Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EceeiifN6ZEb19pjhzxcxVjb1TE.cer
File:                     EceeiifN6ZEb19pjhzxcxVjb1TE.cer (raw, json)
Hash identifier:          oE3Tg03h3raPeqyNX0x4Q6CGeG7vTlE6uJQqn11XcDs=
Subject key identifier:   11:C7:9E:8A:27:CD:E9:91:1B:D7:DA:63:87:3C:5C:C5:58:DB:D5:31
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B688DBCE9249AECFE8716528CD3F13
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 212684
                          IP: 91.192.9.0/24
                          IP: 107.150.165.0/24
                          IP: 2a06:39c0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:88:db:ce:92:49:ae:cf:e8:71:65:28:cd:3f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=11c79e8a27cde9911bd7da63873c5cc558dbd531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:3f:87:d1:18:95:c9:61:85:ab:dd:f5:da:7e:
                    81:32:04:09:d3:ff:73:cb:44:5e:79:da:9f:d1:5d:
                    25:77:82:9e:19:c8:ce:b6:97:79:b6:f1:93:f5:c1:
                    12:cb:5f:bb:ec:3c:57:21:67:c5:ec:67:19:26:07:
                    27:18:4a:02:5a:81:74:c6:76:bb:2b:5e:bc:a1:2e:
                    db:b1:7e:1d:64:0d:50:02:4a:23:b7:85:06:8c:a3:
                    a8:78:b9:59:0d:a9:c7:c8:46:42:d5:49:b8:43:0f:
                    eb:7d:5d:d0:d7:65:b5:75:2b:2b:b5:50:64:fd:b3:
                    f8:dc:9f:99:ef:ff:2f:c8:ad:09:b5:b8:1a:90:9b:
                    4d:d3:75:8a:e0:00:01:a4:20:d7:73:9f:a3:89:dd:
                    91:2b:ae:a8:05:42:7a:f7:90:2f:6d:f9:c6:36:32:
                    58:e1:69:32:63:c9:21:5f:0b:29:54:a4:9e:e4:01:
                    18:c3:70:71:cc:28:5c:90:11:03:37:47:16:c8:2a:
                    e2:de:7d:b9:e6:9a:2e:69:9e:26:0d:aa:84:d3:f5:
                    36:ea:78:57:a4:f2:1e:bb:b4:37:34:04:16:42:9e:
                    92:ff:c3:92:9d:5e:94:41:6c:24:76:8d:6d:e0:1a:
                    bf:73:e2:ab:a0:8a:cd:cd:10:67:98:03:c2:67:e1:
                    c1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:C7:9E:8A:27:CD:E9:91:1B:D7:DA:63:87:3C:5C:C5:58:DB:D5:31
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.9.0/24
                  107.150.165.0/24
                IPv6:
                  2a06:39c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212684

    Signature Algorithm: sha256WithRSAEncryption
         67:ae:51:ef:b4:03:f7:86:cf:35:84:f3:77:93:93:9e:5f:32:
         96:81:6a:67:da:59:14:a7:31:a2:72:48:fe:e1:17:22:4f:83:
         24:b5:0f:17:c5:13:be:19:74:34:8a:99:65:38:01:30:8d:94:
         89:85:3d:61:42:da:52:36:2d:8a:6c:dd:61:a9:11:4d:f6:8d:
         a0:2b:6f:31:bd:18:77:52:d5:f0:90:6b:55:19:9c:f7:25:ca:
         ae:85:fa:18:65:ba:83:e6:e3:1f:b2:e3:a3:8e:74:5c:4a:3f:
         1a:c3:51:1c:9f:c8:5d:47:b8:e9:60:e2:0d:08:d6:99:c5:d9:
         b3:75:74:a4:1c:7c:ac:b1:59:dc:a6:70:b0:31:bc:09:09:c0:
         cd:df:da:0d:e4:35:20:45:68:7a:5d:90:65:07:e0:38:5a:6c:
         50:63:3e:73:7e:13:a5:41:89:fe:63:25:78:cb:4e:8e:bc:0a:
         5d:b5:89:01:4f:0b:08:2b:7f:7a:be:91:5c:74:eb:90:17:6a:
         67:6b:b1:86:7b:cf:9d:43:06:97:30:b0:c0:6a:93:31:03:ca:
         cb:a8:68:14:73:2e:be:50:08:f6:c5:bd:3c:3c:a3:a6:55:6a:
         e3:74:a0:0f:74:e1:70:d9:01:73:ea:9d:02:e3:97:c2:32:a0:
         a0:82:96:50
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzDtojbzpJJrs/ocWUozT8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWM3OWU4YTI3Y2RlOTkxMWJkN2RhNjM4NzNjNWNjNTU4ZGJkNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz+H0RiVyWGFq9312n6BMgQJ0/9z
y0Reedqf0V0ld4KeGcjOtpd5tvGT9cESy1+77DxXIWfF7GcZJgcnGEoCWoF0xna7
K168oS7bsX4dZA1QAkojt4UGjKOoeLlZDanHyEZC1Um4Qw/rfV3Q12W1dSsrtVBk
/bP43J+Z7/8vyK0JtbgakJtN03WK4AABpCDXc5+jid2RK66oBUJ695AvbfnGNjJY
4WkyY8khXwspVKSe5AEYw3BxzChckBEDN0cWyCri3n255pouaZ4mDaqE0/U26nhX
pPIeu7Q3NAQWQp6S/8OSnV6UQWwkdo1t4Bq/c+KroIrNzRBnmAPCZ+HBQQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFBHHnoonzemRG9faY4c8XMVY29UxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NhLzQxNGU1
YS01MmY4LTQ4NDUtYjFiYi1iOTkzMDUxMGQwYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvNDE0ZTVh
LTUyZjgtNDg0NS1iMWJiLWI5OTMwNTEwZDBhMC8xL0VjZWVpaWZONlpFYjE5cGpo
enhjeFZqYjFURS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAW8AJAwQAa5alMA0EAgACMAcDBQMqBjnAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM+zDANBgkqhkiG9w0BAQsFAAOCAQEAZ65R
77QD94bPNYTzd5OTnl8yloFqZ9pZFKcxonJI/uEXIk+DJLUPF8UTvhl0NIqZZTgB
MI2UiYU9YULaUjYtimzdYakRTfaNoCtvMb0Yd1LV8JBrVRmc9yXKroX6GGW6g+bj
H7Ljo450XEo/GsNRHJ/IXUe46WDiDQjWmcXZs3V0pBx8rLFZ3KZwsDG8CQnAzd/a
DeQ1IEVoel2QZQfgOFpsUGM+c34TpUGJ/mMleMtOjrwKXbWJAU8LCCt/er6RXHTr
kBdqZ2uxhnvPnUMGlzCwwGqTMQPKy6hoFHMuvlAI9sW9PDyjplVq43SgD3ThcNkB
c+qdAuOXwjKgoIKWUA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:24:06 2024 by rpki-client on console-ams.rpki-client.org