Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.cer (raw, json)
Hash identifier:          L9JZSed0gNiYiX5budq7Fonid6uV4cUGOwq+75aRljo=
Subject key identifier:   06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86F6011A8352C279724F63CA995A118
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:29:51 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 199340

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:60:11:a8:35:2c:27:97:24:f6:3c:a9:95:a1:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:29:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c7:2f:55:83:03:68:f6:f3:c5:22:69:83:5f:
                    a4:ae:80:9d:49:cf:de:2b:0e:8e:36:e8:18:f0:1b:
                    89:80:5b:fc:3e:d0:62:20:bd:b5:cd:5a:89:08:70:
                    93:17:58:c1:47:71:7c:e0:e9:11:18:25:91:9a:cb:
                    43:95:1b:fa:71:6b:88:e7:85:30:30:32:49:31:b7:
                    55:d2:b0:e7:4d:03:b0:1b:33:98:e3:2e:82:a0:24:
                    f8:e9:a5:17:45:f9:56:14:d8:34:06:e9:8d:7d:00:
                    5d:d0:d7:6d:3d:71:9f:45:93:eb:f6:10:85:d3:94:
                    13:ee:0e:88:61:cf:40:02:37:c7:38:62:41:3b:9c:
                    98:a0:52:9f:08:45:97:1d:e9:36:e1:d7:f0:cd:c6:
                    a6:ce:f5:4c:25:e2:33:26:ca:cb:fc:e6:b0:62:63:
                    86:9f:8c:48:4e:3b:03:47:37:7e:51:19:ee:58:d5:
                    a0:0c:57:93:74:89:97:b4:e6:24:7e:9a:80:c7:ca:
                    80:55:c3:f9:44:3c:70:2c:dc:9d:45:23:83:33:15:
                    e0:53:ff:56:c3:f0:75:ae:cb:41:81:16:bd:3c:99:
                    c2:9c:d2:c4:00:56:d3:48:32:2f:e0:24:50:d1:f1:
                    20:75:a8:fb:82:a2:ae:5c:91:79:be:26:16:96:7e:
                    24:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199340

    Signature Algorithm: sha256WithRSAEncryption
         0b:ce:18:66:01:02:2f:4f:c3:13:fb:5d:3d:5d:e8:d8:ad:9a:
         83:93:92:ff:bc:18:b8:9d:7b:bd:0b:33:74:87:cb:a5:8b:21:
         1b:30:fd:1c:5c:a4:86:4b:6e:0a:83:07:1f:a3:48:ef:9d:b5:
         43:76:75:3a:b0:65:46:89:09:c3:a7:d2:d6:16:91:95:55:fc:
         57:cc:2d:1a:9f:96:36:e2:c4:fa:f5:89:57:06:50:0a:03:ae:
         7e:6b:18:0d:7f:76:81:c7:82:e3:c8:1b:c5:7c:1f:c8:00:96:
         bc:28:3a:54:36:82:26:0b:44:cf:dc:f5:06:dd:85:8d:41:d1:
         29:37:7a:7c:e7:60:49:89:3a:a2:85:42:d5:77:a4:ca:94:09:
         8b:44:71:e1:a1:0b:57:c6:41:4d:dc:ed:b7:90:c4:97:c6:67:
         b5:8b:da:2a:a0:94:86:2e:35:8f:4b:da:ca:6c:f8:6b:03:35:
         94:49:81:2c:03:60:1a:2b:26:d2:7f:d7:48:c6:ec:20:d4:28:
         2d:9f:8c:d7:cb:dc:ae:2b:30:89:06:05:ff:37:81:f0:e5:07:
         5e:d6:6f:04:1d:c4:15:4e:6d:1c:5f:3c:93:51:22:8a:e6:7d:
         62:f5:ff:48:12:74:ef:6e:e0:ec:4c:bb:29:56:83:d2:ff:2a:
         1f:2b:a4:5a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzIb2ARqDUsJ5ck9jyplaEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjAzZGY5MTRkZjA0ZTQ3ZjU2YmQ5NjJmMmY5ZGMzZjA0MzRhNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqccvVYMDaPbzxSJpg1+kroCdSc/e
Kw6ONugY8BuJgFv8PtBiIL21zVqJCHCTF1jBR3F84OkRGCWRmstDlRv6cWuI54Uw
MDJJMbdV0rDnTQOwGzOY4y6CoCT46aUXRflWFNg0BumNfQBd0NdtPXGfRZPr9hCF
05QT7g6IYc9AAjfHOGJBO5yYoFKfCEWXHek24dfwzcamzvVMJeIzJsrL/OawYmOG
n4xITjsDRzd+URnuWNWgDFeTdImXtOYkfpqAx8qAVcP5RDxwLNydRSODMxXgU/9W
w/B1rstBgRa9PJnCnNLEAFbTSDIv4CRQ0fEgdaj7gqKuXJF5viYWln4kcwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAYD35FN8E5H9WvZYvL53D8ENKXTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M5LzliNWUy
Ni0wMTQ4LTRmOWYtYTQ2YS1iYzg0MjVjNjA2MDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvOWI1ZTI2
LTAxNDgtNGY5Zi1hNDZhLWJjODQyNWM2MDYwNC8xL0JnUGZrVTN3VGtmMWE5bGk4
dm5jUHdRMHBkTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMKrDANBgkqhkiG9w0BAQsFAAOCAQEAC84YZgECL0/D
E/tdPV3o2K2ag5OS/7wYuJ17vQszdIfLpYshGzD9HFykhktuCoMHH6NI7521Q3Z1
OrBlRokJw6fS1haRlVX8V8wtGp+WNuLE+vWJVwZQCgOufmsYDX92gceC48gbxXwf
yACWvCg6VDaCJgtEz9z1Bt2FjUHRKTd6fOdgSYk6ooVC1XekypQJi0Rx4aELV8ZB
Tdztt5DEl8ZntYvaKqCUhi41j0vaymz4awM1lEmBLANgGism0n/XSMbsINQoLZ+M
18vcriswiQYF/zeB8OUHXtZvBB3EFU5tHF88k1EiiuZ9YvX/SBJ0727g7Ey7KVaD
0v8qHyukWg==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:02:02 2024 by rpki-client on console-fra.rpki-client.org