Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
File:                     Ejw95hAR3gcQHhTcByc5UXHLA6s.cer (raw, json)
Hash identifier:          n6exZC9w68hBYCB/Ppn9kdCPUBF8ohn7tcVzMIOjXfE=
Subject key identifier:   12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC80123D2C947055729A3F052B876266C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:29:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 203459
                          AS: 203811
                          IP: 185.122.252.0/22
                          IP: 185.133.224.0/22
                          IP: 2a06:7fc0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:23:d2:c9:47:05:57:29:a3:f0:52:b8:76:26:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:29:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=123c3de61011de07101e14dc0727395171cb03ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:0b:81:b8:f3:ab:4e:b9:63:37:bd:d8:de:71:
                    14:82:90:ab:76:6e:44:f2:60:ac:5e:6b:d6:de:9b:
                    17:15:28:93:c3:f0:4c:29:50:1a:cd:e6:20:73:98:
                    2c:12:32:a9:97:9e:67:ab:3d:57:58:9d:fc:42:8c:
                    ba:57:5e:d0:a4:88:80:5a:c0:df:4c:14:4f:fb:57:
                    8c:d0:72:4f:ad:6e:d7:63:a4:d3:6b:80:40:36:1b:
                    b8:2e:9e:12:80:74:e8:17:c3:79:5b:50:b1:21:0b:
                    77:08:60:c5:0e:a4:f0:6d:a5:e8:ed:66:f2:75:ba:
                    4b:ef:4e:40:c7:50:44:76:dd:60:61:f5:8d:eb:1c:
                    da:0a:72:71:d6:39:62:f4:03:2c:4b:8f:ea:37:ca:
                    b6:a7:cf:47:e4:b8:5b:61:06:63:28:6e:50:45:c8:
                    a3:a9:f6:e3:f8:ef:7c:ec:11:2e:a8:77:d7:51:6e:
                    20:3f:e6:20:cb:9f:1e:aa:12:71:e7:f2:2e:4c:0d:
                    bc:eb:d4:c3:43:34:1d:da:04:0e:54:2f:bc:cf:ca:
                    b0:43:cf:58:a4:8e:24:42:41:70:c2:55:e9:88:54:
                    4d:db:25:06:ad:01:09:1a:f8:55:d4:79:4a:8e:4b:
                    81:ca:fb:0d:14:e0:9a:2e:11:69:8f:48:9f:a5:3d:
                    ef:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.122.252.0/22
                  185.133.224.0/22
                IPv6:
                  2a06:7fc0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203459
                  203811

    Signature Algorithm: sha256WithRSAEncryption
         22:a8:3c:28:d7:64:29:a4:1f:ac:02:17:4b:ed:09:fc:53:1c:
         df:82:fc:1c:05:0f:9b:67:f3:4b:a5:50:db:45:e7:26:a9:42:
         08:56:cb:cd:01:dc:9e:63:87:80:4e:41:26:4b:1d:52:76:ec:
         3d:d7:3e:39:2f:93:f8:02:34:14:16:b5:0e:89:93:47:9f:41:
         3c:4c:d9:14:9f:88:af:f2:db:36:42:b5:ca:42:bf:5c:5c:0c:
         3a:8b:8c:e9:18:da:65:36:44:5c:97:35:91:36:9b:ed:74:7b:
         8a:f2:bb:c6:bb:10:8a:c9:5b:34:38:dd:47:d7:d7:57:da:f8:
         71:db:f3:e5:b0:14:63:55:08:ea:f2:ad:b7:88:d8:ad:1b:46:
         1c:eb:93:83:29:8a:21:b7:d3:4e:bc:98:49:1d:30:ed:32:29:
         08:c9:62:52:4f:36:94:42:0d:84:53:9c:6c:f6:3f:9d:2b:7d:
         8d:ea:38:42:c1:c3:b1:29:37:7a:db:90:00:08:ca:8a:cf:a7:
         d0:45:75:44:75:bc:c2:73:a8:b3:85:35:b7:dd:58:32:35:0e:
         25:be:e1:c9:70:f9:f9:e5:dc:a6:34:95:b6:72:a1:17:5a:0e:
         30:ce:94:2f:88:63:0e:63:ad:1f:38:3f:90:88:93:52:21:3f:
         0a:77:b6:f3
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYzIASPSyUcFVymj8FK4diZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjNjM2RlNjEwMTFkZTA3MTAxZTE0ZGMwNzI3Mzk1MTcxY2IwM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7guBuPOrTrljN73Y3nEUgpCrdm5E
8mCsXmvW3psXFSiTw/BMKVAazeYgc5gsEjKpl55nqz1XWJ38Qoy6V17QpIiAWsDf
TBRP+1eM0HJPrW7XY6TTa4BANhu4Lp4SgHToF8N5W1CxIQt3CGDFDqTwbaXo7Wby
dbpL705Ax1BEdt1gYfWN6xzaCnJx1jli9AMsS4/qN8q2p89H5LhbYQZjKG5QRcij
qfbj+O987BEuqHfXUW4gP+Ygy58eqhJx5/IuTA2869TDQzQd2gQOVC+8z8qwQ89Y
pI4kQkFwwlXpiFRN2yUGrQEJGvhV1HlKjkuByvsNFOCaLhFpj0ifpT3vPQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBI8PeYQEd4HEB4U3AcnOVFxywOrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJiLzIyOTY1
MC04YTAxLTQzNzAtOTkxZS1iNTA0YzlhZTliYmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvMjI5NjUw
LThhMDEtNDM3MC05OTFlLWI1MDRjOWFlOWJiYy8xL0Vqdzk1aEFSM2djUUhoVGNC
eWM1VVhITEE2cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuXr8AwQCuYXgMA0EAgACMAcDBQMqBn/AMB8G
CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwMawwIDAxwjMA0GCSqGSIb3DQEBCwUAA4IB
AQAiqDwo12QppB+sAhdL7Qn8UxzfgvwcBQ+bZ/NLpVDbRecmqUIIVsvNAdyeY4eA
TkEmSx1Sduw91z45L5P4AjQUFrUOiZNHn0E8TNkUn4iv8ts2QrXKQr9cXAw6i4zp
GNplNkRclzWRNpvtdHuK8rvGuxCKyVs0ON1H19dX2vhx2/PlsBRjVQjq8q23iNit
G0Yc65ODKYoht9NOvJhJHTDtMikIyWJSTzaUQg2EU5xs9j+dK32N6jhCwcOxKTd6
25AACMqKz6fQRXVEdbzCc6izhTW33VgyNQ4lvuHJcPn55dymNJW2cqEXWg4wzpQv
iGMOY60fOD+QiJNSIT8Kd7bz
-----END CERTIFICATE-----
Generated at Fri Mar 29 09:46:18 2024 by rpki-client on console-fra.rpki-client.org