Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ESvUHbMqYwfU8DW802AfToe9UfM.cer
File:                     ESvUHbMqYwfU8DW802AfToe9UfM.cer (raw, json)
Hash identifier:          Hy2aM8TWS6aV2nZ09rL6HweX1hy4PvN8flHwTN1Sx68=
Subject key identifier:   11:2B:D4:1D:B3:2A:63:07:D4:F0:35:BC:D3:60:1F:4E:87:BD:51:F3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC7258E9B85B6B7F9935E49F1B8A691C2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d4/37f738-2a5a-445d-9784-31340dee82a4/1/ESvUHbMqYwfU8DW802AfToe9UfM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d4/37f738-2a5a-445d-9784-31340dee82a4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:29:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 204901

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:25:8e:9b:85:b6:b7:f9:93:5e:49:f1:b8:a6:91:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=112bd41db32a6307d4f035bcd3601f4e87bd51f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:25:c4:99:51:24:90:cd:f5:de:c4:63:aa:02:
                    72:de:e8:73:c2:55:59:5c:3f:53:a6:d4:9c:d1:34:
                    36:ad:19:08:3d:b1:d2:1a:81:6e:a6:60:a2:d9:2a:
                    b2:32:28:c1:f9:31:91:df:6d:53:40:72:14:ed:df:
                    f2:bb:f3:00:b2:27:0c:c8:c5:e1:cb:51:f8:13:c7:
                    0e:73:bf:f2:2d:e1:56:52:6f:8f:a4:72:1d:60:0e:
                    c3:46:d3:e3:16:51:aa:f2:98:83:d6:d9:da:fc:a1:
                    b9:5e:a1:58:cb:0d:54:e7:bf:43:e9:13:24:de:d1:
                    15:46:8a:27:41:4c:b2:58:34:51:f3:18:d5:22:01:
                    bb:94:42:50:bc:05:8e:89:c8:f7:33:17:7a:5a:39:
                    68:74:01:6a:68:34:30:4a:58:d0:09:6c:86:20:c3:
                    9f:b6:4f:aa:71:d9:df:aa:2a:12:ae:7e:5d:31:80:
                    4e:43:42:53:47:d2:f7:c5:1d:ab:a1:79:e6:aa:ec:
                    f9:c7:f5:dc:c2:f5:c7:06:0c:20:97:d6:23:d1:76:
                    80:79:3a:07:ae:a8:58:8e:d8:14:79:1a:dc:95:50:
                    c0:91:f4:ff:3d:7e:0d:94:15:41:24:ff:2e:ca:be:
                    63:c5:f5:1a:24:fd:9f:46:b0:66:00:97:38:04:d3:
                    e9:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:2B:D4:1D:B3:2A:63:07:D4:F0:35:BC:D3:60:1F:4E:87:BD:51:F3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/37f738-2a5a-445d-9784-31340dee82a4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/37f738-2a5a-445d-9784-31340dee82a4/1/ESvUHbMqYwfU8DW802AfToe9UfM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204901

    Signature Algorithm: sha256WithRSAEncryption
         94:dc:bb:a8:9a:d2:02:12:2c:77:9f:27:5d:15:6c:bc:f0:fe:
         cd:cd:61:d5:63:25:a8:0e:92:eb:75:67:79:5e:1d:3b:67:ef:
         7b:af:2f:c8:f5:76:23:fe:bb:8d:bd:12:65:86:6f:39:26:8d:
         76:d4:90:1e:82:90:d0:92:df:af:8d:5a:55:22:9d:c3:da:f8:
         3c:bf:29:e1:26:08:13:8a:1e:c5:1d:0c:d6:56:11:1b:71:0e:
         f3:f4:8d:fd:08:b3:6c:99:5e:da:6e:5d:a9:ce:63:c8:58:b5:
         08:0b:26:e3:45:1b:d2:60:a5:5c:93:28:e0:67:51:28:59:8b:
         58:1e:4d:6b:13:9c:71:4d:c0:90:6e:3b:99:62:9b:df:29:1b:
         c5:25:fe:9f:7b:be:9f:a8:00:f0:ec:59:c3:5a:40:a6:1c:e9:
         c6:fc:82:13:01:08:d4:9e:3c:c6:b7:41:2c:52:a0:0c:28:52:
         7b:60:28:9b:80:76:3d:33:b2:5a:e7:98:af:e3:af:93:89:ba:
         01:2e:5b:33:97:f2:e9:8c:55:92:e6:98:7f:40:d3:26:df:14:
         7a:66:ef:59:39:44:dd:1b:00:a2:4a:eb:fe:b0:3c:86:fa:65:
         cd:f6:49:a2:b9:a6:1e:88:7d:e4:c7:ef:f1:b4:6f:b2:9c:b7:
         58:81:51:f4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHJY6bhba3+ZNeSfG4ppHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJiZDQxZGIzMmE2MzA3ZDRmMDM1YmNkMzYwMWY0ZTg3YmQ1MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyXEmVEkkM313sRjqgJy3uhzwlVZ
XD9TptSc0TQ2rRkIPbHSGoFupmCi2SqyMijB+TGR321TQHIU7d/yu/MAsicMyMXh
y1H4E8cOc7/yLeFWUm+PpHIdYA7DRtPjFlGq8piD1tna/KG5XqFYyw1U579D6RMk
3tEVRoonQUyyWDRR8xjVIgG7lEJQvAWOicj3Mxd6WjlodAFqaDQwSljQCWyGIMOf
tk+qcdnfqioSrn5dMYBOQ0JTR9L3xR2roXnmquz5x/XcwvXHBgwgl9Yj0XaAeToH
rqhYjtgUeRrclVDAkfT/PX4NlBVBJP8uyr5jxfUaJP2fRrBmAJc4BNPpHwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBEr1B2zKmMH1PA1vNNgH06HvVHzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzM3Zjcz
OC0yYTVhLTQ0NWQtOTc4NC0zMTM0MGRlZTgyYTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvMzdmNzM4
LTJhNWEtNDQ1ZC05Nzg0LTMxMzQwZGVlODJhNC8xL0VTdlVIYk1xWXdmVThEVzgw
MkFmVG9lOVVmTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMgZTANBgkqhkiG9w0BAQsFAAOCAQEAlNy7qJrSAhIs
d58nXRVsvPD+zc1h1WMlqA6S63VneV4dO2fve68vyPV2I/67jb0SZYZvOSaNdtSQ
HoKQ0JLfr41aVSKdw9r4PL8p4SYIE4oexR0M1lYRG3EO8/SN/QizbJle2m5dqc5j
yFi1CAsm40Ub0mClXJMo4GdRKFmLWB5NaxOccU3AkG47mWKb3ykbxSX+n3u+n6gA
8OxZw1pAphzpxvyCEwEI1J48xrdBLFKgDChSe2Aom4B2PTOyWueYr+Ovk4m6AS5b
M5fy6YxVkuaYf0DTJt8UembvWTlE3RsAokrr/rA8hvplzfZJormmHoh95Mfv8bRv
spy3WIFR9A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:46:06 2024 by rpki-client on console-ams.rpki-client.org