Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Fvg1mB4eeJNH9H_Mm7qsaxXWh8E.cer
File:                     Fvg1mB4eeJNH9H_Mm7qsaxXWh8E.cer (raw, json)
Hash identifier:          aht35Oi5iL7mRRCOX3W8Kez4Hoj0/z/jsylMLAnxRII=
Subject key identifier:   16:F8:35:98:1E:1E:78:93:47:F4:7F:CC:9B:BA:AC:6B:15:D6:87:C1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B7AA90365126671E00AFF640FF71F9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fd/4e8efe-8a15-4c6b-a00b-c1a8e5a6dc56/1/Fvg1mB4eeJNH9H_Mm7qsaxXWh8E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fd/4e8efe-8a15-4c6b-a00b-c1a8e5a6dc56/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:29:34 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 8887
                          IP: 31.170.64.0/19
                          IP: 2a01:6b80::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:aa:90:36:51:26:67:1e:00:af:f6:40:ff:71:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16f835981e1e789347f47fcc9bbaac6b15d687c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:60:3d:63:83:33:3f:c7:73:15:bf:8e:a2:97:
                    c0:32:b0:8c:f7:71:41:a7:26:a6:59:2b:fd:e8:5d:
                    d3:d9:6b:ab:49:44:3c:fe:e6:5f:00:f7:ea:07:ee:
                    e2:24:15:a7:45:0b:9d:2b:df:d8:7e:35:c9:97:53:
                    6e:1f:05:7b:70:a7:66:d1:a1:51:56:0c:65:38:ea:
                    34:29:eb:9b:6b:e3:39:f8:25:e2:90:31:af:5b:92:
                    77:74:7e:52:6a:6f:a0:78:75:15:94:e4:0e:56:bc:
                    13:e7:de:15:4b:3d:fb:36:ce:41:f4:8c:34:21:ea:
                    20:23:06:bb:d7:bb:42:cf:83:27:3c:ec:48:25:b0:
                    4e:c7:b7:59:db:a0:0d:37:62:44:b1:78:48:96:e2:
                    1d:fb:90:fa:85:aa:04:45:12:01:de:3e:d9:57:5b:
                    13:1d:68:63:b5:29:88:09:50:74:49:e5:7d:14:1a:
                    e3:c8:a8:67:a6:fa:59:7f:4f:ec:26:d4:4d:c1:22:
                    29:47:9c:fa:22:b1:2d:ac:31:49:d0:89:68:88:e4:
                    22:71:a2:b2:04:35:dd:12:1a:ed:bc:54:4f:e6:30:
                    d6:3c:9d:a6:c1:d0:5b:37:20:68:7a:f5:9f:fc:4e:
                    81:c1:91:13:83:76:6f:54:e4:69:d5:48:1f:48:c0:
                    63:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:F8:35:98:1E:1E:78:93:47:F4:7F:CC:9B:BA:AC:6B:15:D6:87:C1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4e8efe-8a15-4c6b-a00b-c1a8e5a6dc56/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4e8efe-8a15-4c6b-a00b-c1a8e5a6dc56/1/Fvg1mB4eeJNH9H_Mm7qsaxXWh8E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.170.64.0/19
                IPv6:
                  2a01:6b80::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  8887

    Signature Algorithm: sha256WithRSAEncryption
         a4:92:69:a7:5c:67:f9:ce:19:c2:a5:2c:a0:bc:78:43:1e:2c:
         f0:2d:99:20:67:c7:cd:53:e3:91:cc:2a:03:99:95:ee:da:18:
         41:b3:a8:ca:2d:c7:57:94:7c:40:53:60:b4:0d:3f:f9:8a:db:
         a1:6e:a3:b0:88:f0:9a:9f:aa:b7:1d:0c:c0:a4:59:e8:a3:7f:
         97:8c:15:ef:10:c3:e5:47:60:ef:cd:12:b7:29:84:e4:8c:72:
         2b:28:10:70:21:8f:c4:44:26:70:e1:ba:05:6f:f3:b8:1e:33:
         0b:fd:d7:8a:d4:7d:47:24:8a:05:6c:35:ec:30:29:24:84:ed:
         85:b5:75:e6:eb:bd:69:1c:fe:cc:6b:ec:b2:3b:51:8b:3e:39:
         79:20:28:44:f4:5f:ec:0d:f9:6b:97:33:21:bf:5a:1e:f2:65:
         73:46:13:d1:dc:ca:f8:88:eb:ec:26:4f:d2:b6:c6:3e:48:f4:
         a6:6a:84:25:f4:0b:d4:4e:99:45:f4:a0:86:e8:ea:33:1d:9e:
         de:6d:76:98:50:ee:c9:cc:de:1f:3c:92:5c:b5:f1:c4:63:c7:
         2e:3a:d4:09:47:ee:6c:c0:64:19:72:f5:9b:e1:97:cc:7a:ca:
         48:b8:06:76:3b:40:ab:ab:dc:90:f4:b2:bb:5d:35:66:bc:75:
         e1:13:08:6c
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzGt6qQNlEmZx4Ar/ZA/3H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmY4MzU5ODFlMWU3ODkzNDdmNDdmY2M5YmJhYWM2YjE1ZDY4N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7mA9Y4MzP8dzFb+OopfAMrCM93FB
pyamWSv96F3T2WurSUQ8/uZfAPfqB+7iJBWnRQudK9/YfjXJl1NuHwV7cKdm0aFR
VgxlOOo0Keuba+M5+CXikDGvW5J3dH5Sam+geHUVlOQOVrwT594VSz37Ns5B9Iw0
IeogIwa717tCz4MnPOxIJbBOx7dZ26ANN2JEsXhIluId+5D6haoERRIB3j7ZV1sT
HWhjtSmICVB0SeV9FBrjyKhnpvpZf0/sJtRNwSIpR5z6IrEtrDFJ0IloiOQicaKy
BDXdEhrtvFRP5jDWPJ2mwdBbNyBoevWf/E6BwZETg3ZvVORp1UgfSMBjFwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFBb4NZgeHniTR/R/zJu6rGsV1ofBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzRlOGVm
ZS04YTE1LTRjNmItYTAwYi1jMWE4ZTVhNmRjNTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvNGU4ZWZl
LThhMTUtNGM2Yi1hMDBiLWMxYThlNWE2ZGM1Ni8xL0Z2ZzFtQjRlZUpOSDlIX01t
N3FzYXhYV2g4RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQFH6pAMA0EAgACMAcDBQAqAWuAMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAiK3MA0GCSqGSIb3DQEBCwUAA4IBAQCkkmmnXGf5zhnC
pSygvHhDHizwLZkgZ8fNU+ORzCoDmZXu2hhBs6jKLcdXlHxAU2C0DT/5ituhbqOw
iPCan6q3HQzApFnoo3+XjBXvEMPlR2DvzRK3KYTkjHIrKBBwIY/ERCZw4boFb/O4
HjML/deK1H1HJIoFbDXsMCkkhO2FtXXm671pHP7Ma+yyO1GLPjl5IChE9F/sDflr
lzMhv1oe8mVzRhPR3Mr4iOvsJk/StsY+SPSmaoQl9AvUTplF9KCG6OozHZ7ebXaY
UO7JzN4fPJJctfHEY8cuOtQJR+5swGQZcvWb4ZfMespIuAZ2O0Crq9yQ9LK7XTVm
vHXhEwhs
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:37:57 2024 by rpki-client on console-ams.rpki-client.org