Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IrPk850cPBTYMWBr_KFmbd6b7WI.cer
File:                     IrPk850cPBTYMWBr_KFmbd6b7WI.cer (raw, json)
Hash identifier:          UaD8izU1TDWpcach6pNdsd2V6BwC6NadU1smWTnChuw=
Subject key identifier:   22:B3:E4:F3:9D:1C:3C:14:D8:31:60:6B:FC:A1:66:6D:DE:9B:ED:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC9BC740FD545FB13CB080302E4BBB20D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9e/51a678-3645-4ca4-8c0d-ed5947f66b70/1/IrPk850cPBTYMWBr_KFmbd6b7WI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9e/51a678-3645-4ca4-8c0d-ed5947f66b70/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 10:33:40 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 211046
                          IP: 91.205.222.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:74:0f:d5:45:fb:13:cb:08:03:02:e4:bb:b2:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 10:33:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=22b3e4f39d1c3c14d831606bfca1666dde9bed62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:23:5d:3c:25:30:18:c7:94:b6:d2:11:e2:03:
                    8c:52:57:5f:79:68:e9:60:5e:33:c3:6d:93:55:b9:
                    b5:dd:fc:92:90:61:a8:62:98:dc:7b:cb:d6:fd:53:
                    a9:e8:c5:8e:a4:ce:c5:6b:96:f8:f2:11:0a:e0:c8:
                    29:75:16:b5:4b:cb:68:62:65:b2:50:09:6f:94:62:
                    28:ce:f0:e8:f2:9f:7d:dc:14:e0:0b:93:5a:39:20:
                    8b:71:20:f0:4b:67:1c:a7:4b:8b:3d:4e:f2:b8:d7:
                    5d:44:12:a3:7e:5f:d2:bd:59:be:7a:8b:69:58:89:
                    7c:25:42:7f:c2:0d:67:88:35:07:01:ab:b2:f8:5f:
                    f8:c0:f9:f8:33:fd:85:51:32:de:7a:54:19:c1:7d:
                    99:0a:30:48:3b:99:27:d1:dc:5e:d2:93:ad:47:a1:
                    2d:f2:d8:fb:71:69:59:e4:6a:d7:65:22:26:88:26:
                    5e:65:1a:04:5e:9b:26:e0:f6:14:4e:3b:8f:ea:c4:
                    55:82:26:ec:46:53:98:32:ff:69:e2:ce:1c:63:16:
                    f8:80:10:bf:67:8c:55:3e:1d:c9:1f:fd:67:87:89:
                    91:45:3e:a3:76:c3:0d:00:fc:c8:59:71:28:bb:9b:
                    69:f3:22:cb:db:f2:0b:9a:91:b7:79:f7:f3:90:09:
                    15:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B3:E4:F3:9D:1C:3C:14:D8:31:60:6B:FC:A1:66:6D:DE:9B:ED:62
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/51a678-3645-4ca4-8c0d-ed5947f66b70/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/51a678-3645-4ca4-8c0d-ed5947f66b70/1/IrPk850cPBTYMWBr_KFmbd6b7WI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.222.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211046

    Signature Algorithm: sha256WithRSAEncryption
         b1:74:05:16:04:99:1e:d3:fb:7d:88:a3:64:be:5c:d5:1d:9e:
         62:e7:08:09:fa:d3:74:c2:f2:19:c4:6b:f4:58:f2:9d:57:f5:
         ec:2c:cb:12:95:e0:e5:ea:cf:e6:b4:92:4e:09:8a:f7:32:c9:
         17:ab:d5:93:a0:bc:7f:49:eb:4b:eb:43:4b:c5:7e:20:db:e5:
         e6:37:72:03:06:04:fc:8a:6e:bc:1b:0a:2e:3c:9c:d8:58:f7:
         d7:9a:bc:a4:9c:e5:93:86:28:f8:e0:85:09:b2:37:5f:2f:ca:
         33:74:0e:3e:fb:7a:6e:bc:b3:83:0e:f6:eb:5d:b3:e2:c3:bc:
         12:3c:79:0c:4c:67:c5:f9:b6:97:4c:4f:f1:bb:4d:7d:f8:8a:
         2b:17:ef:41:10:08:09:2c:71:ca:3b:5e:43:88:b7:7b:3a:3b:
         78:9b:9c:95:3c:45:f9:70:e9:45:dd:53:ba:9d:f0:94:ba:1e:
         63:d8:1c:08:3e:a3:4e:73:b1:23:01:09:3e:9f:4c:ba:dc:e9:
         b3:d5:8f:49:3b:1d:f3:c8:a5:17:92:16:ae:0f:93:a3:98:b6:
         33:a6:c2:41:df:20:d7:1e:90:40:10:51:22:46:52:74:48:f3:
         39:33:73:be:09:5f:7a:23:05:3f:45:22:f0:0f:5c:a0:15:be:
         92:1c:eb:8d
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzJvHQP1UX7E8sIAwLku7INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmIzZTRmMzlkMWMzYzE0ZDgzMTYwNmJmY2ExNjY2ZGRlOWJlZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yNdPCUwGMeUttIR4gOMUldfeWjp
YF4zw22TVbm13fySkGGoYpjce8vW/VOp6MWOpM7Fa5b48hEK4MgpdRa1S8toYmWy
UAlvlGIozvDo8p993BTgC5NaOSCLcSDwS2ccp0uLPU7yuNddRBKjfl/SvVm+eotp
WIl8JUJ/wg1niDUHAauy+F/4wPn4M/2FUTLeelQZwX2ZCjBIO5kn0dxe0pOtR6Et
8tj7cWlZ5GrXZSImiCZeZRoEXpsm4PYUTjuP6sRVgibsRlOYMv9p4s4cYxb4gBC/
Z4xVPh3JH/1nh4mRRT6jdsMNAPzIWXEou5tp8yLL2/ILmpG3effzkAkVzwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFCKz5POdHDwU2DFga/yhZm3em+1iMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzllLzUxYTY3
OC0zNjQ1LTRjYTQtOGMwZC1lZDU5NDdmNjZiNzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUvNTFhNjc4
LTM2NDUtNGNhNC04YzBkLWVkNTk0N2Y2NmI3MC8xL0lyUGs4NTBjUEJUWU1XQnJf
S0ZtYmQ2YjdXSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW83eMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM4ZjANBgkqhkiG9w0BAQsFAAOCAQEAsXQFFgSZHtP7fYijZL5c1R2eYucICfrT
dMLyGcRr9FjynVf17CzLEpXg5erP5rSSTgmK9zLJF6vVk6C8f0nrS+tDS8V+INvl
5jdyAwYE/IpuvBsKLjyc2Fj315q8pJzlk4Yo+OCFCbI3Xy/KM3QOPvt6bryzgw72
612z4sO8Ejx5DExnxfm2l0xP8btNffiKKxfvQRAICSxxyjteQ4i3ezo7eJuclTxF
+XDpRd1Tup3wlLoeY9gcCD6jTnOxIwEJPp9Mutzps9WPSTsd88ilF5IWrg+To5i2
M6bCQd8g1x6QQBBRIkZSdEjzOTNzvglfeiMFP0Ui8A9coBW+khzrjQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:48:07 2024 by rpki-client on console-ams.rpki-client.org