Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HCcW7wn65JDMfNvTYJTbXz0KHHI.cer
File:                     HCcW7wn65JDMfNvTYJTbXz0KHHI.cer (raw, json)
Hash identifier:          1sA3Uxz5YJdHfIneEQfxGUh3HsA208ZkCw3v32dkCd4=
Subject key identifier:   1C:27:16:EF:09:FA:E4:90:CC:7C:DB:D3:60:94:DB:5F:3D:0A:1C:72
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018DCC8951E6DBC82F3720975C0EDE663A59
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d4/6a7ea2-abfd-44d2-a7ae-14d1ac34a5f2/1/HCcW7wn65JDMfNvTYJTbXz0KHHI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d4/6a7ea2-abfd-44d2-a7ae-14d1ac34a5f2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 21 Feb 2024 16:39:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 59855
                          IP: 62.122.224.0/22
                          IP: 2a07:9d00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:cc:89:51:e6:db:c8:2f:37:20:97:5c:0e:de:66:3a:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 21 16:39:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1c2716ef09fae490cc7cdbd36094db5f3d0a1c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:36:20:c3:b1:71:ac:b8:24:57:4a:6e:ed:c7:
                    fc:ee:69:e6:a8:93:21:3a:47:82:92:c8:13:7e:61:
                    65:d6:6c:94:1d:cb:4d:b1:9f:17:71:66:01:ef:a3:
                    a9:e9:12:ee:3e:6f:24:bf:29:06:f1:2b:f1:64:a0:
                    02:d6:4c:da:5f:8b:29:19:96:6e:05:0c:fc:bf:b2:
                    7a:35:b2:fe:20:24:6b:2a:6c:98:fb:51:56:a6:40:
                    ed:ae:1c:a2:98:11:2a:e4:c0:73:b2:2a:8d:83:a2:
                    0e:81:ed:e9:e1:8d:d3:5b:0e:4b:a2:53:40:cf:57:
                    ce:fd:22:fa:6b:c3:31:f2:6a:a2:f9:ed:d7:43:af:
                    53:8b:64:e5:0c:fb:03:a2:2e:a6:e3:55:05:f3:2d:
                    27:0a:ad:25:ec:d3:e8:30:eb:fd:f1:0f:a8:3d:c6:
                    6b:b0:50:f7:1d:44:23:61:90:c4:9c:a3:32:32:8b:
                    90:6c:bf:fc:d4:65:83:7a:8b:75:87:ba:bd:77:00:
                    66:fd:29:ca:68:2f:9b:30:0d:20:39:e9:81:9f:c5:
                    e3:38:de:77:a7:4c:7a:b3:3f:f8:45:b2:36:44:4c:
                    c1:7d:81:21:f0:44:55:60:80:f5:01:b7:e3:6e:08:
                    c9:36:d1:7f:c2:ad:a1:61:51:22:cf:e9:d9:85:b0:
                    26:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:27:16:EF:09:FA:E4:90:CC:7C:DB:D3:60:94:DB:5F:3D:0A:1C:72
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6a7ea2-abfd-44d2-a7ae-14d1ac34a5f2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6a7ea2-abfd-44d2-a7ae-14d1ac34a5f2/1/HCcW7wn65JDMfNvTYJTbXz0KHHI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.122.224.0/22
                IPv6:
                  2a07:9d00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59855

    Signature Algorithm: sha256WithRSAEncryption
         04:e0:3b:1e:69:fc:a5:03:38:4b:2e:2c:60:66:f6:d0:00:4d:
         74:51:f2:0f:97:a1:0e:fc:80:78:5c:b9:36:bc:49:08:6e:52:
         75:cb:ac:66:da:cd:c7:57:be:78:ce:82:df:3a:a6:42:4e:88:
         6e:b1:c7:d8:60:6e:d1:f8:30:32:af:ab:00:50:83:46:0f:de:
         66:28:3a:bc:2d:70:b6:5a:47:3f:ee:98:f8:5e:12:59:97:47:
         56:9c:50:5a:e5:98:c4:6a:03:05:97:e9:6e:2f:62:aa:2c:49:
         c3:a8:0b:05:e1:cc:6f:47:d1:d7:c9:d3:8d:ee:3d:f9:0f:f5:
         5a:14:a6:6f:a8:37:7c:ef:28:41:67:23:c0:ef:fa:5d:98:88:
         e6:23:76:c9:d1:6d:89:45:33:7e:66:c2:b2:79:ab:56:f2:3a:
         55:76:03:ba:d7:0e:ef:8e:ee:71:7a:35:bc:4d:d4:5f:b5:61:
         ad:b0:5e:14:c8:da:46:e7:76:fc:85:8f:db:d8:70:6f:ba:ad:
         43:7c:ca:d2:e6:e7:ae:b8:a5:25:49:69:a5:26:22:45:d8:87:
         eb:ad:06:6d:56:10:54:a3:1e:7c:b1:e3:ee:d9:da:21:f4:b3:
         6a:57:90:76:40:df:06:c8:05:89:56:a2:44:ea:23:a8:1b:dc:
         42:8e:9e:78
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY3MiVHm28gvNyCXXA7eZjpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjIxMTYzOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI3MTZlZjA5ZmFlNDkwY2M3Y2RiZDM2MDk0ZGI1ZjNkMGExYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjYgw7FxrLgkV0pu7cf87mnmqJMh
OkeCksgTfmFl1myUHctNsZ8XcWYB76Op6RLuPm8kvykG8SvxZKAC1kzaX4spGZZu
BQz8v7J6NbL+ICRrKmyY+1FWpkDtrhyimBEq5MBzsiqNg6IOge3p4Y3TWw5LolNA
z1fO/SL6a8Mx8mqi+e3XQ69Ti2TlDPsDoi6m41UF8y0nCq0l7NPoMOv98Q+oPcZr
sFD3HUQjYZDEnKMyMouQbL/81GWDeot1h7q9dwBm/SnKaC+bMA0gOemBn8XjON53
p0x6sz/4RbI2REzBfYEh8ERVYID1AbfjbgjJNtF/wq2hYVEiz+nZhbAmjwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBwnFu8J+uSQzHzb02CU2189ChxyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzZhN2Vh
Mi1hYmZkLTQ0ZDItYTdhZS0xNGQxYWMzNGE1ZjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNmE3ZWEy
LWFiZmQtNDRkMi1hN2FlLTE0ZDFhYzM0YTVmMi8xL0hDY1c3d242NUpETWZOdlRZ
SlRiWHowS0hISS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCPnrgMA0EAgACMAcDBQMqB50AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDpzzANBgkqhkiG9w0BAQsFAAOCAQEABOA7Hmn8pQM4
Sy4sYGb20ABNdFHyD5ehDvyAeFy5NrxJCG5SdcusZtrNx1e+eM6C3zqmQk6IbrHH
2GBu0fgwMq+rAFCDRg/eZig6vC1wtlpHP+6Y+F4SWZdHVpxQWuWYxGoDBZfpbi9i
qixJw6gLBeHMb0fR18nTje49+Q/1WhSmb6g3fO8oQWcjwO/6XZiI5iN2ydFtiUUz
fmbCsnmrVvI6VXYDutcO747ucXo1vE3UX7VhrbBeFMjaRud2/IWP29hwb7qtQ3zK
0ubnrrilJUlppSYiRdiH660GbVYQVKMefLHj7tnaIfSzaleQdkDfBsgFiVaiROoj
qBvcQo6eeA==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:31:02 2024 by rpki-client on console-ams.rpki-client.org