05:e2:bf:89:fc:ca:20:80:48:
                    a0:fb:2b:3f:33:90:f6:cd:e0:37:9d:30:cb:17:8f:
                    5a:a1:51:df:f4:cb:9f:ce:dc:af:1f:18:04:46:3a:
                    41:ba:35:56:51:97:6a:3f:ad:38:5b:f8:70:de:2d:
                    ea:29:e3:f5:b2:08:2b:20:c1:ce:5e:63:47:b1:ff:
                    cd:6b:1e:0e:d9:97:70:3b:e1:07:f7:11:9e:13:00:
                    14:b8:e4:b1:ff:0a:bc:be:97:3a:83:12:02:01:a3:
                    39:b5:50:db:72:06:87:3a:40:96:0f:dc:b6:df:e3:
                    9a:96:9b:70:77:ce:53:bf:a3:9e:0d:19:dd:e3:5f:
                    54:51:42:a2:63:aa:ad:8f:26:bb:f1:b5:70:f0:08:
                    b6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:48:D2:CA:8A:2B:43:B6:CA:D2:5B:22:26:53:54:FE:30:39:11:A0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/AUjSyoorQ7bK0lsiJlNU_jA5EaA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.119.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  28924

    Signature Algorithm: sha256WithRSAEncryption
         6d:86:55:2f:28:a1:ff:c8:92:9e:b2:e2:01:ac:27:a2:a0:8e:
         2e:29:b5:e4:9d:f9:e2:d1:c0:5b:dd:2e:e9:53:05:da:8c:13:
         86:11:0f:b0:cf:33:ba:c6:ee:78:de:f3:24:eb:5e:37:24:08:
         36:84:98:00:89:eb:9e:07:13:0c:52:d6:04:13:c9:27:97:12:
         91:58:14:80:b4:63:b2:65:db:a2:95:e0:3e:d3:b2:68:db:19:
         9c:3d:33:1a:02:fe:72:2e:16:30:49:51:ac:01:d9:6b:a0:15:
         b2:a6:90:1f:ef:a5:84:38:c5:1e:9e:cd:b8:1a:d8:b5:a1:9d:
         c8:f5:86:4d:5b:c6:01:5e:9d:6f:9b:d5:c5:20:3d:ec:8a:f9:
         a7:95:de:87:c8:a2:fc:2f:1b:30:87:d6:9e:fe:d2:3f:ab:64:
         11:9a:62:59:f2:2d:e3:4e:db:7c:32:90:a1:89:b8:6c:d3:29:
         91:75:d8:c1:e2:52:4a:a1:01:20:aa:9d:bf:f7:13:29:fa:7d:
         a4:02:ec:7a:6d:b7:ec:22:67:fb:dd:bb:62:7d:90:3a:58:fd:
         b6:2e:70:c7:6d:72:c9:7b:01:94:4b:9d:97:c7:91:c5:9f:49:
         d7:91:ed:cc:2b:f5:e1:db:19:89:78:3b:6f:de:f8:73:d8:fc:
         1e:42:69:ef
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzCbQ+dDK9yJzxDGifp/7KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQ4ZDJjYThhMmI0M2I2Y2FkMjViMjIyNjUzNTRmZTMwMzkxMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mf5JEFtDwZXvebjokBiWb3b4gr6
QnAs4uhzE+vd+t695t35d2/wjr5Dt4xVWgFlhkXyAGkUg9gQQ/RNnZIWSb+R3xSd
rd9CxPUg5FnzGKuUe3+f6jhScC4BsuIII4NcYm+Ik8lQUT21xJxncKgF4r+J/Mog
gEig+ys/M5D2zeA3nTDLF49aoVHf9MufztyvHxgERjpBujVWUZdqP604W/hw3i3q
KeP1sggrIMHOXmNHsf/Nax4O2ZdwO+EH9xGeEwAUuOSx/wq8vpc6gxICAaM5tVDb
cgaHOkCWD9y23+Oalptwd85Tv6OeDRnd419UUUKiY6qtjya78bVw8Ai2AQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFAFI0sqKK0O2ytJbIiZTVP4wORGgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3LzFiNzhj
ZC1kMDA1LTQ5MmMtOTE2Ny0xYmY4NjhhMDM1MzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMWI3OGNk
LWQwMDUtNDkyYy05MTY3LTFiZjg2OGEwMzUzOC8xL0FValN5b29yUTdiSzBsc2lK
bE5VX2pBNUVhQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwbJ3MBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AnD8MA0GCSqGSIb3DQEBCwUAA4IBAQBthlUvKKH/yJKesuIBrCeioI4uKbXknfni
0cBb3S7pUwXajBOGEQ+wzzO6xu543vMk6143JAg2hJgAieueBxMMUtYEE8knlxKR
WBSAtGOyZduileA+07Jo2xmcPTMaAv5yLhYwSVGsAdlroBWyppAf76WEOMUens24
Gti1oZ3I9YZNW8YBXp1vm9XFID3sivmnld6HyKL8Lxswh9ae/tI/q2QRmmJZ8i3j
Ttt8MpChibhs0ymRddjB4lJKoQEgqp2/9xMp+n2kAux6bbfsImf73btifZA6WP22
LnDHbXLJewGUS52Xx5HFn0nXke3MK/Xh2xmJeDtv3vhz2PweQmnv
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:35:19 2024 by rpki-client on console-fra.rpki-client.org