Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/E266c8PZX-9psaYwJBeji5vyJ20.cer
File:                     E266c8PZX-9psaYwJBeji5vyJ20.cer (raw, json)
Hash identifier:          QMiaVUsEzXMBaOWb4YmXzDT21Vo3v4j+fqX7w1yGxwA=
Subject key identifier:   13:6E:BA:73:C3:D9:5F:EF:69:B1:A6:30:24:17:A3:8B:9B:F2:27:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC870FC88567DD0CD5155EA267C0011DA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d2/0fe327-96e5-42fc-aab1-625028330ec6/1/E266c8PZX-9psaYwJBeji5vyJ20.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d2/0fe327-96e5-42fc-aab1-625028330ec6/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:31:37 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 47214
                          IP: 193.34.197.128/25
                          IP: 193.43.0.0/26
                          IP: 2001:7f8:6d::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:fc:88:56:7d:d0:cd:51:55:ea:26:7c:00:11:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:31:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=136eba73c3d95fef69b1a6302417a38b9bf2276d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:95:61:97:11:b8:dc:df:03:b7:23:6b:4e:b1:
                    1d:51:fa:f5:4e:a6:19:80:06:81:b1:cc:08:ae:c3:
                    f7:7b:cd:f0:9b:bd:42:f3:19:87:90:36:7c:ba:b7:
                    c1:3a:ac:08:1d:3c:9f:31:46:60:78:35:e0:50:dd:
                    3e:c7:44:b8:c5:f6:bb:73:1f:e5:fa:02:2b:22:37:
                    fe:c7:a8:9d:f2:16:a1:d4:1c:14:bd:89:ee:18:7d:
                    19:04:ef:90:ba:b0:dd:9a:d3:90:56:7b:dc:a0:70:
                    56:fd:de:b5:b5:d5:46:4c:0a:fa:57:c7:71:2a:a4:
                    23:d6:ab:d5:e1:34:d0:b5:be:a5:f3:7a:d4:fa:17:
                    e6:5e:ac:9e:ba:94:bf:80:a4:50:d1:4c:f0:81:53:
                    1d:5a:1a:60:1c:0b:53:42:fd:5a:fc:70:3b:33:72:
                    91:6c:aa:70:68:da:3f:ca:73:71:97:12:78:8b:03:
                    d4:c2:eb:7f:78:af:d5:7e:1a:4c:7c:7b:2d:e6:2b:
                    62:25:36:72:23:75:61:0a:ac:9d:83:37:4d:a6:03:
                    62:5a:53:25:05:a1:3c:a0:0e:7e:b6:94:f5:c2:58:
                    f6:34:16:b5:55:5d:3b:08:79:8b:b3:b7:87:0b:61:
                    8b:1d:c8:90:d3:c9:22:97:ec:40:43:38:73:18:7a:
                    c5:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:6E:BA:73:C3:D9:5F:EF:69:B1:A6:30:24:17:A3:8B:9B:F2:27:6D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0fe327-96e5-42fc-aab1-625028330ec6/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0fe327-96e5-42fc-aab1-625028330ec6/1/E266c8PZX-9psaYwJBeji5vyJ20.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.34.197.128/25
                  193.43.0.0/26
                IPv6:
                  2001:7f8:6d::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47214

    Signature Algorithm: sha256WithRSAEncryption
         14:70:3b:d9:94:a5:1b:31:8f:86:0c:f7:1b:a3:95:6d:83:03:
         4f:4c:eb:52:bd:e6:46:9c:17:12:86:de:ac:c4:cb:cd:f7:fa:
         4f:e5:34:62:0e:c7:5c:00:64:2d:1f:97:75:b7:0b:7a:96:cb:
         f0:1c:33:bf:a6:d2:82:ba:ec:7c:b1:47:00:4b:5b:16:3a:7e:
         da:f4:11:ef:47:38:b0:78:94:81:76:02:55:96:e6:ca:2f:6a:
         4e:cb:84:1c:b5:b6:72:fd:cd:7e:23:0a:80:47:50:b4:bc:5f:
         ca:e6:1c:c0:ca:8d:98:41:c6:18:49:7f:2e:00:53:b6:44:f6:
         4f:32:ea:be:73:ab:ac:9f:55:53:dd:f0:ee:a7:60:7a:43:41:
         7d:fb:5a:55:86:b5:5f:7d:70:fa:c9:8f:c9:fd:ed:3c:cb:e5:
         f4:24:46:a1:a9:cc:9a:62:11:9e:c7:3d:f3:45:ea:a3:73:ef:
         94:3e:16:83:ff:68:2e:ce:ef:92:d9:61:b5:42:c5:10:83:b4:
         4c:2f:bb:61:b7:81:21:ff:2e:84:cb:83:e1:52:13:21:d3:29:
         9b:09:4b:31:80:e6:f2:91:76:7f:6f:97:90:ae:65:e1:7d:50:
         6c:86:32:50:27:a3:19:81:fb:7e:1d:7c:80:e4:7c:e4:8b:94:
         13:53:d4:70
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYzIcPyIVn3QzVFV6iZ8ABHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzZlYmE3M2MzZDk1ZmVmNjliMWE2MzAyNDE3YTM4YjliZjIyNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZVhlxG43N8DtyNrTrEdUfr1TqYZ
gAaBscwIrsP3e83wm71C8xmHkDZ8urfBOqwIHTyfMUZgeDXgUN0+x0S4xfa7cx/l
+gIrIjf+x6id8hah1BwUvYnuGH0ZBO+QurDdmtOQVnvcoHBW/d61tdVGTAr6V8dx
KqQj1qvV4TTQtb6l83rU+hfmXqyeupS/gKRQ0UzwgVMdWhpgHAtTQv1a/HA7M3KR
bKpwaNo/ynNxlxJ4iwPUwut/eK/VfhpMfHst5itiJTZyI3VhCqydgzdNpgNiWlMl
BaE8oA5+tpT1wlj2NBa1VV07CHmLs7eHC2GLHciQ08kil+xAQzhzGHrFMQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFBNuunPD2V/vabGmMCQXo4ub8idtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QyLzBmZTMy
Ny05NmU1LTQyZmMtYWFiMS02MjUwMjgzMzBlYzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIvMGZlMzI3
LTk2ZTUtNDJmYy1hYWIxLTYyNTAyODMzMGVjNi8xL0UyNjZjOFBaWC05cHNhWXdK
QmVqaTV2eUoyMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzAUBAIAATAOAwUHwSLFgAMFBsErAAAwDwQCAAIwCQMHACABB/gA
bTAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAuG4wDQYJKoZIhvcNAQELBQADggEB
ABRwO9mUpRsxj4YM9xujlW2DA09M61K95kacFxKG3qzEy833+k/lNGIOx1wAZC0f
l3W3C3qWy/AcM7+m0oK67HyxRwBLWxY6ftr0Ee9HOLB4lIF2AlWW5sovak7LhBy1
tnL9zX4jCoBHULS8X8rmHMDKjZhBxhhJfy4AU7ZE9k8y6r5zq6yfVVPd8O6nYHpD
QX37WlWGtV99cPrJj8n97TzL5fQkRqGpzJpiEZ7HPfNF6qNz75Q+FoP/aC7O75LZ
YbVCxRCDtEwvu2G3gSH/LoTLg+FSEyHTKZsJSzGA5vKRdn9vl5CuZeF9UGyGMlAn
oxmB+34dfIDkfOSLlBNT1HA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 09:33:35 2024 by rpki-client on console-fra.rpki-client.org