Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GdGZw9IPQ02MCgou9eUjRmZcqGQ.cer
File:                     GdGZw9IPQ02MCgou9eUjRmZcqGQ.cer (raw, json)
Hash identifier:          j5HELjhOxRPSDfZ59U+nNMTrJ8qd4u7DIE4niVUI6b8=
Subject key identifier:   19:D1:99:C3:D2:0F:43:4D:8C:0A:0A:2E:F5:E5:23:46:66:5C:A8:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC64B69BCF45B1CA00B3895DF2E99D825
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b6/5b78f4-771d-4756-a389-b42fa00f57de/1/GdGZw9IPQ02MCgou9eUjRmZcqGQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b6/5b78f4-771d-4756-a389-b42fa00f57de/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:31:20 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 43449
                          IP: 193.201.56.0/22
                          IP: 2a0c:a540::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:69:bc:f4:5b:1c:a0:0b:38:95:df:2e:99:d8:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:31:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19d199c3d20f434d8c0a0a2ef5e52346665ca864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:af:bf:ca:93:86:10:3b:3b:2f:41:98:e1:de:
                    8a:42:9d:9b:b0:ce:db:72:27:35:2f:54:08:5b:3a:
                    71:ba:92:7e:d8:26:19:f0:ee:aa:8c:60:ab:c9:3c:
                    a4:15:01:5c:fd:0f:e3:6f:c2:ac:b3:04:ac:53:c0:
                    47:5c:91:85:09:80:50:55:e1:87:2e:a4:53:fc:bb:
                    a4:46:f5:d1:8d:1b:94:f5:5a:1f:95:e6:f9:54:a9:
                    f7:16:d9:ff:85:49:1f:6f:a1:1d:f5:e1:46:bb:6e:
                    24:97:b8:1f:c4:27:ab:de:17:c8:ae:9e:c4:40:b2:
                    17:99:29:4e:b1:40:6a:f6:98:b7:7b:70:7a:bd:8e:
                    63:96:91:ae:9b:12:1e:34:e9:2d:0e:fb:bf:d4:e7:
                    b9:16:27:e4:58:11:62:d1:55:98:4e:2a:7b:14:11:
                    b6:c6:e4:a0:60:6b:7a:6f:89:c9:7e:5b:06:27:3b:
                    af:9a:c0:ee:83:ef:41:54:cd:66:c2:b7:6e:9d:b7:
                    3d:77:83:78:8a:6a:d3:98:7c:5c:ca:05:21:d2:fa:
                    ea:5d:22:1b:73:fc:16:68:6e:3e:be:8f:6a:78:68:
                    f4:7f:bd:0d:18:d0:7c:11:f6:30:eb:ce:26:fd:ba:
                    b0:67:9e:84:20:b1:3a:ec:b5:27:48:91:ae:ef:b6:
                    48:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:D1:99:C3:D2:0F:43:4D:8C:0A:0A:2E:F5:E5:23:46:66:5C:A8:64
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5b78f4-771d-4756-a389-b42fa00f57de/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5b78f4-771d-4756-a389-b42fa00f57de/1/GdGZw9IPQ02MCgou9eUjRmZcqGQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.201.56.0/22
                IPv6:
                  2a0c:a540::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43449

    Signature Algorithm: sha256WithRSAEncryption
         33:f7:6d:29:bd:c0:07:3b:e1:9f:7f:1f:2f:72:cd:0d:0c:dd:
         8f:a7:f7:08:69:aa:b1:5b:83:a5:f2:d7:f3:10:0e:17:c8:a5:
         8b:dc:57:ae:9b:ad:40:35:ea:81:dd:bc:1b:a3:87:b0:53:93:
         32:9b:cc:1a:db:0e:41:b9:62:ab:49:38:9c:ab:84:e7:3a:ff:
         e9:e7:2e:0d:a6:49:3b:96:5e:d4:0a:1b:8f:72:86:7f:e7:18:
         3d:5e:99:99:fd:d0:c9:12:77:a0:66:ad:20:2e:a4:dc:b4:80:
         56:eb:19:09:97:8a:76:c6:1c:a4:48:39:6f:c9:18:80:7b:f9:
         28:fb:41:fe:41:46:ab:28:85:f3:37:7f:c2:99:aa:39:e6:01:
         e4:b8:d5:3b:e4:30:52:bd:3e:27:51:ae:1c:de:40:2a:65:6c:
         ff:a1:35:29:64:f5:32:59:d0:7e:11:cf:af:2e:46:96:5a:15:
         46:b5:b8:be:b1:09:47:f7:06:7f:36:c2:d2:a5:b6:fa:53:8c:
         46:ee:e4:ca:3f:6b:41:cd:93:0b:57:88:30:bc:4f:93:02:52:
         1e:5a:5b:11:1a:24:27:df:99:13:07:dd:69:0d:0f:fc:56:2b:
         a9:4b:7a:cd:99:3b:1e:61:b5:51:b3:65:8e:7b:e8:00:06:ab:
         6a:8e:d0:70
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzGS2m89FscoAs4ld8umdglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQxOTljM2QyMGY0MzRkOGMwYTBhMmVmNWU1MjM0NjY2NWNhODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6+/ypOGEDs7L0GY4d6KQp2bsM7b
cic1L1QIWzpxupJ+2CYZ8O6qjGCryTykFQFc/Q/jb8KsswSsU8BHXJGFCYBQVeGH
LqRT/LukRvXRjRuU9Vofleb5VKn3Ftn/hUkfb6Ed9eFGu24kl7gfxCer3hfIrp7E
QLIXmSlOsUBq9pi3e3B6vY5jlpGumxIeNOktDvu/1Oe5FifkWBFi0VWYTip7FBG2
xuSgYGt6b4nJflsGJzuvmsDug+9BVM1mwrdunbc9d4N4imrTmHxcygUh0vrqXSIb
c/wWaG4+vo9qeGj0f70NGNB8EfYw684m/bqwZ56EILE67LUnSJGu77ZIAQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBnRmcPSD0NNjAoKLvXlI0ZmXKhkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2LzViNzhm
NC03NzFkLTQ3NTYtYTM4OS1iNDJmYTAwZjU3ZGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvNWI3OGY0
LTc3MWQtNDc1Ni1hMzg5LWI0MmZhMDBmNTdkZS8xL0dkR1p3OUlQUTAyTUNnb3U5
ZVVqUm1aY3FHUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCwck4MA0EAgACMAcDBQMqDKVAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCpuTANBgkqhkiG9w0BAQsFAAOCAQEAM/dtKb3ABzvh
n38fL3LNDQzdj6f3CGmqsVuDpfLX8xAOF8ili9xXrputQDXqgd28G6OHsFOTMpvM
GtsOQbliq0k4nKuE5zr/6ecuDaZJO5Ze1Aobj3KGf+cYPV6Zmf3QyRJ3oGatIC6k
3LSAVusZCZeKdsYcpEg5b8kYgHv5KPtB/kFGqyiF8zd/wpmqOeYB5LjVO+QwUr0+
J1GuHN5AKmVs/6E1KWT1MlnQfhHPry5GlloVRrW4vrEJR/cGfzbC0qW2+lOMRu7k
yj9rQc2TC1eIMLxPkwJSHlpbERokJ9+ZEwfdaQ0P/FYrqUt6zZk7HmG1UbNljnvo
AAarao7QcA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:38:34 2024 by rpki-client on console-ams.rpki-client.org