Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DY_I34T78qtAQS5tSt_3wbhKWy8.cer
File:                     DY_I34T78qtAQS5tSt_3wbhKWy8.cer (raw, json)
Hash identifier:          aF5rl/yF8Z/pelT6GGcQ8aTCrhxyw2k1yyrnKb8FCkY=
Subject key identifier:   0D:8F:C8:DF:84:FB:F2:AB:40:41:2E:6D:4A:DF:F7:C1:B8:4A:5B:2F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DEE1BCA3DB9D052FC9216BF8B4B510
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/DY_I34T78qtAQS5tSt_3wbhKWy8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:39 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 208985
                          IP: 2001:67c:914::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:e1:bc:a3:db:9d:05:2f:c9:21:6b:f8:b4:b5:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d8fc8df84fbf2ab40412e6d4adff7c1b84a5b2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:92:b2:14:0f:67:de:2e:3a:02:ba:a2:32:a0:
                    e9:48:f9:b9:9f:1e:06:df:23:00:e6:dc:0d:01:e9:
                    70:41:f0:b6:2f:80:e1:01:6a:7f:07:6b:ae:84:4d:
                    1a:b0:07:0a:5b:1b:f9:75:e8:a9:f3:86:75:df:1d:
                    65:f0:3d:68:ab:cf:29:89:2d:5f:3f:6d:27:5c:4a:
                    87:6e:a0:bf:57:a1:c5:7b:80:28:48:08:28:fd:b5:
                    3f:cc:3a:40:76:90:c2:51:0c:3a:38:ae:2f:ee:de:
                    fd:c2:c9:33:4c:b3:f7:fe:12:78:e2:56:c8:b6:02:
                    f6:42:d2:73:7e:71:ec:84:33:08:1d:cd:64:b9:ae:
                    8e:29:fd:67:01:41:f8:0a:12:82:15:94:92:01:40:
                    84:72:89:13:81:9b:4d:24:08:dc:c3:4a:e1:0a:66:
                    8c:d8:1d:42:9c:c1:1e:0b:b6:13:f4:50:6f:83:60:
                    7b:cf:c7:c0:4b:65:74:44:94:bd:52:dd:af:3c:74:
                    90:39:01:57:fd:97:5c:05:8d:3b:1d:1c:2b:8a:07:
                    21:75:d1:68:dd:73:71:4e:49:3c:cc:15:4b:02:cb:
                    bd:1e:02:d3:4a:1b:46:00:f2:11:34:43:44:21:fc:
                    c3:2d:ef:22:db:f2:d0:d0:64:99:8e:10:d3:0e:cb:
                    dd:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:8F:C8:DF:84:FB:F2:AB:40:41:2E:6D:4A:DF:F7:C1:B8:4A:5B:2F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/DY_I34T78qtAQS5tSt_3wbhKWy8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:914::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208985

    Signature Algorithm: sha256WithRSAEncryption
         2b:9b:f1:5b:46:53:8a:1b:91:9d:1c:b0:5a:a2:a9:9d:52:be:
         0a:e4:7e:58:02:eb:10:3d:a2:3f:52:8a:dc:ff:26:a5:51:4b:
         1e:5b:bd:a9:3d:86:82:78:d6:30:74:5a:d5:b5:70:b8:1b:d1:
         5a:f7:fe:b1:28:60:d9:25:20:b0:65:45:05:dc:94:81:a0:9a:
         e4:4d:3e:5e:33:e5:20:64:81:cc:7f:6c:b6:89:49:76:40:1b:
         f2:4d:4c:93:ef:72:44:1b:be:2e:95:f9:cb:87:c8:ed:90:7b:
         30:28:af:c8:52:2c:42:d5:51:f0:24:28:45:da:b5:53:d2:98:
         2a:ee:8f:ce:59:06:b9:28:e9:09:be:b3:28:0a:4b:8c:83:de:
         90:1c:db:e7:d3:5b:85:8c:36:9a:54:cd:9e:af:54:74:f8:ec:
         27:f3:b4:c9:44:ae:fd:1f:50:0a:e4:9c:59:18:bb:90:bd:27:
         34:70:f8:db:58:90:82:65:64:06:a8:38:40:11:79:ea:91:64:
         fe:c2:fa:9d:2e:34:3d:ed:95:e8:64:d1:ed:dd:6d:bb:fb:4b:
         ab:32:c0:e7:b2:e3:9c:5e:c7:4e:94:a0:3f:2f:21:bb:f8:aa:
         be:8e:12:f9:6d:89:2e:b5:4b:e9:61:bf:4f:18:ce:7e:21:99:
         b1:a4:c0:9a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzI3uG8o9udBS/JIWv4tLUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhmYzhkZjg0ZmJmMmFiNDA0MTJlNmQ0YWRmZjdjMWI4NGE1YjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZKyFA9n3i46ArqiMqDpSPm5nx4G
3yMA5twNAelwQfC2L4DhAWp/B2uuhE0asAcKWxv5deip84Z13x1l8D1oq88piS1f
P20nXEqHbqC/V6HFe4AoSAgo/bU/zDpAdpDCUQw6OK4v7t79wskzTLP3/hJ44lbI
tgL2QtJzfnHshDMIHc1kua6OKf1nAUH4ChKCFZSSAUCEcokTgZtNJAjcw0rhCmaM
2B1CnMEeC7YT9FBvg2B7z8fAS2V0RJS9Ut2vPHSQOQFX/ZdcBY07HRwrigchddFo
3XNxTkk8zBVLAsu9HgLTShtGAPIRNENEIfzDLe8i2/LQ0GSZjhDTDsvd6wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFA2PyN+E+/KrQEEubUrf98G4SlsvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzL2VjZTJl
Yi04M2ZhLTQ3NmItYWI5OC02ODg3NjJiYjk4NWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvZWNlMmVi
LTgzZmEtNDc2Yi1hYjk4LTY4ODc2MmJiOTg1ZS8xL0RZX0kzNFQ3OHF0QVFTNXRT
dF8zd2JoS1d5OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAkUMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMwWTANBgkqhkiG9w0BAQsFAAOCAQEAK5vxW0ZTihuRnRywWqKpnVK+CuR+
WALrED2iP1KK3P8mpVFLHlu9qT2GgnjWMHRa1bVwuBvRWvf+sShg2SUgsGVFBdyU
gaCa5E0+XjPlIGSBzH9stolJdkAb8k1Mk+9yRBu+LpX5y4fI7ZB7MCivyFIsQtVR
8CQoRdq1U9KYKu6PzlkGuSjpCb6zKApLjIPekBzb59NbhYw2mlTNnq9UdPjsJ/O0
yUSu/R9QCuScWRi7kL0nNHD421iQgmVkBqg4QBF56pFk/sL6nS40Pe2V6GTR7d1t
u/tLqzLA57LjnF7HTpSgPy8hu/iqvo4S+W2JLrVL6WG/TxjOfiGZsaTAmg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:57 2024 by rpki-client on console-ams.rpki-client.org