Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
File:                     BZ9RaALCYTCaYQSHcubq_VhnqZA.cer (raw, json)
Hash identifier:          L7EdM+QkiMIDI+gLP134InbZgPyAbib5MKYL6XL7s5s=
Subject key identifier:   05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC7935FF05FE801CCEB8060ED69DDF133
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:29:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 209865
                          IP: 213.184.76.0/22
                          IP: 2a0c:f80::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:5f:f0:5f:e8:01:cc:eb:80:60:ed:69:dd:f1:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=059f516802c261309a61048772e6eafd5867a990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e2:d7:2d:02:c1:8b:eb:99:a3:e1:ea:5a:56:
                    9d:16:c2:e6:96:1f:22:32:79:0e:5c:81:e2:74:1f:
                    1f:f9:3f:07:23:28:fc:04:ae:f7:4e:bb:b7:d2:1d:
                    14:6c:2f:bd:6a:6e:28:be:36:ec:f4:9f:f4:e8:3d:
                    78:e3:f4:85:a7:1e:b2:c6:0b:ee:c4:f0:31:36:28:
                    03:b8:f2:c8:7c:58:a2:85:c7:20:c1:7d:21:9f:96:
                    b2:39:88:70:87:b9:2f:a5:1a:f5:ac:1a:eb:fc:e2:
                    28:31:1a:d2:85:0d:2a:7f:c4:24:45:1f:82:ed:0e:
                    35:1a:0d:f9:3e:e1:88:3e:53:b1:e3:ec:4d:13:af:
                    92:12:88:6a:ce:f0:dc:cf:61:64:c6:35:15:f9:6d:
                    97:ca:0d:15:b5:1a:73:fa:8b:c3:28:0d:35:28:a1:
                    68:dc:2e:6a:e3:b8:79:16:7d:3a:ac:6c:53:a8:f3:
                    e2:c8:63:73:b8:88:9a:c6:71:4b:6b:bf:c5:b2:fc:
                    43:bb:d2:01:e1:0c:cb:3c:31:10:8f:0b:cf:28:95:
                    17:d6:1d:a2:c4:7b:a7:24:8d:5d:c9:60:81:04:60:
                    6a:8d:a7:5d:1a:0f:6e:cb:f0:3f:a3:36:e2:b7:c0:
                    08:91:0e:0a:73:32:3a:c6:26:9d:15:ed:96:7b:b1:
                    ee:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.184.76.0/22
                IPv6:
                  2a0c:f80::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209865

    Signature Algorithm: sha256WithRSAEncryption
         8c:ab:08:bf:47:df:2c:b3:08:26:0d:5f:fe:99:7c:a7:35:e4:
         99:a0:f0:7d:72:45:0d:2a:a3:f9:c1:9b:b3:3c:a2:43:ea:e2:
         04:a4:6c:be:6f:44:ac:4a:52:d7:e9:26:24:32:36:6f:ee:f9:
         d6:70:9d:15:26:8f:a2:61:93:f5:40:14:54:f4:10:06:8f:4a:
         5f:2f:72:68:f0:9e:1d:3b:e7:ac:f5:78:1a:bf:1d:2b:49:53:
         d9:ce:2f:5b:5e:f0:83:69:b1:c1:15:f0:7c:d6:ef:4a:cf:d8:
         90:64:76:d9:74:bd:92:f4:28:4a:5b:00:3a:5e:68:f5:88:85:
         63:cb:6f:2a:3a:08:cb:5d:c2:d6:17:d5:9f:c3:f9:6a:9a:65:
         2d:7f:93:2a:84:2e:5e:c3:c0:91:5b:e7:0b:65:67:58:11:9b:
         ef:47:a3:e8:60:1b:ea:08:ab:c8:e7:ec:b8:41:36:9c:83:f9:
         e6:f8:68:cf:b3:29:76:d7:fd:93:20:c3:f4:f7:02:be:ec:8a:
         e0:92:27:5f:c7:54:40:5e:0f:cc:a7:58:4e:28:5a:14:ed:19:
         47:ed:15:03:b0:88:b8:34:c0:7e:54:2d:2f:a3:21:b3:c1:10:
         7b:19:53:6b:19:4f:9e:b4:4f:10:4e:4a:2c:a9:d7:eb:9e:db:
         4f:08:4e:96
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHk1/wX+gBzOuAYO1p3fEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTlmNTE2ODAyYzI2MTMwOWE2MTA0ODc3MmU2ZWFmZDU4NjdhOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueLXLQLBi+uZo+HqWladFsLmlh8i
MnkOXIHidB8f+T8HIyj8BK73Tru30h0UbC+9am4ovjbs9J/06D144/SFpx6yxgvu
xPAxNigDuPLIfFiihccgwX0hn5ayOYhwh7kvpRr1rBrr/OIoMRrShQ0qf8QkRR+C
7Q41Gg35PuGIPlOx4+xNE6+SEohqzvDcz2FkxjUV+W2Xyg0VtRpz+ovDKA01KKFo
3C5q47h5Fn06rGxTqPPiyGNzuIiaxnFLa7/FsvxDu9IB4QzLPDEQjwvPKJUX1h2i
xHunJI1dyWCBBGBqjaddGg9uy/A/ozbit8AIkQ4KczI6xiadFe2We7HuZQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjLzQwODdj
Zi03MWU5LTQyY2EtOGMzNS05NTFiMTk4NTY3MWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvNDA4N2Nm
LTcxZTktNDJjYS04YzM1LTk1MWIxOTg1NjcxYy8xL0JaOVJhQUxDWVRDYVlRU0hj
dWJxX1ZobnFaQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQC1bhMMA0EAgACMAcDBQMqDA+AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMzyTANBgkqhkiG9w0BAQsFAAOCAQEAjKsIv0ffLLMI
Jg1f/pl8pzXkmaDwfXJFDSqj+cGbszyiQ+riBKRsvm9ErEpS1+kmJDI2b+751nCd
FSaPomGT9UAUVPQQBo9KXy9yaPCeHTvnrPV4Gr8dK0lT2c4vW17wg2mxwRXwfNbv
Ss/YkGR22XS9kvQoSlsAOl5o9YiFY8tvKjoIy13C1hfVn8P5applLX+TKoQuXsPA
kVvnC2VnWBGb70ej6GAb6giryOfsuEE2nIP55vhoz7Mpdtf9kyDD9PcCvuyK4JIn
X8dUQF4PzKdYTihaFO0ZR+0VA7CIuDTAflQtL6Mhs8EQexlTaxlPnrRPEE5KLKnX
657bTwhOlg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:43:40 2024 by rpki-client on console-ams.rpki-client.org