Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer
File:                     D5XJyafxmprXF-TapTDIXPmauXU.cer (raw, json)
Hash identifier:          06S2E1XmL8/WjqXbKIhH8orOVykZ1f1/9nTfufnN2HM=
Subject key identifier:   0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018D797349120359FB0CBD0E943DB37D7D5E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 05 Feb 2024 13:26:54 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 58221
                          IP: 91.237.36.0/24
                          IP: 91.239.80.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:79:73:49:12:03:59:fb:0c:bd:0e:94:3d:b3:7d:7d:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb  5 13:26:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:26:34:fb:30:07:29:e1:a1:0f:3a:34:da:b3:
                    7d:5a:ea:b2:7d:9e:32:b7:15:af:98:60:6a:dc:4c:
                    64:a5:45:a9:ec:66:b9:69:20:73:e4:49:76:de:9b:
                    08:72:7a:12:aa:f0:ad:3b:ba:6d:37:de:d9:2f:da:
                    70:01:2f:cf:6c:a8:da:34:ca:68:5d:0c:e2:2b:8c:
                    4f:05:4f:56:49:c6:16:84:44:45:c6:15:d2:57:10:
                    35:5c:7e:c9:cd:86:30:0f:f4:ab:f2:7d:30:b9:93:
                    c9:37:70:b1:2b:98:d5:76:92:33:32:32:5d:04:9e:
                    45:f6:55:13:8e:40:bf:3c:3a:04:a2:3e:59:cb:ca:
                    6d:2e:e5:e8:e4:6d:47:32:49:e6:f6:ee:f0:67:e0:
                    0a:b4:58:68:72:bb:9d:01:83:d9:a9:0b:7c:09:22:
                    58:6d:81:01:1b:0d:e1:19:98:77:41:da:8d:c3:b4:
                    3e:94:c9:99:c6:09:4c:fe:fe:93:64:74:b3:34:23:
                    ab:3c:13:25:e5:06:7b:64:12:32:cc:9a:63:21:38:
                    7f:5d:6e:fb:a4:02:fa:cd:c1:30:94:60:bb:85:35:
                    27:0c:0b:2b:9c:b6:0f:8b:87:2a:97:5a:3e:50:e2:
                    6c:37:ef:d0:24:ca:a1:28:33:46:4d:16:8f:7a:02:
                    53:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.36.0/24
                  91.239.80.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58221

    Signature Algorithm: sha256WithRSAEncryption
         58:c5:6d:02:3c:ba:bb:18:4d:71:98:6b:14:35:c9:d1:d6:01:
         d8:ac:2e:46:26:22:a0:0f:32:eb:05:04:99:b8:b1:2e:70:e8:
         75:ec:66:45:7d:ae:85:af:bd:9f:e3:af:09:ca:c3:b3:78:24:
         eb:46:30:e7:0d:91:46:d2:94:98:00:c7:74:be:78:2d:d2:81:
         4e:41:44:21:60:7f:cf:c9:03:1d:43:c6:c0:d6:89:d3:a4:89:
         b4:20:59:68:fb:d0:f1:80:65:39:43:19:02:42:7e:bc:9c:27:
         58:ec:43:9e:81:09:2a:0f:ef:88:da:f5:3d:bb:6d:de:af:ec:
         d2:50:0b:18:f7:0b:0c:d1:58:d6:3a:33:8e:54:63:d9:d0:dd:
         67:5d:6e:bb:85:b9:fd:a3:b9:80:d2:cb:34:d8:30:0c:60:ba:
         62:41:05:f5:99:63:01:e9:7e:38:8e:a8:f1:d5:24:70:de:5e:
         c4:47:77:fb:cc:c6:8a:f1:6a:e4:f6:2e:63:79:48:ab:63:91:
         90:37:fe:df:55:95:31:d2:f1:43:c3:86:ea:5a:96:79:98:fb:
         9d:f6:d2:c7:7f:1f:40:0e:a2:7c:8c:e6:b5:fb:61:c6:7a:c5:
         b2:df:2f:61:2c:79:79:28:ff:a5:4c:f3:bc:8a:56:25:3e:53:
         0e:93:97:11
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY15c0kSA1n7DL0OlD2zfX1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjA1MTMyNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk1YzljOWE3ZjE5YTlhZDcxN2U0ZGFhNTMwYzg1Y2Y5OWFiOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiY0+zAHKeGhDzo02rN9WuqyfZ4y
txWvmGBq3ExkpUWp7Ga5aSBz5El23psIcnoSqvCtO7ptN97ZL9pwAS/PbKjaNMpo
XQziK4xPBU9WScYWhERFxhXSVxA1XH7JzYYwD/Sr8n0wuZPJN3CxK5jVdpIzMjJd
BJ5F9lUTjkC/PDoEoj5Zy8ptLuXo5G1HMknm9u7wZ+AKtFhocrudAYPZqQt8CSJY
bYEBGw3hGZh3QdqNw7Q+lMmZxglM/v6TZHSzNCOrPBMl5QZ7ZBIyzJpjITh/XW77
pAL6zcEwlGC7hTUnDAsrnLYPi4cql1o+UOJsN+/QJMqhKDNGTRaPegJTGQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFA+Vycmn8Zqa1xfk2qUwyFz5mrl1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzLzA4ZjVj
ZC04ZWVjLTRkNTUtODgxMi1jOTM2NTlmNzY3MzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvMDhmNWNk
LThlZWMtNGQ1NS04ODEyLWM5MzY1OWY3NjczNy8xL0Q1WEp5YWZ4bXByWEYtVGFw
VERJWFBtYXVYVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW+0kAwQCW+9QMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDjbTANBgkqhkiG9w0BAQsFAAOCAQEAWMVtAjy6uxhNcZhrFDXJ0dYB
2KwuRiYioA8y6wUEmbixLnDodexmRX2uha+9n+OvCcrDs3gk60Yw5w2RRtKUmADH
dL54LdKBTkFEIWB/z8kDHUPGwNaJ06SJtCBZaPvQ8YBlOUMZAkJ+vJwnWOxDnoEJ
Kg/viNr1Pbtt3q/s0lALGPcLDNFY1jozjlRj2dDdZ11uu4W5/aO5gNLLNNgwDGC6
YkEF9ZljAel+OI6o8dUkcN5exEd3+8zGivFq5PYuY3lIq2ORkDf+31WVMdLxQ8OG
6lqWeZj7nfbSx38fQA6ifIzmtfthxnrFst8vYSx5eSj/pUzzvIpWJT5TDpOXEQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:05:24 2024 by rpki-client on console-fra.rpki-client.org