Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/E0nM7_Skij2rAkBn4XYNv1hlD9o.cer
File:                     E0nM7_Skij2rAkBn4XYNv1hlD9o.cer (raw, json)
Hash identifier:          t8adj1HBLFG+GiApZS0/DFJeAKBkWm186JxiOcX63I4=
Subject key identifier:   13:49:CC:EF:F4:A4:8A:3D:AB:02:40:67:E1:76:0D:BF:58:65:0F:DA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D6B082E74262255460FD63FFD2A1A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/E0nM7_Skij2rAkBn4XYNv1hlD9o.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:59 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 209196
                          IP: 45.87.204.0/22
                          IP: 45.91.104.0/22
                          IP: 45.94.192.0/22
                          IP: 45.131.72.0/22
                          IP: 45.137.108.0/22
                          IP: 45.141.160.0/22
                          IP: 45.158.152.0/22
                          IP: 92.118.176.0/22
                          IP: 212.102.99.0/24
                          IP: 2a09:af40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:6b:08:2e:74:26:22:55:46:0f:d6:3f:fd:2a:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1349cceff4a48a3dab024067e1760dbf58650fda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:bc:a5:76:70:08:2b:04:94:d9:63:db:43:93:
                    0d:db:7c:29:a2:a6:ce:12:13:25:39:e1:11:b3:02:
                    48:c9:72:8e:f3:c6:50:a0:cc:50:b1:a6:24:89:8d:
                    63:5d:6b:43:01:d2:68:63:0c:3a:5c:dc:25:77:ea:
                    a3:d5:f9:5b:5c:eb:08:d6:0c:80:39:70:3e:85:4e:
                    4e:37:4b:17:bc:4b:3e:ff:dc:ee:b0:fc:58:97:4a:
                    20:f0:56:1a:3f:0f:43:af:53:f1:c8:eb:6a:1f:71:
                    2a:e5:fb:b3:af:02:51:8e:28:ba:70:bf:58:22:59:
                    1e:69:bd:b3:55:95:5d:c1:fc:00:87:77:31:54:29:
                    3a:1c:41:c3:31:d7:77:9c:1d:87:86:7b:58:b7:36:
                    32:42:a2:b8:22:ec:fe:e0:46:0d:44:48:65:10:ad:
                    a8:85:91:48:9c:f0:a3:2d:73:4f:28:38:9d:09:50:
                    ca:a0:b2:4f:b3:b8:c0:a2:e2:a4:2a:cc:ac:d5:e1:
                    e9:f7:53:6c:49:5a:dc:3c:23:16:0e:51:bc:a1:18:
                    8d:6c:6c:fa:18:21:e6:2f:68:69:c1:77:b8:e6:c5:
                    49:43:6d:07:b3:c4:ad:4d:5c:27:b4:0b:77:50:93:
                    ac:3d:71:3e:e5:0c:27:4e:56:28:03:b0:bc:4d:7e:
                    6a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:49:CC:EF:F4:A4:8A:3D:AB:02:40:67:E1:76:0D:BF:58:65:0F:DA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/E0nM7_Skij2rAkBn4XYNv1hlD9o.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.204.0/22
                  45.91.104.0/22
                  45.94.192.0/22
                  45.131.72.0/22
                  45.137.108.0/22
