Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/B6B4R98MIWSYj-DuOeTdB9hZgKo.cer
File:                     B6B4R98MIWSYj-DuOeTdB9hZgKo.cer (raw, json)
Hash identifier:          BU3R4tOZNh3ywc78QK/stUVlk247paDxyhO3LGOfhUs=
Subject key identifier:   07:A0:78:47:DF:0C:21:64:98:8F:E0:EE:39:E4:DD:07:D8:59:80:AA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01908E6D941F83913BD60C6E8FBFF7CF95F7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.mft
caRepository:             rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/
Notify URL:               https://rpki.as207960.net/rrdp/notification.xml
Certificate not before:   Sun 07 Jul 2024 18:21:04 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 202076
                          IP: 185.0.2.0/24
                          IP: 2001:7f8:137::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:8e:6d:94:1f:83:91:3b:d6:0c:6e:8f:bf:f7:cf:95:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul  7 18:21:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07a07847df0c2164988fe0ee39e4dd07d85980aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:40:e1:fc:79:23:36:06:be:66:e0:78:ae:88:
                    90:15:95:27:f7:11:26:d8:6c:59:78:8d:c7:ba:dc:
                    66:d5:f6:dd:91:b5:46:2b:9b:c4:8e:54:7f:32:c5:
                    f7:74:6d:13:45:e2:e7:a2:4e:cc:31:56:73:c1:c4:
                    5c:00:97:77:53:1f:f8:42:be:f4:8e:c9:71:ad:cf:
                    ab:3c:73:a5:20:14:68:e3:80:a0:69:3c:b6:e0:59:
                    4e:c5:02:ba:62:8f:e0:5f:1c:14:58:0d:a2:db:7c:
                    57:89:0f:04:f5:24:1e:e2:4d:12:d4:7a:95:be:68:
                    43:b2:21:b6:f2:57:d0:16:3b:2d:4c:93:03:30:51:
                    61:ca:81:71:b1:99:ee:cd:19:bb:f1:4d:69:84:af:
                    c7:33:82:4c:57:16:e5:15:c4:8c:a5:64:16:10:5f:
                    b7:89:70:9d:31:3b:9c:c1:7c:fd:e4:d4:63:4c:d1:
                    6f:03:4d:4d:51:d4:36:e8:95:98:7a:37:70:fb:b9:
                    f1:5e:55:ab:b8:ff:af:94:51:9b:7d:82:f1:81:c8:
                    7b:cc:64:a0:63:f4:ea:c4:4a:46:7d:04:e5:1e:19:
                    31:6a:07:a1:b3:9f:64:1a:5e:8f:97:6e:04:85:f6:
                    e4:bf:cf:40:9e:2c:06:be:d4:8d:21:26:3e:5f:ef:
                    40:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A0:78:47:DF:0C:21:64:98:8F:E0:EE:39:E4:DD:07:D8:59:80:AA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/
                RPKI Manifest - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.mft
                RPKI Notify - URI:https://rpki.as207960.net/rrdp/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.0.2.0/24
                IPv6:
                  2001:7f8:137::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202076

    Signature Algorithm: sha256WithRSAEncryption
