Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
File:                     F9vVrPH5x10YofdQMRFMSPCyM2M.cer (raw, json)
Hash identifier:          pmSUhMtnq8pCfIAXw74ntV24mHbGvcG4v4xnMJ2qNCY=
Subject key identifier:   17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86F596F8BCFA3EB24D96585844E9F58
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:29:49 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 25156
                          IP: 45.14.152.0/22
                          IP: 85.89.128.0/19
                          IP: 85.116.224.0/19
                          IP: 2a00:65c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:59:6f:8b:cf:a3:eb:24:d9:65:85:84:4e:9f:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:bb:dc:90:a3:40:37:5c:5f:43:f1:8e:bd:ec:
                    db:8c:16:ea:4e:44:93:c8:0d:e1:8f:2f:f9:fb:ed:
                    98:58:93:b6:1b:9a:e7:ae:b8:06:0f:32:93:27:d5:
                    f9:90:f3:4c:c5:28:2d:e1:10:aa:36:41:7f:e4:9e:
                    c6:54:66:c2:b0:ea:39:59:05:db:f1:f3:06:01:08:
                    f7:1f:6c:44:b6:fd:ee:ef:3c:07:f8:9a:17:cd:1d:
                    ce:71:3d:da:fb:1e:d6:14:54:05:56:a9:e2:9d:f3:
                    1f:38:7a:0d:99:e5:51:27:65:3f:c6:09:a5:fb:a9:
                    49:3f:79:3a:bb:90:7a:fd:22:81:e9:1a:2f:84:c6:
                    b5:14:0d:8d:bd:77:31:ad:69:60:31:69:06:68:00:
                    47:71:90:00:96:57:dc:8a:24:56:10:a0:cd:2f:14:
                    d8:80:3e:5f:13:8c:0b:ef:a1:49:11:ff:ab:1e:c5:
                    45:23:bd:cd:ab:97:96:ed:5c:3c:1e:5f:e4:12:99:
                    21:73:ea:c0:63:3b:65:10:4c:9a:d1:8b:4d:2c:d8:
                    d8:f7:52:be:da:cf:ac:57:38:b8:71:0c:32:ae:46:
                    75:ad:95:32:d8:df:9c:54:1b:58:36:00:65:7b:83:
                    a8:36:a7:6a:b1:13:3e:6c:cf:9f:19:36:1c:3c:62:
                    d6:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.152.0/22
                  85.89.128.0/19
                  85.116.224.0/19
                IPv6:
                  2a00:65c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  25156

    Signature Algorithm: sha256WithRSAEncryption
         1b:67:87:52:21:1f:3e:56:d9:b6:af:f1:81:b6:64:00:0a:6c:
         e8:5d:f4:11:7d:9f:50:34:74:d2:06:f4:eb:94:39:95:80:46:
         01:fa:74:5c:c9:b5:43:32:3b:1a:46:c6:42:53:9a:b9:a3:34:
         3c:d1:fe:7c:e7:64:04:74:87:48:b5:1c:6d:2e:51:08:b6:de:
         c6:fb:46:8c:fd:23:5d:63:07:9d:b0:ca:29:82:3b:29:57:b2:
         65:7f:ad:b1:59:24:db:9a:72:38:38:c5:f1:2e:c1:f4:fd:bf:
         92:65:56:17:29:9b:43:c8:55:70:21:80:f1:41:b8:65:98:3c:
         98:5a:e4:2a:0a:37:da:7b:e0:58:ef:8d:c2:a2:f5:bd:4c:01:
         8f:40:b4:cd:31:81:25:0a:de:17:53:2d:a5:f6:c3:6b:a2:ed:
         ca:0b:66:17:e3:cb:bc:07:3e:a4:c7:a5:b6:66:e6:58:bc:8c:
         6e:34:59:2f:ed:1a:7c:44:31:d5:b8:bd:29:9d:f9:3b:74:ae:
         af:4d:2c:cd:26:d3:9d:04:ae:6e:8e:10:c3:d0:67:68:a2:07:
         77:c9:a4:ee:28:b6:05:eb:c1:c7:3a:f7:67:e7:4f:7f:91:51:
         32:12:6a:5a:4e:d7:c2:a5:1a:92:0d:c4:1b:03:94:e0:86:8d:
         76:15:74:7c
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYzIb1lvi8+j6yTZZYWETp9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2RiZDVhY2YxZjljNzVkMThhMWY3NTAzMTExNGM0OGYwYjIzMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLvckKNAN1xfQ/GOvezbjBbqTkST
yA3hjy/5++2YWJO2G5rnrrgGDzKTJ9X5kPNMxSgt4RCqNkF/5J7GVGbCsOo5WQXb
8fMGAQj3H2xEtv3u7zwH+JoXzR3OcT3a+x7WFFQFVqninfMfOHoNmeVRJ2U/xgml
+6lJP3k6u5B6/SKB6RovhMa1FA2NvXcxrWlgMWkGaABHcZAAllfciiRWEKDNLxTY
gD5fE4wL76FJEf+rHsVFI73Nq5eW7Vw8Hl/kEpkhc+rAYztlEEya0YtNLNjY91K+
2s+sVzi4cQwyrkZ1rZUy2N+cVBtYNgBle4OoNqdqsRM+bM+fGTYcPGLWTQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBfb1azx+cddGKH3UDERTEjwsjNjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhhLzI5MTk5
Zi1mNmNjLTQ0OGEtYmZkNC01ODFkYjg3YzgyMWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEvMjkxOTlm
LWY2Y2MtNDQ4YS1iZmQ0LTU4MWRiODdjODIxZS8xL0Y5dlZyUEg1eDEwWW9mZFFN
UkZNU1BDeU0yTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCLQ6YAwQFVVmAAwQFVXTgMA0EAgACMAcDBQAq
AGXAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAmJEMA0GCSqGSIb3DQEBCwUAA4IB
AQAbZ4dSIR8+Vtm2r/GBtmQACmzoXfQRfZ9QNHTSBvTrlDmVgEYB+nRcybVDMjsa
RsZCU5q5ozQ80f5852QEdIdItRxtLlEItt7G+0aM/SNdYwedsMopgjspV7Jlf62x
WSTbmnI4OMXxLsH0/b+SZVYXKZtDyFVwIYDxQbhlmDyYWuQqCjfae+BY743CovW9
TAGPQLTNMYElCt4XUy2l9sNrou3KC2YX48u8Bz6kx6W2ZuZYvIxuNFkv7Rp8RDHV
uL0pnfk7dK6vTSzNJtOdBK5ujhDD0Gdoogd3yaTuKLYF68HHOvdn509/kVEyEmpa
TtfCpRqSDcQbA5Tgho12FXR8
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:50:35 2024 by rpki-client on console-fra.rpki-client.org