Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FPwSEe469lf8lPkvoDCd5sbJQG4.cer
File:                     FPwSEe469lf8lPkvoDCd5sbJQG4.cer (raw, json)
Hash identifier:          KKXqou7Uwn2AaCA4MDqX73Ep1/3k1QnnC6TR8HouRB0=
Subject key identifier:   14:FC:12:11:EE:3A:F6:57:FC:94:F9:2F:A0:30:9D:E6:C6:C9:40:6E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC501497C0D60711A37D9E327F108CF28
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/FPwSEe469lf8lPkvoDCd5sbJQG4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 12:30:45 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50783
                          IP: 91.214.20.0/22
                          IP: 193.3.49.0/24
                          IP: 2001:67c:2b70::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:49:7c:0d:60:71:1a:37:d9:e3:27:f1:08:cf:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=14fc1211ee3af657fc94f92fa0309de6c6c9406e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:20:68:7a:e3:57:34:33:81:76:c2:23:27:c0:
                    d5:f9:61:0f:c1:39:17:a2:ef:7e:74:f3:54:c4:9a:
                    3e:0e:ae:ff:b6:a3:88:1e:81:6f:69:cc:ce:2e:ff:
                    ba:0d:4c:9f:27:a2:93:88:57:08:83:57:7f:e5:ba:
                    63:98:2a:53:de:bd:dd:67:77:ef:66:c5:4d:58:9d:
                    8b:56:d3:20:a3:1e:1f:62:13:27:d9:84:ef:90:b7:
                    23:61:e2:15:fc:4f:1f:9c:6c:b7:f9:69:f8:b7:50:
                    d5:55:f4:7a:b4:86:18:70:11:f0:16:c3:64:f3:68:
                    ab:1b:f0:aa:65:c1:af:db:17:1c:68:2a:0c:bf:a9:
                    23:c0:01:c3:6e:a5:05:03:f8:56:10:7a:c8:f9:bd:
                    38:bc:57:d8:bf:3a:3b:46:38:84:ab:4b:6a:99:17:
                    e8:72:9a:68:dd:fa:06:9c:3f:66:c3:70:23:2a:14:
                    db:f5:8c:22:77:4f:c0:a1:ee:89:d2:f0:60:df:5c:
                    9b:b1:a9:1a:fb:c8:87:a7:c9:b6:54:ed:b0:dd:b7:
                    59:a4:9c:eb:6b:b2:f2:b2:6e:58:14:b3:cb:34:f6:
                    cc:7f:be:c6:e9:18:f6:47:09:9f:7f:f4:ac:36:c8:
                    19:a7:2a:8a:88:f1:de:c7:54:e9:cf:31:cc:be:d3:
                    4b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:FC:12:11:EE:3A:F6:57:FC:94:F9:2F:A0:30:9D:E6:C6:C9:40:6E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/FPwSEe469lf8lPkvoDCd5sbJQG4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.214.20.0/22
                  193.3.49.0/24
                IPv6:
                  2001:67c:2b70::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50783

    Signature Algorithm: sha256WithRSAEncryption
         a1:e3:7b:e1:40:b4:76:fc:8b:58:45:60:46:72:28:a5:8d:d1:
         98:20:b9:33:3b:3f:5a:1d:3f:df:a1:48:bd:e9:4c:ea:0c:f4:
         11:68:2b:fd:2e:56:9e:d9:b8:13:d7:94:52:5d:e2:66:57:90:
         8b:54:02:c2:f0:4e:8a:8d:57:c7:41:73:5c:1f:87:f9:23:42:
         6b:05:bd:59:da:0f:ee:7b:23:a4:ca:82:ca:83:e6:c5:f4:74:
         dc:23:d2:59:43:d0:5f:ae:5f:f8:b5:9c:c6:da:d8:d7:d6:60:
         af:66:c7:ff:a3:53:8f:93:54:52:09:a8:49:20:1e:68:22:a5:
         c0:cd:aa:ce:17:a6:41:be:bb:e6:fe:4c:62:d6:f1:c8:ee:4d:
         97:14:97:67:7a:76:81:ef:6c:b2:0f:22:3c:31:07:66:8c:2b:
         46:92:76:0d:87:3a:3f:2b:e9:8a:4f:82:88:3e:aa:3f:2f:55:
         6d:c6:ce:ec:83:b5:2c:68:bf:d4:cd:f7:b4:c5:67:82:36:92:
         f2:1f:38:e8:66:15:ff:b1:1b:2b:43:7d:0a:16:3e:c9:4f:56:
         d0:fb:45:99:80:2b:a0:c2:c1:56:c8:2f:55:54:d1:21:a0:f3:
         38:05:58:d7:46:ea:d3:0f:a2:de:c6:ae:78:3f:72:e1:56:71:
         ff:b1:d0:54
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYzFAUl8DWBxGjfZ4yfxCM8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGZjMTIxMWVlM2FmNjU3ZmM5NGY5MmZhMDMwOWRlNmM2Yzk0MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSBoeuNXNDOBdsIjJ8DV+WEPwTkX
ou9+dPNUxJo+Dq7/tqOIHoFvaczOLv+6DUyfJ6KTiFcIg1d/5bpjmCpT3r3dZ3fv
ZsVNWJ2LVtMgox4fYhMn2YTvkLcjYeIV/E8fnGy3+Wn4t1DVVfR6tIYYcBHwFsNk
82irG/CqZcGv2xccaCoMv6kjwAHDbqUFA/hWEHrI+b04vFfYvzo7RjiEq0tqmRfo
cppo3foGnD9mw3AjKhTb9Ywid0/Aoe6J0vBg31ybsaka+8iHp8m2VO2w3bdZpJzr
a7Lysm5YFLPLNPbMf77G6Rj2Rwmff/SsNsgZpyqKiPHex1TpzzHMvtNLUwIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFBT8EhHuOvZX/JT5L6AwnebGyUBuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3LzRlZjQ5
Ni00NWU1LTQzOTctYTkxNC01OTg5YTQ5MDJkMWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvNGVmNDk2
LTQ1ZTUtNDM5Ny1hOTE0LTU5ODlhNDkwMmQxYS8xL0ZQd1NFZTQ2OWxmOGxQa3Zv
RENkNXNiSlFHNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQCW9YUAwQAwQMxMA8EAgACMAkDBwAgAQZ8K3Aw
GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMZfMA0GCSqGSIb3DQEBCwUAA4IBAQCh
43vhQLR2/ItYRWBGciiljdGYILkzOz9aHT/foUi96UzqDPQRaCv9Llae2bgT15RS
XeJmV5CLVALC8E6KjVfHQXNcH4f5I0JrBb1Z2g/ueyOkyoLKg+bF9HTcI9JZQ9Bf
rl/4tZzG2tjX1mCvZsf/o1OPk1RSCahJIB5oIqXAzarOF6ZBvrvm/kxi1vHI7k2X
FJdnenaB72yyDyI8MQdmjCtGknYNhzo/K+mKT4KIPqo/L1Vtxs7sg7UsaL/Uzfe0
xWeCNpLyHzjoZhX/sRsrQ30KFj7JT1bQ+0WZgCugwsFWyC9VVNEhoPM4BVjXRurT
D6Lexq54P3LhVnH/sdBU
-----END CERTIFICATE-----
Generated at Thu Mar 28 17:11:27 2024 by rpki-client on console-ams.rpki-client.org