         2a:bb:3d:89:ee:66:61:e6:bd:a6:a0:6d:dd:8c:76:bf:6e:58:
         46:6d:c7:47:ef:6c:ef:a0:72:73:e0:ab:58:2f:ef:7a:f9:df:
         f8:b5:93:97:cc:5f:11:b9:2c:55:01:25:03:79:58:d5:41:2b:
         7d:15:25:02:5b:f2:f6:01:f9:67:a1:05:1d:b0:c9:4c:40:55:
         6b:d6:32:99:4e:0a:11:1d:a9:46:f5:80:7e:cf:34:22:78:13:
         ff:93:e4:0d:50:98:fa:6d:97:17:e8:0b:1f:8d:da:a5:53:67:
         32:5c:2b:fd:bc:dc:cd:62:a9:7b:5e:04:a2:7d:fd:7c:b6:69:
         45:3f:bc:ec:29:c5:0c:a2:ca:a1:57:af:c0:f7:81:86:ea:35:
         d0:8a:b7:ac:81:cf:5e:1d:18:d9:54:ba:6c:e8:da:11:c6:22:
         e7:7b:63:f8:28:70:52:e4:c5:70:f1:9a:62:5b:1b:2e:ce:be:
         f8:d9:0c:52:13:ca:70:8f:80:66:86:87:77:4e:98:d7:b3:01:
         36:84:d0:97:58:06:67:a9:24:33:ad:2a:f4:8b:d7:de:a0:a1:
         6f:8d:1d:87:db:f9:3f:17:80:61:cd:fc:d3:82:7c:c7:4b:8a:
         89:de:7c:55:d2:73:40:18:80:8c:c0:5c:2c:51:92:7b:21:36:
         4f:b9:5c:4a
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZCObZQfg5E71gxuj7/3z5X3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNzA3MTgyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2EwNzg0N2RmMGMyMTY0OTg4ZmUwZWUzOWU0ZGQwN2Q4NTk4MGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokDh/HkjNga+ZuB4roiQFZUn9xEm
2GxZeI3Hutxm1fbdkbVGK5vEjlR/MsX3dG0TReLnok7MMVZzwcRcAJd3Ux/4Qr70
jslxrc+rPHOlIBRo44CgaTy24FlOxQK6Yo/gXxwUWA2i23xXiQ8E9SQe4k0S1HqV
vmhDsiG28lfQFjstTJMDMFFhyoFxsZnuzRm78U1phK/HM4JMVxblFcSMpWQWEF+3
iXCdMTucwXz95NRjTNFvA01NUdQ26JWYejdw+7nxXlWruP+vlFGbfYLxgch7zGSg
Y/TqxEpGfQTlHhkxagehs59kGl6Pl24Ehfbkv89AniwGvtSNISY+X+9APQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFAegeEffDCFkmI/g7jnk3QfYWYCqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE2BggrBgEFBQcBCwSCASgwggEkMFsGCCsGAQUFBzAFhk9y
c3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQvcmVwby9ycGtpX2NhX2IzZGE1
Nzg1ZjBjODQxYWM4ZGQ4MTViNzM1NDYyM2RmLzEvMIGHBggrBgEFBQcwCoZ7cnN5
bmM6Ly9ycGtpLXJlcG8uYXMyMDc5NjAubmV0L3JlcG8vcnBraV9jYV9iM2RhNTc4
NWYwYzg0MWFjOGRkODE1YjczNTQ2MjNkZi8xLzA3QTA3ODQ3REYwQzIxNjQ5ODhG
RTBFRTM5RTRERDA3RDg1OTgwQUEubWZ0MDsGCCsGAQUFBzANhi9odHRwczovL3Jw
a2kuYXMyMDc5NjAubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQ
ME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkAAjAPBAIA
AjAJAwcAIAEH+AE3MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMVXDANBgkqhkiG
9w0BAQsFAAOCAQEAKrs9ie5mYea9pqBt3Yx2v25YRm3HR+9s76Byc+CrWC/vevnf
+LWTl8xfEbksVQElA3lY1UErfRUlAlvy9gH5Z6EFHbDJTEBVa9YymU4KER2pRvWA
fs80IngT/5PkDVCY+m2XF+gLH43apVNnMlwr/bzczWKpe14Eon39fLZpRT+87CnF
DKLKoVevwPeBhuo10Iq3rIHPXh0Y2VS6bOjaEcYi53tj+ChwUuTFcPGaYlsbLs6+
+NkMUhPKcI+AZoaHd06Y17MBNoTQl1gGZ6kkM60q9IvX3qChb40dh9v5PxeAYc38
04J8x0uKid58VdJzQBiAjMBcLFGSeyE2T7lcSg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:48:30 2024 by rpki-client on console-fra.rpki-client.org