Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/I3r_DfSAg8fiHXlKsUe7lxEUEkQ.cer
File:                     I3r_DfSAg8fiHXlKsUe7lxEUEkQ.cer (raw, json)
Hash identifier:          xuj3B/dM1t6u51Tw60XrAFD9VfSN8XeuUcXwPhhedPY=
Subject key identifier:   23:7A:FF:0D:F4:80:83:C7:E2:1D:79:4A:B1:47:BB:97:11:14:12:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4935C71A743F8E80ECB95C5FFDE3318
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/74/d1c088-740e-41b9-899c-7ca7cbb31e3d/1/I3r_DfSAg8fiHXlKsUe7lxEUEkQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/74/d1c088-740e-41b9-899c-7ca7cbb31e3d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:30:41 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200262

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:5c:71:a7:43:f8:e8:0e:cb:95:c5:ff:de:33:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:30:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=237aff0df48083c7e21d794ab147bb9711141244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e3:9b:65:71:39:1f:5a:dd:19:18:b9:3f:15:
                    a0:fa:3e:67:97:08:dd:f1:66:ac:59:5b:30:68:ca:
                    c3:cf:81:90:8f:39:4a:9d:08:77:db:f5:02:48:2e:
                    45:a6:f3:78:5c:c1:ba:08:56:2e:74:84:f4:9d:58:
                    fd:1b:c8:47:90:f5:7a:f8:53:cd:0e:ec:ec:c7:59:
                    ca:95:3e:20:90:16:0f:da:93:e1:2e:0d:48:37:d8:
                    2f:b2:ae:82:85:fe:30:b9:72:5c:fb:34:4a:ae:7f:
                    71:fb:58:e1:5e:5e:c4:1a:b5:93:8e:e0:11:40:44:
                    71:d8:a6:26:7a:aa:37:20:2b:52:c8:b9:ab:1a:d6:
                    b1:ec:d8:de:65:93:5b:06:1b:27:46:f3:36:e5:14:
                    6d:b2:37:02:24:09:73:bc:0f:c5:58:f4:bc:c8:4e:
                    21:cd:ea:ca:a8:09:6c:cd:6a:b8:4f:89:7d:c0:ba:
                    db:12:81:02:a6:b5:16:60:13:ab:27:46:4f:b7:3b:
                    8d:66:a2:3f:e3:fb:26:19:50:07:3d:eb:95:6b:c0:
                    f7:ac:9c:3b:6b:63:0a:40:0a:e2:d6:8e:de:c8:ae:
                    d5:d3:6c:ad:c1:cb:d7:5f:3b:f5:5a:4a:6c:e0:f0:
                    24:1e:82:9a:8a:35:6b:03:8c:74:4d:03:2d:21:f0:
                    cf:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:7A:FF:0D:F4:80:83:C7:E2:1D:79:4A:B1:47:BB:97:11:14:12:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d1c088-740e-41b9-899c-7ca7cbb31e3d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d1c088-740e-41b9-899c-7ca7cbb31e3d/1/I3r_DfSAg8fiHXlKsUe7lxEUEkQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200262

    Signature Algorithm: sha256WithRSAEncryption
         a3:7d:a6:63:79:29:fc:57:44:fa:7a:a2:80:b4:a5:41:c4:b0:
         37:53:97:af:67:9d:6f:15:1f:7f:16:93:d4:23:3b:f0:64:63:
         a9:5a:55:da:37:16:29:5e:62:0e:18:a4:4e:72:cc:ee:c2:c0:
         2f:48:02:4e:62:f0:77:cf:cb:f9:cb:dd:91:27:40:4b:f2:69:
         1d:c1:89:3a:80:44:42:80:dc:5d:da:65:29:88:5e:24:40:1b:
         25:01:80:61:5f:2e:96:c8:b9:72:3a:4f:99:96:e6:1a:f6:c8:
         05:18:f1:02:ab:c0:de:d8:89:9e:a0:00:a1:d9:59:5f:c4:66:
         5f:5b:06:d6:8c:bf:db:79:93:c3:4b:52:e2:25:e1:cb:2d:08:
         18:b0:63:2d:2f:02:18:a9:01:80:67:ba:de:8c:82:0f:ab:77:
         e7:84:3e:fb:39:b2:b3:af:dd:65:56:49:4c:75:85:13:fe:b5:
         0a:36:a5:b5:88:e6:f0:84:2a:d9:b5:70:0f:ea:85:0e:8d:57:
         17:79:1e:c5:51:a5:95:90:dc:6a:01:fa:3e:d2:d1:0c:d8:e5:
         5d:73:56:43:b5:91:d5:50:6a:ae:d6:01:78:8e:1e:56:7f:4c:
         a1:d4:c9:72:34:bc:06:d3:f5:36:55:bb:e9:a0:be:ef:bb:33:
         fd:c6:55:d6
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzEk1xxp0P46A7LlcX/3jMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdhZmYwZGY0ODA4M2M3ZTIxZDc5NGFiMTQ3YmI5NzExMTQxMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+ObZXE5H1rdGRi5PxWg+j5nlwjd
8WasWVswaMrDz4GQjzlKnQh32/UCSC5FpvN4XMG6CFYudIT0nVj9G8hHkPV6+FPN
Duzsx1nKlT4gkBYP2pPhLg1IN9gvsq6Chf4wuXJc+zRKrn9x+1jhXl7EGrWTjuAR
QERx2KYmeqo3ICtSyLmrGtax7NjeZZNbBhsnRvM25RRtsjcCJAlzvA/FWPS8yE4h
zerKqAlszWq4T4l9wLrbEoECprUWYBOrJ0ZPtzuNZqI/4/smGVAHPeuVa8D3rJw7
a2MKQAri1o7eyK7V02ytwcvXXzv1Wkps4PAkHoKaijVrA4x0TQMtIfDP3wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCN6/w30gIPH4h15SrFHu5cRFBJEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0L2QxYzA4
OC03NDBlLTQxYjktODk5Yy03Y2E3Y2JiMzFlM2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQvZDFjMDg4
LTc0MGUtNDFiOS04OTljLTdjYTdjYmIzMWUzZC8xL0kzcl9EZlNBZzhmaUhYbEtz
VWU3bHhFVUVrUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMORjANBgkqhkiG9w0BAQsFAAOCAQEAo32mY3kp/FdE
+nqigLSlQcSwN1OXr2edbxUffxaT1CM78GRjqVpV2jcWKV5iDhikTnLM7sLAL0gC
TmLwd8/L+cvdkSdAS/JpHcGJOoBEQoDcXdplKYheJEAbJQGAYV8ulsi5cjpPmZbm
GvbIBRjxAqvA3tiJnqAAodlZX8RmX1sG1oy/23mTw0tS4iXhyy0IGLBjLS8CGKkB
gGe63oyCD6t354Q++zmys6/dZVZJTHWFE/61CjaltYjm8IQq2bVwD+qFDo1XF3ke
xVGllZDcagH6PtLRDNjlXXNWQ7WR1VBqrtYBeI4eVn9ModTJcjS8BtP1NlW76aC+
77sz/cZV1g==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:03:46 2024 by rpki-client on console-fra.rpki-client.org