Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BENJrald9ErVtH5WL_hi5b1DmK0.cer
File:                     BENJrald9ErVtH5WL_hi5b1DmK0.cer (raw, json)
Hash identifier:          kcGtKpqcfmiy3fc6b5Gz+w65LneiOZaEPgnQkx1EJ8o=
Subject key identifier:   04:43:49:AD:A9:5D:F4:4A:D5:B4:7E:56:2F:F8:62:E5:BD:43:98:AD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B677DDAD96FADE2D78670E23FB2B1E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/BENJrald9ErVtH5WL_hi5b1DmK0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:24 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201562
                          IP: 91.237.136.0/23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:77:dd:ad:96:fa:de:2d:78:67:0e:23:fb:2b:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=044349ada95df44ad5b47e562ff862e5bd4398ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:13:6d:de:78:3f:72:92:29:84:35:4b:8b:5b:
                    1c:fa:0b:92:0f:c9:6c:b2:cf:03:2c:91:dc:20:a2:
                    0b:26:76:8b:2d:5f:36:a7:72:34:08:01:a3:ca:25:
                    7c:bc:01:e7:cf:1f:de:18:04:8c:78:b8:49:a5:38:
                    fc:b8:6a:95:be:a7:2f:56:e6:a3:04:29:33:84:19:
                    4c:7c:38:9a:94:a0:bd:55:a3:a3:a7:49:f1:f9:9e:
                    30:3d:f1:eb:3b:4e:a7:92:f8:61:97:0d:47:c6:2f:
                    64:14:f7:f0:0a:be:00:4b:6b:95:b1:aa:a7:7d:5a:
                    63:05:8e:89:a2:9c:7b:71:79:40:43:90:11:b6:87:
                    21:89:20:fc:36:d8:75:66:fa:ec:25:7d:56:de:ec:
                    43:d3:86:94:32:a2:fa:a8:7a:a4:52:4a:a2:2e:21:
                    7b:2b:aa:2e:16:ad:70:81:01:31:e8:2b:e9:0a:29:
                    64:24:2b:19:23:e2:28:2d:ee:5d:ba:91:04:83:00:
                    8b:f5:ee:06:70:1a:36:61:b0:5c:01:3f:74:ed:f4:
                    f8:82:04:4b:8e:d3:23:42:09:bf:23:a1:f8:b4:e4:
                    a2:7e:81:57:e4:96:42:bd:84:3b:c3:aa:8d:34:9a:
                    f2:34:ff:9c:8d:64:0e:b3:82:a2:c0:63:e5:0d:73:
                    98:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:43:49:AD:A9:5D:F4:4A:D5:B4:7E:56:2F:F8:62:E5:BD:43:98:AD
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/BENJrald9ErVtH5WL_hi5b1DmK0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.136.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201562

    Signature Algorithm: sha256WithRSAEncryption
         3b:7a:13:f4:9b:d6:38:ec:35:27:53:bd:10:93:20:98:fe:a0:
         f1:de:07:d4:fd:85:90:43:9f:e3:64:61:cd:25:dc:6d:02:0c:
         e5:99:94:cc:61:9d:21:17:86:af:a5:a2:c7:df:16:cf:be:e6:
         7c:98:35:43:f3:6a:c2:8d:36:60:35:f2:55:96:34:20:89:83:
         3f:14:46:93:f5:a8:99:dd:a4:b1:c8:ec:f9:25:5d:1f:db:a7:
         5c:9c:4a:a5:1b:f1:ba:14:20:a9:1d:a4:21:bd:84:4a:a8:20:
         a0:e2:33:f9:ab:c9:19:4b:3a:a3:9b:c3:70:a2:8e:8d:71:24:
         c4:ca:7d:ae:ca:07:b8:20:fd:f3:c5:41:5d:44:64:17:e0:6b:
         3f:b7:14:7e:1d:1b:1f:e4:0a:05:26:ef:49:c7:6a:64:5e:ab:
         27:9d:98:17:8e:47:1a:38:42:99:da:e5:bc:43:7c:bb:fb:2e:
         39:be:75:93:4f:80:56:f2:34:c4:0d:12:7e:6d:f7:6f:51:45:
         8e:c8:bc:ad:91:53:b6:53:15:db:e8:a7:4d:69:91:62:32:2a:
         b7:38:fb:91:d7:90:67:f1:05:38:ae:0b:76:1d:d6:25:c7:e6:
         92:51:0b:e8:b2:20:05:77:39:ae:52:9e:42:d0:73:7a:99:1c:
         06:8c:cb:25
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDtnfdrZb63i14Zw4j+yseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQzNDlhZGE5NWRmNDRhZDViNDdlNTYyZmY4NjJlNWJkNDM5OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RNt3ng/cpIphDVLi1sc+guSD8ls
ss8DLJHcIKILJnaLLV82p3I0CAGjyiV8vAHnzx/eGASMeLhJpTj8uGqVvqcvVuaj
BCkzhBlMfDialKC9VaOjp0nx+Z4wPfHrO06nkvhhlw1Hxi9kFPfwCr4AS2uVsaqn
fVpjBY6Jopx7cXlAQ5ARtochiSD8Nth1ZvrsJX1W3uxD04aUMqL6qHqkUkqiLiF7
K6ouFq1wgQEx6CvpCilkJCsZI+IoLe5dupEEgwCL9e4GcBo2YbBcAT907fT4ggRL
jtMjQgm/I6H4tOSifoFX5JZCvYQ7w6qNNJryNP+cjWQOs4KiwGPlDXOYCQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFARDSa2pXfRK1bR+Vi/4YuW9Q5itMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzJjNmVm
OC01NDNiLTQ4ODYtODI5ZS00MGEyMGRkMmNmYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMmM2ZWY4
LTU0M2ItNDg4Ni04MjllLTQwYTIwZGQyY2ZiZS8xL0JFTkpyYWxkOUVyVnRINVdM
X2hpNWIxRG1LMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBW+2IMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMTWjANBgkqhkiG9w0BAQsFAAOCAQEAO3oT9JvWOOw1J1O9EJMgmP6g8d4H1P2F
kEOf42RhzSXcbQIM5ZmUzGGdIReGr6Wix98Wz77mfJg1Q/Nqwo02YDXyVZY0IImD
PxRGk/Womd2kscjs+SVdH9unXJxKpRvxuhQgqR2kIb2ESqggoOIz+avJGUs6o5vD
cKKOjXEkxMp9rsoHuCD988VBXURkF+BrP7cUfh0bH+QKBSbvScdqZF6rJ52YF45H
GjhCmdrlvEN8u/suOb51k0+AVvI0xA0Sfm33b1FFjsi8rZFTtlMV2+inTWmRYjIq
tzj7kdeQZ/EFOK4Ldh3WJcfmklEL6LIgBXc5rlKeQtBzepkcBozLJQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:46:22 2024 by rpki-client on console-ams.rpki-client.org