Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
File:                     E07-fFQfVAbcfg_yaNBVgrrvyZY.cer (raw, json)
Hash identifier:          PFsHpLtUq1isdXOtVxSF3nhubi8aN76h1VyOEaox8e4=
Subject key identifier:   13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA995870F22A67D81FEE74036DD210D6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 14:34:56 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 45.91.40.0/22
                          IP: 83.229.28.0/23
                          IP: 89.35.228.0/24
                          IP: 89.147.104.0/22
                          IP: 91.208.213.0/24
                          IP: 94.140.4.0/22
                          IP: 185.126.33.0/24
                          IP: 185.212.7.0/24
                          IP: 194.127.98.0/23
                          IP: 195.85.6.0/23
                          IP: 195.158.236.0/23
                          IP: 2a10:13c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:58:70:f2:2a:67:d8:1f:ee:74:03:6d:d2:10:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:34:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=134efe7c541f5406dc7e0ff268d05582baefc996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:07:a4:0d:80:9c:c4:30:04:4a:61:74:76:3c:
                    be:8f:1d:33:4c:58:8b:b7:67:13:9d:7b:a8:2b:ef:
                    b9:0b:0e:d8:c0:b9:e2:c5:bf:d5:64:62:c1:af:d1:
                    69:78:1e:d7:4e:26:0e:a7:f2:95:3e:5b:d8:e9:ed:
                    55:f8:f5:2d:5c:87:64:bc:98:84:0d:a7:40:fc:84:
                    1d:8a:b5:17:e3:8c:dc:1c:ff:ba:a6:23:99:3e:c9:
                    7b:d5:14:97:cb:16:a2:f0:dc:4b:81:55:e2:48:b7:
                    bf:6b:69:ff:25:a0:c5:b5:66:56:33:02:09:5b:3f:
                    b2:75:9d:52:11:3e:47:ca:aa:7d:0d:13:25:a7:9b:
                    31:d9:74:82:f1:84:94:a5:2e:98:e7:df:92:c3:79:
                    de:10:33:30:fb:77:18:7a:91:6d:7d:02:a9:00:c1:
                    44:f7:09:d2:53:9a:c9:fa:01:62:82:f2:2d:ec:d8:
                    6e:75:40:e7:28:c7:8e:a6:5a:fd:05:29:bd:70:d9:
                    27:28:9d:df:44:af:08:fc:0b:4d:4a:a9:1f:d9:e6:
                    23:ab:e8:51:ba:6f:69:a8:e9:07:ff:b0:a8:bd:c7:
                    fd:87:33:a3:a2:f9:d7:f0:b1:00:78:2a:34:3c:4f:
                    7a:c3:82:69:42:69:c2:cd:c6:4f:a9:46:c8:6e:22:
                    d0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.40.0/22
                  83.229.28.0/23
                  89.35.228.0/24
                  89.147.104.0/22
                  91.208.213.0/24
                  94.140.4.0/22
                  185.126.33.0/24
                  185.212.7.0/24
                  194.127.98.0/23
                  195.85.6.0/23
                  195.158.236.0/23
                IPv6:
                  2a10:13c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:bd:b1:30:33:18:d4:2c:ea:4d:1d:87:67:ee:1c:fb:86:37:
         bf:7e:13:fe:b6:72:ff:14:de:e7:be:34:30:a8:d8:27:4d:44:
         9e:8d:3d:97:8c:ea:79:eb:03:f7:85:49:a4:f0:94:49:60:4d:
         0c:3c:cf:88:a8:ec:d1:39:6a:87:6b:7c:9a:3f:e7:cf:a9:37:
         16:06:8c:d3:6e:d2:2b:a0:87:ee:68:d0:7e:b4:f7:17:c3:5f:
         b1:1e:2f:a9:be:c2:fd:9b:4c:db:07:37:58:54:c9:e9:a8:c2:
         77:b8:a6:d7:fe:08:01:02:fa:93:d4:ee:94:fc:68:2a:94:f2:
         ca:a2:b7:02:c8:f3:c1:e1:d2:7b:6a:ee:53:fe:c4:6a:ea:1e:
         e0:69:db:3d:95:3d:5b:24:f7:15:8e:15:ab:72:f4:e9:f3:5b:
         54:f2:bc:de:5f:ed:09:ef:96:b7:f7:69:34:f0:e8:fa:9a:4a:
         23:c7:7d:7d:14:99:45:06:96:d9:f7:b9:ee:7c:7b:a1:9f:40:
         66:10:ea:0b:50:11:70:e5:2f:aa:1f:21:5f:c9:1d:44:8f:a4:
         16:28:a7:b9:f6:e8:ea:b1:9a:b0:c4:3e:3c:7a:61:41:7a:56:
         ec:d7:bf:00:5b:27:a9:52:b9:70:bc:5e:46:e5:44:21:5b:1b:
         56:46:16:73
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYzKmVhw8ipn2B/udANt0hDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzRlZmU3YzU0MWY1NDA2ZGM3ZTBmZjI2OGQwNTU4MmJhZWZjOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAekDYCcxDAESmF0djy+jx0zTFiL
t2cTnXuoK++5Cw7YwLnixb/VZGLBr9FpeB7XTiYOp/KVPlvY6e1V+PUtXIdkvJiE
DadA/IQdirUX44zcHP+6piOZPsl71RSXyxai8NxLgVXiSLe/a2n/JaDFtWZWMwIJ
Wz+ydZ1SET5Hyqp9DRMlp5sx2XSC8YSUpS6Y59+Sw3neEDMw+3cYepFtfQKpAMFE
9wnSU5rJ+gFigvIt7NhudUDnKMeOplr9BSm9cNknKJ3fRK8I/AtNSqkf2eYjq+hR
um9pqOkH/7Covcf9hzOjovnX8LEAeCo0PE96w4JpQmnCzcZPqUbIbiLQeQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFBNO/nxUH1QG3H4P8mjQVYK678mWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2LzkzZDI5
Ny04MDM4LTRiOWEtOGY3Yi1iMzY0OTFlZTZlZTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvOTNkMjk3
LTgwMzgtNGI5YS04ZjdiLWIzNjQ5MWVlNmVlNC8xL0UwNy1mRlFmVkFiY2ZnX3lh
TkJWZ3JydnlaWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGoGCCsGAQUF
BwEHAQH/BFswWTBIBAIAATBCAwQCLVsoAwQBU+UcAwQAWSPkAwQCWZNoAwQAW9DV
AwQCXowEAwQAuX4hAwQAudQHAwQBwn9iAwQBw1UGAwQBw57sMA0EAgACMAcDBQAq
EBPAMA0GCSqGSIb3DQEBCwUAA4IBAQACvbEwMxjULOpNHYdn7hz7hje/fhP+tnL/
FN7nvjQwqNgnTUSejT2XjOp56wP3hUmk8JRJYE0MPM+IqOzROWqHa3yaP+fPqTcW
BozTbtIroIfuaNB+tPcXw1+xHi+pvsL9m0zbBzdYVMnpqMJ3uKbX/ggBAvqT1O6U
/GgqlPLKorcCyPPB4dJ7au5T/sRq6h7gads9lT1bJPcVjhWrcvTp81tU8rzeX+0J
75a392k08Oj6mkojx319FJlFBpbZ97nufHuhn0BmEOoLUBFw5S+qHyFfyR1Ej6QW
KKe59ujqsZqwxD48emFBelbs178AWyepUrlwvF5G5UQhWxtWRhZz
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:25 2024 by rpki-client on console-ams.rpki-client.org