Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DP81-NWtPe6lUQZbJAK7DTyNlRk.cer
File:                     DP81-NWtPe6lUQZbJAK7DTyNlRk.cer (raw, json)
Hash identifier:          sGyRWlYSb8FVnuWHHPzGTcBDLdKrOIu8e+CbcTJGDJk=
Subject key identifier:   0C:FF:35:F8:D5:AD:3D:EE:A5:51:06:5B:24:02:BB:0D:3C:8D:95:19
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D10077BA2F3F08448DE730B3FF9B6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f8/70ac54-8acb-4a1b-8105-e33f2baabc60/1/DP81-NWtPe6lUQZbJAK7DTyNlRk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f8/70ac54-8acb-4a1b-8105-e33f2baabc60/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 60879
                          IP: 95.172.128.0/20
                          IP: 185.24.92.0/22
                          IP: 195.211.4.0/22
                          IP: 2a00:74e0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:10:07:7b:a2:f3:f0:84:48:de:73:0b:3f:f9:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0cff35f8d5ad3deea551065b2402bb0d3c8d9519
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:73:f7:e9:b9:6f:47:fc:ad:a6:86:7f:c7:4d:
                    d1:14:4c:97:be:3f:08:1f:e7:4d:f8:aa:ef:74:43:
                    47:55:6d:de:d4:dd:09:87:58:95:bb:f5:6b:08:bb:
                    5e:4c:ca:41:66:cd:1c:74:b8:5b:7c:77:b8:bb:82:
                    ec:9b:bf:7b:40:f5:ba:40:96:02:ae:4b:aa:a4:e7:
                    ca:4a:42:65:15:5e:a5:b5:cd:63:78:fd:a1:64:27:
                    a2:ab:90:27:6e:4f:fd:ab:e6:93:b0:13:be:27:86:
                    1b:22:b7:f6:9e:ca:12:c4:90:ff:76:7c:89:e8:6d:
                    d3:7d:97:0e:9f:01:35:57:7f:75:32:9a:99:2f:1a:
                    5b:ff:9c:1f:29:41:67:54:d1:c4:c3:77:28:c4:9e:
                    07:e4:ce:4c:b9:d4:81:0b:44:62:1b:aa:f8:35:f0:
                    b3:3c:16:ae:23:da:25:14:57:15:bc:58:15:d3:55:
                    bc:9c:dc:01:d7:9e:73:4d:60:c9:99:91:4b:e4:90:
                    d0:15:39:c9:9f:e0:02:ad:7d:5a:6f:ff:26:62:ff:
                    f3:d5:40:f3:dd:1e:ee:4c:60:59:67:a6:c0:e6:ad:
                    0a:8e:dd:1a:1b:fd:34:cd:95:6f:81:05:36:2c:6c:
                    94:df:fa:5f:70:45:b9:c2:2a:c3:89:88:ba:4f:15:
                    df:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:FF:35:F8:D5:AD:3D:EE:A5:51:06:5B:24:02:BB:0D:3C:8D:95:19
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/70ac54-8acb-4a1b-8105-e33f2baabc60/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/70ac54-8acb-4a1b-8105-e33f2baabc60/1/DP81-NWtPe6lUQZbJAK7DTyNlRk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.172.128.0/20
                  185.24.92.0/22
                  195.211.4.0/22
                IPv6:
                  2a00:74e0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  60879

    Signature Algorithm: sha256WithRSAEncryption
         b1:8c:a9:3b:50:96:60:1c:b0:2b:d6:da:67:3e:74:b5:64:44:
         7e:b1:ee:2d:6c:5b:d6:4f:7f:76:c2:0d:73:13:b0:8a:7e:e4:
         12:6a:ca:81:1c:02:c8:fb:d2:43:fe:90:af:3e:e1:f9:7a:4f:
         b6:83:ce:4b:ae:f4:05:ce:49:02:1b:41:90:92:68:3c:f5:f7:
         eb:11:6f:3c:01:24:94:28:81:87:54:86:d5:f0:69:70:4e:c6:
         44:be:c5:a6:0a:52:fb:00:6c:b0:e4:d0:e3:0a:7a:14:e5:2c:
         49:11:fa:cc:44:ef:69:b4:f1:75:31:f5:c7:f6:55:c3:89:c8:
         2f:69:76:93:8e:3c:6c:95:0b:55:03:20:6c:9d:ed:5f:a4:62:
         01:f8:78:8a:88:d9:9a:f8:8e:ce:20:d6:f9:5f:c1:db:67:43:
         ba:fc:a7:65:10:23:1d:94:bd:3a:65:ca:2e:33:e9:d4:cf:10:
         6f:2c:03:53:ed:a1:02:6d:65:fb:d0:e2:01:f7:1e:64:ce:58:
         20:55:35:fb:27:d1:f9:31:b6:e4:15:cb:ba:81:85:af:58:c1:
         74:0a:0f:34:b4:8d:e8:5b:1e:3f:4d:53:64:43:41:74:36:9a:
         28:3f:24:72:af:76:5d:52:31:15:a6:a2:8d:16:9c:35:a9:c3:
         71:2c:67:6d
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzCbRAHe6Lz8IRI3nMLP/m2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ZmMzVmOGQ1YWQzZGVlYTU1MTA2NWIyNDAyYmIwZDNjOGQ5NTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3P36blvR/ytpoZ/x03RFEyXvj8I
H+dN+KrvdENHVW3e1N0Jh1iVu/VrCLteTMpBZs0cdLhbfHe4u4Lsm797QPW6QJYC
rkuqpOfKSkJlFV6ltc1jeP2hZCeiq5Anbk/9q+aTsBO+J4YbIrf2nsoSxJD/dnyJ
6G3TfZcOnwE1V391MpqZLxpb/5wfKUFnVNHEw3coxJ4H5M5MudSBC0RiG6r4NfCz
PBauI9olFFcVvFgV01W8nNwB155zTWDJmZFL5JDQFTnJn+ACrX1ab/8mYv/z1UDz
3R7uTGBZZ6bA5q0Kjt0aG/00zZVvgQU2LGyU3/pfcEW5wirDiYi6TxXfmwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFAz/NfjVrT3upVEGWyQCuw08jZUZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y4LzcwYWM1
NC04YWNiLTRhMWItODEwNS1lMzNmMmJhYWJjNjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgvNzBhYzU0
LThhY2ItNGExYi04MTA1LWUzM2YyYmFhYmM2MC8xL0RQODEtTld0UGU2bFVRWmJK
QUs3RFR5TmxSay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQEX6yAAwQCuRhcAwQCw9MEMA0EAgACMAcDBQAq
AHTgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDtzzANBgkqhkiG9w0BAQsFAAOC
AQEAsYypO1CWYBywK9baZz50tWREfrHuLWxb1k9/dsINcxOwin7kEmrKgRwCyPvS
Q/6Qrz7h+XpPtoPOS670Bc5JAhtBkJJoPPX36xFvPAEklCiBh1SG1fBpcE7GRL7F
pgpS+wBssOTQ4wp6FOUsSRH6zETvabTxdTH1x/ZVw4nIL2l2k448bJULVQMgbJ3t
X6RiAfh4iojZmviOziDW+V/B22dDuvynZRAjHZS9OmXKLjPp1M8QbywDU+2hAm1l
+9DiAfceZM5YIFU1+yfR+TG25BXLuoGFr1jBdAoPNLSN6FseP01TZENBdDaaKD8k
cq92XVIxFaaijRacNanDcSxnbQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:35:51 2024 by rpki-client on console-ams.rpki-client.org