Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FivG9rrBQqA6uxp62RaQaD8DpNw.cer
File:                     FivG9rrBQqA6uxp62RaQaD8DpNw.cer (raw, json)
Hash identifier:          oSAwzHSH/jS1s2ywWe/v7qSISYOS10LS7f6klXjG7Ko=
Subject key identifier:   16:2B:C6:F6:BA:C1:42:A0:3A:BB:1A:7A:D9:16:90:68:3F:03:A4:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC492AA61B8D26EE71FB9259FB531445D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/FivG9rrBQqA6uxp62RaQaD8DpNw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:29:55 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 60245
                          IP: 185.54.236.0/22
                          IP: 2a02:4760::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 30 Mar 2024 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:aa:61:b8:d2:6e:e7:1f:b9:25:9f:b5:31:44:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:29:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=162bc6f6bac142a03abb1a7ad91690683f03a4dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f5:49:ed:1d:8e:4f:39:34:7e:58:93:5e:ce:
                    9b:2a:e5:a1:60:9e:8f:8f:28:58:cc:2c:09:b5:9a:
                    fa:d4:11:af:dd:ac:27:5f:ff:26:d7:0b:a5:61:2b:
                    38:ca:9a:88:34:e5:7b:51:d8:32:ab:95:d3:de:30:
                    a8:5d:8b:d4:b1:34:56:f0:c0:4a:09:af:fa:fe:0c:
                    94:18:61:2b:a3:b7:f5:98:00:c8:a8:34:e5:d9:65:
                    65:41:2b:c5:67:67:11:7c:6c:4e:7b:f4:15:6a:12:
                    5b:8a:89:db:c8:75:21:00:56:39:ae:26:b1:28:09:
                    02:77:18:1c:63:17:72:66:f8:e8:3c:34:ba:a9:23:
                    73:2d:f3:b4:58:77:e4:f6:fb:c4:a2:86:d5:a6:8b:
                    ce:61:92:bf:b0:d3:76:6d:41:f3:9f:05:11:61:7e:
                    a2:4b:e1:d2:10:9a:2e:3c:3f:c3:5b:53:b3:e9:6e:
                    a2:d4:0e:2d:79:ec:0b:51:ee:9b:15:4a:12:5b:31:
                    fd:c6:ef:8c:76:ab:24:ff:c7:10:16:7a:d8:89:e6:
                    b4:c5:9e:e4:c7:03:38:8c:0c:b0:28:ab:79:1c:b7:
                    e9:60:e1:69:c0:5b:c6:a8:76:c3:ef:75:b6:50:2c:
                    24:73:1f:e3:37:20:0e:dc:c8:13:b7:0e:85:70:a7:
                    ca:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:2B:C6:F6:BA:C1:42:A0:3A:BB:1A:7A:D9:16:90:68:3F:03:A4:DC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/FivG9rrBQqA6uxp62RaQaD8DpNw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.236.0/22
                IPv6:
                  2a02:4760::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  60245

    Signature Algorithm: sha256WithRSAEncryption
         11:1d:74:79:60:70:ff:a5:b9:c5:52:0b:1e:d0:01:ce:c4:96:
         05:5a:e2:b9:a6:db:83:d1:2c:c2:58:2c:08:7c:88:21:88:19:
         39:01:2e:54:ed:90:90:cf:f4:2d:59:21:22:9f:12:80:a5:06:
         8d:f4:36:65:b1:4e:47:87:2e:17:07:80:69:32:4f:40:d9:72:
         5b:a7:c7:67:c3:6b:07:4b:dd:d4:d6:64:5b:64:b2:b9:b5:ce:
         cb:3f:54:eb:6e:99:ef:a1:c7:3b:92:3a:56:a9:0a:0d:4a:1a:
         1b:0b:85:4d:a4:3a:a3:61:d3:4c:6d:f9:a5:17:b3:79:72:4c:
         2d:0d:2a:4f:54:3a:3d:3f:7c:a7:4c:7c:a5:39:86:be:1c:1a:
         7d:17:12:0a:88:b8:2f:38:c6:7a:41:8c:e1:27:3e:55:0b:0e:
         b1:a1:03:50:2b:40:95:16:23:1d:1d:b6:b3:8b:a7:b8:99:b1:
         31:2e:3f:59:50:26:cf:be:72:fe:72:4d:f0:42:1f:45:fe:c4:
         f8:b3:4e:8a:64:08:19:94:e4:6b:2e:1b:c6:c5:e4:1b:9f:12:
         90:a1:c4:c3:3e:51:17:f3:45:72:3d:d2:ae:83:4a:d4:49:c2:
         0a:47:a5:fa:65:ed:e5:76:23:bb:57:10:08:9f:ee:73:b0:b8:
         0d:f9:ce:12
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzEkqphuNJu5x+5JZ+1MURdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJiYzZmNmJhYzE0MmEwM2FiYjFhN2FkOTE2OTA2ODNmMDNhNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPVJ7R2OTzk0fliTXs6bKuWhYJ6P
jyhYzCwJtZr61BGv3awnX/8m1wulYSs4ypqINOV7Udgyq5XT3jCoXYvUsTRW8MBK
Ca/6/gyUGGEro7f1mADIqDTl2WVlQSvFZ2cRfGxOe/QVahJbionbyHUhAFY5riax
KAkCdxgcYxdyZvjoPDS6qSNzLfO0WHfk9vvEoobVpovOYZK/sNN2bUHznwURYX6i
S+HSEJouPD/DW1Oz6W6i1A4teewLUe6bFUoSWzH9xu+Mdqsk/8cQFnrYiea0xZ7k
xwM4jAywKKt5HLfpYOFpwFvGqHbD73W2UCwkcx/jNyAO3MgTtw6FcKfKBQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBYrxva6wUKgOrsaetkWkGg/A6TcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFlLzIwNTgx
Zi1iZDVlLTRlYTEtODIxNy0wYmU3YWFlOGEwZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUvMjA1ODFm
LWJkNWUtNGVhMS04MjE3LTBiZTdhYWU4YTBkMS8xL0Zpdkc5cnJCUXFBNnV4cDYy
UmFRYUQ4RHBOdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTbsMA0EAgACMAcDBQAqAkdgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDrVTANBgkqhkiG9w0BAQsFAAOCAQEAER10eWBw/6W5
xVILHtABzsSWBVriuabbg9EswlgsCHyIIYgZOQEuVO2QkM/0LVkhIp8SgKUGjfQ2
ZbFOR4cuFweAaTJPQNlyW6fHZ8NrB0vd1NZkW2SyubXOyz9U626Z76HHO5I6VqkK
DUoaGwuFTaQ6o2HTTG35pRezeXJMLQ0qT1Q6PT98p0x8pTmGvhwafRcSCoi4LzjG
ekGM4Sc+VQsOsaEDUCtAlRYjHR22s4unuJmxMS4/WVAmz75y/nJN8EIfRf7E+LNO
imQIGZTkay4bxsXkG58SkKHEwz5RF/NFcj3SroNK1EnCCkel+mXt5XYju1cQCJ/u
c7C4DfnOEg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 14:35:44 2024 by rpki-client on console-ams.rpki-client.org