                  45.141.160.0/22
                  45.158.152.0/22
                  92.118.176.0/22
                  212.102.99.0/24
                IPv6:
                  2a09:af40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209196

    Signature Algorithm: sha256WithRSAEncryption
         00:ee:10:e2:82:07:d4:b2:2e:30:5a:49:93:d8:d5:04:3d:bf:
         df:40:e4:00:d1:40:1d:bb:b0:c4:84:d9:d2:9c:b2:b7:d4:0a:
         b3:63:16:c4:d9:8c:6b:63:07:39:fd:19:b3:0d:bb:2b:a4:cf:
         38:30:83:96:34:78:62:91:d5:cb:87:c0:ea:fc:0f:68:dd:1b:
         00:84:bf:2b:77:d9:16:06:49:fa:bf:cf:01:95:8a:ea:7f:2d:
         6a:7b:02:05:3d:39:cc:4a:2b:70:ae:cc:10:7f:83:6c:25:d3:
         a2:ea:fb:27:df:b6:fc:08:58:48:16:d1:cd:83:68:90:15:be:
         2d:e5:c1:87:12:c5:5c:e8:df:f9:2e:c2:83:27:b3:9a:bf:a2:
         16:5e:24:95:09:21:39:c9:0e:2f:d7:ad:85:3a:1a:3a:42:e2:
         7a:fe:ca:3d:5c:fe:70:8e:12:78:73:25:c2:fe:d7:10:2b:a4:
         ca:4e:eb:0e:e7:f7:7d:be:9c:fa:8c:bb:29:d6:db:df:49:c9:
         f1:7d:94:f8:70:97:c3:2c:22:bd:84:ac:ff:d8:6e:8e:24:c1:
         f7:6a:5c:a9:6d:60:f9:ca:93:89:db:55:35:22:a7:b2:34:7a:
         93:48:da:46:20:da:9c:1d:24:59:bf:58:5c:a7:0f:67:ad:70:
         eb:cf:ed:dc
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAYzCbWsILnQmIlVGD9Y//SoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQ5Y2NlZmY0YTQ4YTNkYWIwMjQwNjdlMTc2MGRiZjU4NjUwZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLyldnAIKwSU2WPbQ5MN23wpoqbO
EhMlOeERswJIyXKO88ZQoMxQsaYkiY1jXWtDAdJoYww6XNwld+qj1flbXOsI1gyA
OXA+hU5ON0sXvEs+/9zusPxYl0og8FYaPw9Dr1PxyOtqH3Eq5fuzrwJRjii6cL9Y
Ilkeab2zVZVdwfwAh3cxVCk6HEHDMdd3nB2HhntYtzYyQqK4Iuz+4EYNREhlEK2o
hZFInPCjLXNPKDidCVDKoLJPs7jAouKkKsys1eHp91NsSVrcPCMWDlG8oRiNbGz6
GCHmL2hpwXe45sVJQ20Hs8StTVwntAt3UJOsPXE+5QwnTlYoA7C8TX5qpwIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFBNJzO/0pIo9qwJAZ+F2Db9YZQ/aMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwL2EzMDZk
MC00YTIwLTRiY2YtODQ4ZS1kMmFlMmMzMzYzMjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvYTMwNmQw
LTRhMjAtNGJjZi04NDhlLWQyYWUyYzMzNjMyOC8xL0Uwbk03X1NraWoyckFrQm40
WFlOdjFobEQ5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQCLVfMAwQCLVtoAwQCLV7AAwQCLYNIAwQCLYls
AwQCLY2gAwQCLZ6YAwQCXHawAwQA1GZjMA0EAgACMAcDBQMqCa9AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMxLDANBgkqhkiG9w0BAQsFAAOCAQEAAO4Q4oIH1LIu
MFpJk9jVBD2/30DkANFAHbuwxITZ0pyyt9QKs2MWxNmMa2MHOf0Zsw27K6TPODCD
ljR4YpHVy4fA6vwPaN0bAIS/K3fZFgZJ+r/PAZWK6n8tansCBT05zEorcK7MEH+D
bCXTour7J9+2/AhYSBbRzYNokBW+LeXBhxLFXOjf+S7Cgyezmr+iFl4klQkhOckO
L9ethToaOkLiev7KPVz+cI4SeHMlwv7XECukyk7rDuf3fb6c+oy7Kdbb30nJ8X2U
+HCXwywivYSs/9hujiTB92pcqW1g+cqTidtVNSKnsjR6k0jaRiDanB0kWb9YXKcP
Z61w68/t3A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:05:37 2024 by rpki-client on console-fra.rpki-client.org