Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
File:                     G9LUY64VNG1e3Xk3uL-o4JsUN20.cer (raw, json)
Hash identifier:          u3vtp79z1yobjlrnJ9XE++ogE/pfhHxDOwVZe0cj4tU=
Subject key identifier:   1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018D6454B86446086E3BEF01FED48F42F779
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Feb 2024 11:01:30 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 210166
                          IP: 185.247.156.0/22
                          IP: 194.61.32.0/22
                          IP: 2a01:6dc0::/32
                          IP: 2a0d:c680::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:64:54:b8:64:46:08:6e:3b:ef:01:fe:d4:8f:42:f7:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb  1 11:01:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c5:17:21:67:ed:57:2f:4c:38:e4:57:e4:00:
                    c2:b2:8d:fd:fc:80:cd:6e:11:16:a5:e1:ac:07:bc:
                    c4:36:5a:07:6e:66:de:f6:93:08:1a:22:76:a4:40:
                    78:de:fe:bf:94:59:bf:e9:68:f3:ae:78:dc:27:96:
                    c4:65:99:3d:bd:c7:42:eb:84:23:f5:c1:4e:22:4f:
                    4d:e4:89:92:40:eb:1e:46:8e:ac:81:cb:46:6c:c9:
                    13:f0:db:95:cc:77:76:cd:5e:7c:6a:57:b4:30:4f:
                    aa:81:30:c9:ec:e1:09:86:0a:48:66:f0:f5:72:d8:
                    26:7e:1a:12:98:fa:fe:98:ad:4c:81:46:07:00:07:
                    e2:a7:4a:58:76:c9:96:ad:e6:9c:b1:b9:4f:23:94:
                    a5:be:ac:90:d5:76:ed:79:84:9d:70:27:83:ca:6d:
                    36:c1:87:7f:2d:a8:2f:fa:22:fd:08:df:94:a6:7f:
                    ab:dc:9d:14:af:05:20:cc:5a:da:87:09:17:ae:0c:
                    5f:27:52:fe:e8:dd:64:4e:c7:4f:de:c8:e8:b6:51:
                    32:b9:40:bc:46:83:94:95:db:12:d3:6d:97:f9:8b:
                    6f:26:16:aa:b9:aa:69:3a:dc:cd:28:7c:cd:80:c3:
                    28:55:79:47:0e:0c:33:84:8a:cc:47:10:ad:76:0a:
                    19:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.247.156.0/22
                  194.61.32.0/22
                IPv6:
                  2a01:6dc0::/32
                  2a0d:c680::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210166

    Signature Algorithm: sha256WithRSAEncryption
         3d:e5:3a:66:c9:c4:c9:d8:0a:45:eb:89:42:50:1c:54:fb:73:
         32:f8:7c:b9:a8:3c:18:48:5e:11:11:f8:a5:be:68:47:54:9e:
         f1:ed:c0:76:a4:94:5f:79:f7:97:02:b4:33:4d:87:96:31:01:
         0e:5f:d3:ce:90:0f:28:f5:ce:c5:4d:3f:0a:f1:c6:f9:14:e2:
         ba:7d:77:af:4d:9a:dc:ba:f8:47:11:3e:c0:3e:41:8d:1c:b2:
         96:7b:60:9d:5d:d5:91:c3:76:fa:e6:fa:6a:ad:44:18:4a:a7:
         4e:17:49:4b:9b:6c:4b:03:b4:f8:61:1c:71:1b:34:d1:0f:14:
         56:09:2d:95:69:e2:d5:6e:4f:05:b5:cf:cd:a1:bb:9f:65:fd:
         57:7c:91:60:b0:4f:4a:db:89:e2:12:e4:4d:98:20:81:cc:88:
         24:da:f1:70:0f:db:cf:a9:9d:42:1e:c9:1a:57:89:61:2d:2a:
         d4:1c:ac:dc:58:6b:01:f3:a8:b1:0f:f4:c3:ad:9b:b0:33:f2:
         1c:33:66:cd:28:b6:da:a6:85:e3:d9:b4:65:2f:6f:09:9b:ee:
         14:d4:28:e9:d7:ef:f0:67:20:3d:c5:c0:36:45:eb:04:f9:b8:
         b0:cc:ae:5e:08:d2:2b:d8:fc:6e:4b:41:10:85:02:05:22:7c:
         7e:9c:4d:dc
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAY1kVLhkRghuO+8B/tSPQvd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjAxMTEwMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQyZDQ2M2FlMTUzNDZkNWVkZDc5MzdiOGJmYThlMDliMTQzNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMUXIWftVy9MOORX5ADCso39/IDN
bhEWpeGsB7zENloHbmbe9pMIGiJ2pEB43v6/lFm/6WjzrnjcJ5bEZZk9vcdC64Qj
9cFOIk9N5ImSQOseRo6sgctGbMkT8NuVzHd2zV58ale0ME+qgTDJ7OEJhgpIZvD1
ctgmfhoSmPr+mK1MgUYHAAfip0pYdsmWreacsblPI5SlvqyQ1XbteYSdcCeDym02
wYd/Lagv+iL9CN+Upn+r3J0UrwUgzFrahwkXrgxfJ1L+6N1kTsdP3sjotlEyuUC8
RoOUldsS022X+YtvJhaquappOtzNKHzNgMMoVXlHDgwzhIrMRxCtdgoZxwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFBvS1GOuFTRtXt15N7i/qOCbFDdtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzcwYzQ3
Ny1hOGNkLTRhNzItYjY2OS0xZjkzYzIzOWEwMTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvNzBjNDc3
LWE4Y2QtNGE3Mi1iNjY5LTFmOTNjMjM5YTAxMi8xL0c5TFVZNjRWTkcxZTNYazN1
TC1vNEpzVU4yMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUF
BwEHAQH/BCwwKjASBAIAATAMAwQCufecAwQCwj0gMBQEAgACMA4DBQAqAW3AAwUD
Kg3GgDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDNPYwDQYJKoZIhvcNAQELBQAD
ggEBAD3lOmbJxMnYCkXriUJQHFT7czL4fLmoPBhIXhER+KW+aEdUnvHtwHaklF95
95cCtDNNh5YxAQ5f086QDyj1zsVNPwrxxvkU4rp9d69Nmty6+EcRPsA+QY0cspZ7
YJ1d1ZHDdvrm+mqtRBhKp04XSUubbEsDtPhhHHEbNNEPFFYJLZVp4tVuTwW1z82h
u59l/Vd8kWCwT0rbieIS5E2YIIHMiCTa8XAP28+pnUIeyRpXiWEtKtQcrNxYawHz
qLEP9MOtm7Az8hwzZs0ottqmhePZtGUvbwmb7hTUKOnX7/BnID3FwDZF6wT5uLDM
rl4I0ivY/G5LQRCFAgUifH6cTdw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 17:58:12 2024 by rpki-client on console-fra.rpki-client.org