Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer
File:                     ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer (raw, json)
Hash identifier:          MtKE6Idjie3lcf+dh6tz8Fa5s4Y0TCWnjwI0JdohNdg=
Subject key identifier:   11:37:C2:34:53:B8:8E:BA:45:5C:42:08:C6:DF:5B:3E:1B:BC:24:5F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC7C84BE0BA16E70A651D39A0EC9D6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/ETfCNFO4jrpFXEIIxt9bPhu8JF8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:30:10 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 47127
                          IP: 91.209.191.0/24
                          IP: 2001:67c:2b3c::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:7c:84:be:0b:a1:6e:70:a6:51:d3:9a:0e:c9:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1137c23453b88eba455c4208c6df5b3e1bbc245f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f0:ce:b6:c5:d2:96:b5:1e:27:c9:36:50:73:
                    70:35:3c:4d:33:cb:a9:fe:ab:ef:1b:5c:5b:c5:fc:
                    de:2a:bb:a3:60:f0:45:0a:0c:10:15:07:d5:a4:2a:
                    86:60:a1:3c:39:18:3d:ee:22:d8:f5:e4:9d:f9:c7:
                    7e:42:bc:f9:4d:c6:1e:e2:03:e2:d0:2b:28:d9:d3:
                    d2:fb:fc:e5:55:d4:23:f0:49:c7:d6:44:4c:dc:8a:
                    75:05:13:0e:24:25:d1:33:2d:4d:7f:e5:ce:d3:4d:
                    f2:da:fe:05:41:63:64:19:98:f5:30:22:5f:84:22:
                    75:b7:31:3c:6e:b1:9e:9e:b2:9e:2c:91:43:d9:fd:
                    dd:96:d8:02:26:8e:ca:07:a7:91:80:52:a0:42:19:
                    cf:32:3f:cb:91:30:99:87:2f:a0:7b:ec:90:8a:2b:
                    65:31:61:b2:1b:12:df:1f:4b:88:2f:b4:fe:67:0f:
                    9c:3e:d5:0b:4c:71:84:16:0d:df:7b:6c:d9:b1:d7:
                    e7:82:95:ec:3d:86:03:ad:00:dd:90:47:be:9b:32:
                    59:9a:e6:1f:04:7a:17:3a:eb:2c:1a:85:94:5e:b7:
                    01:d6:d8:c2:2d:5f:5d:25:42:c9:e8:13:db:28:c9:
                    98:2c:ac:6b:73:f4:9a:5a:a7:94:f5:4c:ae:8c:7b:
                    92:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:37:C2:34:53:B8:8E:BA:45:5C:42:08:C6:DF:5B:3E:1B:BC:24:5F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/ETfCNFO4jrpFXEIIxt9bPhu8JF8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.191.0/24
                IPv6:
                  2001:67c:2b3c::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47127

    Signature Algorithm: sha256WithRSAEncryption
         16:c0:5c:fd:fb:82:f5:42:98:ee:55:95:30:b1:c1:42:b2:84:
         13:39:6c:66:29:ff:de:68:ad:76:d3:28:3f:22:1f:ea:b8:a8:
         c8:bb:33:eb:81:e9:ba:c8:7b:bf:74:65:e5:62:88:a3:83:06:
         59:d5:94:3b:f7:2f:b3:3b:38:42:68:9c:af:a6:e0:f5:e8:04:
         bb:5d:71:cb:01:10:e5:1e:ff:f9:50:9f:d9:20:7d:a3:19:f7:
         32:f9:d9:05:e8:36:41:03:e0:62:8d:e2:42:48:12:cc:69:b6:
         7b:5d:2d:21:62:90:e1:e1:14:a8:72:38:22:26:5c:98:57:ff:
         98:5d:2e:37:1f:1d:0a:7b:e7:d9:b5:d3:32:ac:70:8a:b2:2f:
         1d:5a:9e:26:4b:3d:8f:e9:06:32:4f:fa:7b:2e:32:db:4b:97:
         43:29:ab:aa:a1:04:89:7a:e7:0c:7c:a5:b3:6f:c4:de:c9:b1:
         f6:e0:f2:33:c1:14:a6:2f:03:58:dd:6f:46:37:e9:3c:83:31:
         ca:7b:52:ff:37:e0:ee:00:58:e2:12:30:b4:20:05:f8:63:48:
         7d:15:f9:cb:e9:c9:f1:d6:d7:4a:c9:53:3c:8a:8b:1a:62:48:
         4e:fa:e0:e3:86:43:67:3d:55:22:11:dc:17:c7:97:26:c8:bd:
         0b:af:f8:65
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYzF3HyEvguhbnCmUdOaDsnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTM3YzIzNDUzYjg4ZWJhNDU1YzQyMDhjNmRmNWIzZTFiYmMyNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvDOtsXSlrUeJ8k2UHNwNTxNM8up
/qvvG1xbxfzeKrujYPBFCgwQFQfVpCqGYKE8ORg97iLY9eSd+cd+Qrz5TcYe4gPi
0Cso2dPS+/zlVdQj8EnH1kRM3Ip1BRMOJCXRMy1Nf+XO003y2v4FQWNkGZj1MCJf
hCJ1tzE8brGenrKeLJFD2f3dltgCJo7KB6eRgFKgQhnPMj/LkTCZhy+ge+yQiitl
MWGyGxLfH0uIL7T+Zw+cPtULTHGEFg3fe2zZsdfngpXsPYYDrQDdkEe+mzJZmuYf
BHoXOussGoWUXrcB1tjCLV9dJULJ6BPbKMmYLKxrc/SaWqeU9UyujHuSgwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFBE3wjRTuI66RVxCCMbfWz4bvCRfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JiLzQ2MjRm
Yy02MzRmLTQwY2QtYTYwNy01ZWZkYTQ2OGEyMDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIvNDYyNGZj
LTYzNGYtNDBjZC1hNjA3LTVlZmRhNDY4YTIwMC8xL0VUZkNORk80anJwRlhFSUl4
dDliUGh1OEpGOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAW9G/MA8EAgACMAkDBwAgAQZ8KzwwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDALgXMA0GCSqGSIb3DQEBCwUAA4IBAQAWwFz9+4L1
QpjuVZUwscFCsoQTOWxmKf/eaK120yg/Ih/quKjIuzPrgem6yHu/dGXlYoijgwZZ
1ZQ79y+zOzhCaJyvpuD16AS7XXHLARDlHv/5UJ/ZIH2jGfcy+dkF6DZBA+BijeJC
SBLMabZ7XS0hYpDh4RSocjgiJlyYV/+YXS43Hx0Ke+fZtdMyrHCKsi8dWp4mSz2P
6QYyT/p7LjLbS5dDKauqoQSJeucMfKWzb8TeybH24PIzwRSmLwNY3W9GN+k8gzHK
e1L/N+DuAFjiEjC0IAX4Y0h9FfnL6cnx1tdKyVM8iosaYkhO+uDjhkNnPVUiEdwX
x5cmyL0Lr/hl
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:38:51 2024 by rpki-client on console-fra.rpki-client.org