Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BgOecctxUgSoPMJTgi3CmmLHmeY.cer
File:                     BgOecctxUgSoPMJTgi3CmmLHmeY.cer (raw, json)
Hash identifier:          nrRP+e8DUoBxzkNK/YmVngMAcgOhEf2jLaJZyWCoXto=
Subject key identifier:   06:03:9E:71:CB:71:52:04:A8:3C:C2:53:82:2D:C2:9A:62:C7:99:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC349327F99C09CC2A9979EB94537D948
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:30:03 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 197120
                          IP: 193.160.228.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:32:7f:99:c0:9c:c2:a9:97:9e:b9:45:37:d9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=06039e71cb715204a83cc253822dc29a62c799e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cb:25:74:f8:26:e9:28:db:bc:0d:72:ec:29:
                    0a:b4:a4:e7:07:13:e2:3b:d8:a8:4e:73:62:1f:9f:
                    84:83:66:f9:0f:12:6b:86:d9:28:81:b3:61:4c:b3:
                    9d:dc:d9:57:e9:92:e8:2b:95:09:b3:97:d3:51:77:
                    15:57:e8:6b:cb:53:9e:00:03:3a:96:36:bd:83:ae:
                    72:d4:c5:2c:f4:3e:cd:7b:19:f4:a2:be:ba:1e:9b:
                    5f:fe:57:49:7d:de:cc:2f:e4:c1:0b:89:9c:16:01:
                    39:9a:a2:8c:aa:5a:c8:0b:6b:a2:26:c0:35:7b:61:
                    1d:43:08:d5:68:6b:c2:e7:a4:0d:dd:4a:e3:91:f2:
                    ae:36:a8:54:95:fe:11:c2:e0:a9:34:3f:b1:e4:ba:
                    7d:af:0b:df:9c:28:e6:3f:be:7a:d2:2e:36:63:94:
                    7a:a8:53:6c:99:1d:c4:9c:e5:cb:54:09:0c:d2:dd:
                    96:a8:b6:73:39:15:10:b3:2e:25:2b:c5:c8:c0:b4:
                    62:54:07:6b:9b:38:d7:4b:8d:4f:de:ef:24:13:d3:
                    29:09:66:03:c6:f7:c1:2b:97:18:2c:9e:6d:49:e5:
                    5b:6b:e2:df:08:16:53:5b:a7:c2:10:23:c0:47:65:
                    17:88:3d:c7:80:ee:d9:87:6e:e7:8e:c3:35:64:0a:
                    ed:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:03:9E:71:CB:71:52:04:A8:3C:C2:53:82:2D:C2:9A:62:C7:99:E6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.160.228.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  197120

    Signature Algorithm: sha256WithRSAEncryption
         79:3a:92:a8:0e:41:02:4e:ce:32:82:a4:b1:7e:b7:79:6a:4d:
         38:83:30:b3:f2:77:57:00:ff:43:c9:24:b3:7c:e4:12:cf:c4:
         c4:0a:66:d8:1d:2c:25:ae:9b:e1:92:cc:44:fe:bd:c5:8c:3f:
         9a:5f:3d:32:1a:3d:1f:24:7f:36:b3:6c:66:a2:93:22:2a:6c:
         bf:52:ec:06:ae:56:53:24:c8:d3:b6:c1:ed:1c:22:99:e2:db:
         3f:77:59:d1:11:1d:9c:6c:a5:e9:bb:fb:05:ce:ef:06:6c:03:
         09:3a:ad:2b:b7:10:e0:13:c4:bb:8e:18:cc:f8:c1:5b:ab:f2:
         03:54:3b:a1:d6:be:2c:16:00:98:06:32:8a:71:54:3d:25:91:
         6a:9f:b9:8d:5d:c4:80:30:8d:c7:6d:35:88:e3:80:45:61:00:
         9a:6c:d2:dd:4c:3d:f0:b0:cd:7a:b1:94:43:1c:ff:22:0b:eb:
         b8:f7:d3:1a:e7:e4:f1:91:11:45:11:b3:75:4c:df:8b:89:aa:
         cf:76:13:cc:bd:b4:b3:ff:eb:02:bb:eb:bd:ee:eb:56:56:7f:
         64:b4:2d:83:bf:62:02:a7:84:7a:4d:b8:d8:3b:6d:46:77:86:
         5a:74:a7:4c:5a:4b:4c:ce:50:d2:51:6e:be:f7:0d:c1:ef:58:
         d7:64:03:a5
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDSTJ/mcCcwqmXnrlFN9lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjAzOWU3MWNiNzE1MjA0YTgzY2MyNTM4MjJkYzI5YTYyYzc5OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwssldPgm6SjbvA1y7CkKtKTnBxPi
O9ioTnNiH5+Eg2b5DxJrhtkogbNhTLOd3NlX6ZLoK5UJs5fTUXcVV+hry1OeAAM6
lja9g65y1MUs9D7Nexn0or66Hptf/ldJfd7ML+TBC4mcFgE5mqKMqlrIC2uiJsA1
e2EdQwjVaGvC56QN3UrjkfKuNqhUlf4RwuCpND+x5Lp9rwvfnCjmP7560i42Y5R6
qFNsmR3EnOXLVAkM0t2WqLZzORUQsy4lK8XIwLRiVAdrmzjXS41P3u8kE9MpCWYD
xvfBK5cYLJ5tSeVba+LfCBZTW6fCECPAR2UXiD3HgO7Zh27njsM1ZArtSQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFAYDnnHLcVIEqDzCU4Itwppix5nmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IyL2U2Mjg3
OS0yYzY5LTQwYzMtYjExNi0wZTQ2ODc1ZDQ1ZmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvZTYyODc5
LTJjNjktNDBjMy1iMTE2LTBlNDY4NzVkNDVmZC8xL0JnT2VjY3R4VWdTb1BNSlRn
aTNDbW1MSG1lWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCwaDkMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMCADANBgkqhkiG9w0BAQsFAAOCAQEAeTqSqA5BAk7OMoKksX63eWpNOIMws/J3
VwD/Q8kks3zkEs/ExApm2B0sJa6b4ZLMRP69xYw/ml89Mho9HyR/NrNsZqKTIips
v1LsBq5WUyTI07bB7RwimeLbP3dZ0REdnGyl6bv7Bc7vBmwDCTqtK7cQ4BPEu44Y
zPjBW6vyA1Q7oda+LBYAmAYyinFUPSWRap+5jV3EgDCNx201iOOARWEAmmzS3Uw9
8LDNerGUQxz/IgvruPfTGufk8ZERRRGzdUzfi4mqz3YTzL20s//rArvrve7rVlZ/
ZLQtg79iAqeEek242DttRneGWnSnTFpLTM5Q0lFuvvcNwe9Y12QDpQ==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:02:02 2024 by rpki-client on console-fra.rpki-client.org