Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/J90kebrctAokpDax7cw2HD-mKvs.cer
File:                     J90kebrctAokpDax7cw2HD-mKvs.cer (raw, json)
Hash identifier:          +GkECbAbt8qxO8+SaXflE0YVwPN7Dq/MhAd7znV3TPI=
Subject key identifier:   27:DD:24:79:BA:DC:B4:0A:24:A4:36:B1:ED:CC:36:1C:3F:A6:2A:FB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DE6BB7050C88035D0AD088BE522390
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/J90kebrctAokpDax7cw2HD-mKvs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 60718
                          IP: 185.18.168.0/22
                          IP: 2a03:f9c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:6b:b7:05:0c:88:03:5d:0a:d0:88:be:52:23:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=27dd2479badcb40a24a436b1edcc361c3fa62afb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f1:e8:f6:a8:c6:34:0d:3a:27:a6:e8:05:31:
                    2b:e6:81:21:c5:ef:59:81:34:7b:db:30:a6:f0:9a:
                    4e:fb:8f:da:fe:e5:34:bb:a6:39:23:fa:b9:43:a0:
                    e4:86:5e:fd:d8:22:ba:7f:19:4b:5d:5f:f3:c0:68:
                    27:c9:20:da:eb:cf:30:68:da:2e:a1:f3:e5:9d:ef:
                    8c:26:50:2a:37:05:1d:97:8c:b0:68:a1:ae:f6:f8:
                    de:13:7a:08:b4:50:70:00:2d:79:99:0e:3f:aa:03:
                    15:33:15:71:99:c4:3f:6a:35:ab:78:c1:1d:69:34:
                    c1:79:33:8d:97:ea:7c:9e:39:f4:d2:ab:05:26:8a:
                    31:68:3c:c6:1d:f7:d3:61:f3:c7:cf:ac:d7:1f:53:
                    22:24:65:76:b4:10:2d:fe:41:91:f4:f6:cc:e9:9d:
                    f5:8b:a8:c6:0d:dd:43:97:2f:ed:45:df:41:ef:0a:
                    22:53:66:82:3b:79:7b:30:be:73:ab:cf:d0:bc:61:
                    cb:cc:ec:57:60:18:27:bf:5a:ab:43:58:a0:d9:b0:
                    4d:14:9d:16:94:6c:c7:8d:20:70:f0:d6:b6:16:ca:
                    97:13:b9:77:f9:d6:20:1a:5d:fb:7e:8a:a7:29:f3:
                    2a:89:59:e6:90:de:d4:41:a3:2d:70:b7:32:01:14:
                    37:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:DD:24:79:BA:DC:B4:0A:24:A4:36:B1:ED:CC:36:1C:3F:A6:2A:FB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/J90kebrctAokpDax7cw2HD-mKvs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.168.0/22
                IPv6:
                  2a03:f9c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  60718

    Signature Algorithm: sha256WithRSAEncryption
         21:97:89:34:a7:11:de:ca:16:a0:61:2f:73:19:ee:1b:29:55:
         97:b7:14:b3:4d:9f:3d:d8:42:f8:7e:27:3e:7f:0b:6d:cc:33:
         05:a3:83:45:e3:77:87:02:c1:a4:75:d0:dd:fb:2b:c4:7f:09:
         2d:09:41:0a:23:b9:27:36:a9:56:94:b4:77:27:c6:31:9a:ed:
         a0:1d:e2:6b:fc:e0:2a:86:d2:73:be:60:97:79:07:5e:43:e6:
         6d:e2:33:d8:48:6f:c6:f7:51:f2:2c:75:4f:59:09:e3:6f:8b:
         a9:6a:8b:89:d4:6d:7a:cd:30:c9:ae:49:67:e2:4e:4f:db:d2:
         e2:b6:01:b7:7d:4c:ce:18:f4:ec:4e:95:d0:e1:7d:be:16:76:
         6c:6d:48:45:11:ff:37:bc:1c:cd:9a:1c:0f:cf:9f:19:3c:b2:
         06:14:36:b0:57:9f:91:be:a7:45:ee:c5:38:6d:f6:00:f3:2f:
         22:5e:08:38:e2:3a:a5:d1:fe:e7:77:29:5b:7a:cc:bd:68:44:
         56:c3:f4:b3:8e:fd:1c:5f:9e:b5:3a:04:e1:36:6d:05:af:e9:
         95:09:4b:a3:e3:54:28:5f:09:d6:50:d3:cb:9a:2f:af:37:34:
         74:57:4e:4e:fc:61:02:88:0e:7b:72:04:51:ca:5b:46:9d:47:
         df:85:bf:4c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzI3mu3BQyIA10K0Ii+UiOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2RkMjQ3OWJhZGNiNDBhMjRhNDM2YjFlZGNjMzYxYzNmYTYyYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivHo9qjGNA06J6boBTEr5oEhxe9Z
gTR72zCm8JpO+4/a/uU0u6Y5I/q5Q6Dkhl792CK6fxlLXV/zwGgnySDa688waNou
ofPlne+MJlAqNwUdl4ywaKGu9vjeE3oItFBwAC15mQ4/qgMVMxVxmcQ/ajWreMEd
aTTBeTONl+p8njn00qsFJooxaDzGHffTYfPHz6zXH1MiJGV2tBAt/kGR9PbM6Z31
i6jGDd1Dly/tRd9B7woiU2aCO3l7ML5zq8/QvGHLzOxXYBgnv1qrQ1ig2bBNFJ0W
lGzHjSBw8Na2FsqXE7l3+dYgGl37foqnKfMqiVnmkN7UQaMtcLcyARQ3+QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCfdJHm63LQKJKQ2se3MNhw/pir7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVjLzc5NGRl
My0zOWU2LTRmMmMtODZmMS1iYzJjNDUzYzBlYzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMvNzk0ZGUz
LTM5ZTYtNGYyYy04NmYxLWJjMmM0NTNjMGVjOC8xL0o5MGtlYnJjdEFva3BEYXg3
Y3cySEQtbUt2cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuRKoMA0EAgACMAcDBQAqA/nAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDtLjANBgkqhkiG9w0BAQsFAAOCAQEAIZeJNKcR3soW
oGEvcxnuGylVl7cUs02fPdhC+H4nPn8LbcwzBaODReN3hwLBpHXQ3fsrxH8JLQlB
CiO5JzapVpS0dyfGMZrtoB3ia/zgKobSc75gl3kHXkPmbeIz2EhvxvdR8ix1T1kJ
42+LqWqLidRtes0wya5JZ+JOT9vS4rYBt31Mzhj07E6V0OF9vhZ2bG1IRRH/N7wc
zZocD8+fGTyyBhQ2sFefkb6nRe7FOG32APMvIl4IOOI6pdH+53cpW3rMvWhEVsP0
s479HF+etToE4TZtBa/plQlLo+NUKF8J1lDTy5ovrzc0dFdOTvxhAogOe3IEUcpb
Rp1H34W/TA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:48:12 2024 by rpki-client on console-ams.rpki-client.org