Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/J7jb2X3kzUBZtS5RPc81zTgaMrM.cer
File:                     J7jb2X3kzUBZtS5RPc81zTgaMrM.cer (raw, json)
Hash identifier:          QMs+6KKj9lEOAPMZAGf32IGZHuMw1zNkGdhNOkb2YW8=
Subject key identifier:   27:B8:DB:D9:7D:E4:CD:40:59:B5:2E:51:3D:CF:35:CD:38:1A:32:B3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC9BCE6C600B8A6B21FA98A3D411B4C84
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/J7jb2X3kzUBZtS5RPc81zTgaMrM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 10:34:09 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 205862
                          IP: 185.204.40.0/22
                          IP: 2a0d:b00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:e6:c6:00:b8:a6:b2:1f:a9:8a:3d:41:1b:4c:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 10:34:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=27b8dbd97de4cd4059b52e513dcf35cd381a32b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:83:36:9d:24:fe:90:24:ab:f6:75:2f:37:0b:
                    5d:23:c1:82:37:21:c1:5a:78:83:3b:18:31:65:87:
                    6f:f8:54:b3:34:b0:cb:0a:69:6f:a2:b3:0c:a5:7b:
                    99:d7:34:de:df:e8:ed:9f:c8:5b:df:4b:59:cd:af:
                    bb:2f:ea:ad:ec:86:d4:32:d2:a9:6a:d1:36:b7:51:
                    a9:94:98:3f:bf:3e:7d:78:f5:c8:bd:92:77:1c:8c:
                    6d:e4:9c:90:eb:4d:ab:3f:5f:87:32:b3:b9:a2:d0:
                    22:3c:9f:94:fe:11:a7:be:7c:11:07:35:09:27:71:
                    6e:08:7a:a4:63:07:d2:f3:02:1b:c4:02:b0:dc:f1:
                    a8:2f:b7:03:1f:de:43:42:9e:fb:40:69:86:ca:aa:
                    f2:fa:38:63:80:e7:50:3b:2b:2c:09:c9:3a:a4:9c:
                    0d:8b:43:e8:27:8d:f3:b0:5b:09:c5:84:01:60:a6:
                    42:01:3e:c4:2e:99:7b:bc:e0:ce:bd:15:24:f5:0b:
                    b9:02:23:d0:51:f7:44:11:d5:7e:1e:98:a9:78:d1:
                    1a:dc:0b:55:79:3f:a2:6e:37:c9:1a:d4:af:49:07:
                    79:e2:10:fb:34:61:05:92:c2:8a:cb:50:a3:75:97:
                    ea:2a:95:71:a2:d9:98:f7:ae:bf:62:92:30:d4:53:
                    1a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B8:DB:D9:7D:E4:CD:40:59:B5:2E:51:3D:CF:35:CD:38:1A:32:B3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/J7jb2X3kzUBZtS5RPc81zTgaMrM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.204.40.0/22
                IPv6:
                  2a0d:b00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205862

    Signature Algorithm: sha256WithRSAEncryption
         89:2b:e5:f5:e3:b1:ec:20:6e:9f:c0:59:10:22:69:af:70:31:
         e1:d8:d5:6e:4b:ea:28:9d:ca:33:9b:d7:dc:33:a1:c3:b4:95:
         d5:1a:fa:e7:33:d4:33:11:34:20:d6:5c:60:29:fd:43:ce:13:
         f1:b3:e3:5f:93:03:d5:00:17:e6:b6:fb:77:2d:76:ef:ee:cc:
         1b:63:fb:14:b5:a8:88:a1:8c:9d:59:f3:6c:d7:cb:c0:e0:80:
         26:ba:48:48:3e:e9:56:34:58:6e:74:74:72:5c:9a:68:bb:63:
         51:2e:81:aa:a5:6f:71:fb:8d:cf:5e:23:65:7d:cf:47:4e:75:
         ca:ed:08:81:74:72:48:9b:2c:db:fa:4c:da:0c:bc:46:be:ff:
         24:be:ec:13:68:9b:6b:98:08:57:90:d0:33:1a:5b:1e:eb:7f:
         93:4b:7c:2f:52:e5:51:43:29:45:0b:41:77:8d:2f:a2:a6:4c:
         e4:3b:1b:80:18:fd:eb:a3:3d:5d:c5:58:e3:d9:f8:3e:30:19:
         24:6a:79:b8:96:9f:09:b2:04:ee:d2:a8:57:41:c7:12:6f:ae:
         3f:74:ce:40:c6:ce:78:72:73:1b:b2:19:91:11:82:7d:1c:ee:
         2b:64:71:42:6e:03:66:9a:e5:4f:32:a1:f0:39:43:39:49:4f:
         f8:81:75:cc
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzJvObGALimsh+pij1BG0yEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I4ZGJkOTdkZTRjZDQwNTliNTJlNTEzZGNmMzVjZDM4MWEzMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YM2nST+kCSr9nUvNwtdI8GCNyHB
WniDOxgxZYdv+FSzNLDLCmlvorMMpXuZ1zTe3+jtn8hb30tZza+7L+qt7IbUMtKp
atE2t1GplJg/vz59ePXIvZJ3HIxt5JyQ602rP1+HMrO5otAiPJ+U/hGnvnwRBzUJ
J3FuCHqkYwfS8wIbxAKw3PGoL7cDH95DQp77QGmGyqry+jhjgOdQOyssCck6pJwN
i0PoJ43zsFsJxYQBYKZCAT7ELpl7vODOvRUk9Qu5AiPQUfdEEdV+HpipeNEa3AtV
eT+ibjfJGtSvSQd54hD7NGEFksKKy1CjdZfqKpVxotmY966/YpIw1FMaHwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCe429l95M1AWbUuUT3PNc04GjKzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VjLzg1OTI4
Zi01ZjE5LTQxZDktODIzOC01YzU0Y2RhZDE5ZjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMvODU5Mjhm
LTVmMTktNDFkOS04MjM4LTVjNTRjZGFkMTlmMS8xL0o3amIyWDNrelVCWnRTNVJQ
YzgxelRnYU1yTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCucwoMA0EAgACMAcDBQMqDQsAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMkJjANBgkqhkiG9w0BAQsFAAOCAQEAiSvl9eOx7CBu
n8BZECJpr3Ax4djVbkvqKJ3KM5vX3DOhw7SV1Rr65zPUMxE0INZcYCn9Q84T8bPj
X5MD1QAX5rb7dy127+7MG2P7FLWoiKGMnVnzbNfLwOCAJrpISD7pVjRYbnR0clya
aLtjUS6BqqVvcfuNz14jZX3PR051yu0IgXRySJss2/pM2gy8Rr7/JL7sE2iba5gI
V5DQMxpbHut/k0t8L1LlUUMpRQtBd40voqZM5DsbgBj966M9XcVY49n4PjAZJGp5
uJafCbIE7tKoV0HHEm+uP3TOQMbOeHJzG7IZkRGCfRzuK2RxQm4DZprlTzKh8DlD
OUlP+IF1zA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:48:11 2024 by rpki-client on console-ams.rpki-client.org