Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JJVPYIrBK2hO-GXzmvDpTiULlFQ.cer
File:                     JJVPYIrBK2hO-GXzmvDpTiULlFQ.cer (raw, json)
Hash identifier:          fgtsXKIt1liKkPdUjZUW3SoZgA0MJKt6BK7R2YPn13Q=
Subject key identifier:   24:95:4F:60:8A:C1:2B:68:4E:F8:65:F3:9A:F0:E9:4E:25:0B:94:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56DE8476AEDD61DD9A288CF29EE8488
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/JJVPYIrBK2hO-GXzmvDpTiULlFQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:29:23 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207108
                          IP: 185.139.7.0/24
                          IP: 2a12:ab40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6d:e8:47:6a:ed:d6:1d:d9:a2:88:cf:29:ee:84:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24954f608ac12b684ef865f39af0e94e250b9454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a0:32:3d:75:4b:59:fc:e0:02:06:7a:eb:f9:
                    7a:24:97:c0:50:f1:7b:cd:a5:3c:55:76:7e:84:1a:
                    30:c6:54:7e:f2:b4:3a:77:05:f3:d0:15:c2:ca:ae:
                    89:21:19:dd:84:0c:a3:da:12:87:37:0e:b1:cc:08:
                    9e:49:f3:eb:41:ec:46:e1:70:62:24:54:22:58:3e:
                    4d:c8:e2:2f:b6:3a:b9:32:80:11:d8:19:b5:75:d7:
                    8d:98:a6:5b:19:ff:11:18:b0:bb:4f:5a:34:8a:02:
                    45:50:11:f3:8d:69:7a:86:0a:bd:77:bb:55:f2:4e:
                    b5:58:a5:88:cf:76:51:71:d4:85:1b:31:4c:ac:7a:
                    59:56:d3:46:9c:ef:32:38:f5:3d:1a:41:ea:5f:6e:
                    7f:aa:c4:8e:60:3c:77:53:83:d3:da:08:5d:d2:6b:
                    71:0d:03:40:9e:57:52:c6:e5:1c:95:40:56:94:33:
                    1d:f2:ef:b5:11:1f:4f:6d:99:dd:83:20:a6:f8:80:
                    f6:f4:21:61:c0:ac:77:af:f3:2e:37:bc:c3:e0:62:
                    b2:a9:57:bd:a4:85:b1:14:c9:7c:d9:5d:14:b8:e8:
                    10:04:9a:62:b1:1e:a0:05:68:93:0d:59:a5:5e:4d:
                    03:5c:c9:66:9f:33:af:7b:ee:30:98:b1:69:f3:e1:
                    01:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:95:4F:60:8A:C1:2B:68:4E:F8:65:F3:9A:F0:E9:4E:25:0B:94:54
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/JJVPYIrBK2hO-GXzmvDpTiULlFQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.139.7.0/24
                IPv6:
                  2a12:ab40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207108

    Signature Algorithm: sha256WithRSAEncryption
         91:3c:2d:03:7d:0a:a4:b4:f6:8b:20:3a:17:6f:d6:10:16:07:
         c4:a4:6d:2b:c6:2d:ef:95:a1:3d:e5:49:11:b1:43:fb:b2:06:
         c3:52:b3:95:fd:b7:e3:1e:ee:5b:2a:65:5d:97:53:3d:17:06:
         31:a0:1a:3c:46:ea:ce:fb:d3:c4:95:c0:21:3e:4d:22:af:81:
         b6:9e:24:58:b1:5a:48:d8:3d:d6:ca:7e:b9:41:34:2a:1c:f2:
         c6:12:59:f0:50:63:26:eb:cc:5d:17:63:3a:77:70:dd:2c:8d:
         53:d8:2e:b7:55:5c:18:ac:42:df:34:62:43:b0:f5:72:01:9d:
         b3:a3:81:db:e1:ed:a8:af:79:42:4b:48:b1:c8:b9:18:68:95:
         4a:f4:d0:8a:eb:12:70:e1:d1:9c:45:46:8c:f2:0c:53:d6:fa:
         14:0f:41:e3:f4:eb:d1:7e:96:bf:5c:3f:09:c7:f3:5e:68:49:
         b9:8b:48:13:b3:97:fa:6b:c4:12:e9:11:2a:a6:31:07:8c:23:
         41:fb:70:3e:18:a9:05:0b:ce:bb:a9:09:5e:27:d5:24:aa:7e:
         fd:7a:0c:6a:44:68:77:42:10:ad:6d:99:03:0d:bd:d2:98:1f:
         33:7b:85:50:c4:da:b0:4e:f4:52:f8:8a:78:d3:a8:00:0c:f6:
         e0:50:52:6c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzFbehHau3WHdmiiM8p7oSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk1NGY2MDhhYzEyYjY4NGVmODY1ZjM5YWYwZTk0ZTI1MGI5NDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6AyPXVLWfzgAgZ66/l6JJfAUPF7
zaU8VXZ+hBowxlR+8rQ6dwXz0BXCyq6JIRndhAyj2hKHNw6xzAieSfPrQexG4XBi
JFQiWD5NyOIvtjq5MoAR2Bm1ddeNmKZbGf8RGLC7T1o0igJFUBHzjWl6hgq9d7tV
8k61WKWIz3ZRcdSFGzFMrHpZVtNGnO8yOPU9GkHqX25/qsSOYDx3U4PT2ghd0mtx
DQNAnldSxuUclUBWlDMd8u+1ER9PbZndgyCm+ID29CFhwKx3r/MuN7zD4GKyqVe9
pIWxFMl82V0UuOgQBJpisR6gBWiTDVmlXk0DXMlmnzOve+4wmLFp8+EBJwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCSVT2CKwStoTvhl85rw6U4lC5RUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2LzRkZGQ3
NS0zMTYwLTQwNjUtYmI2OS1iYjE3ODc1ZGIzMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvNGRkZDc1
LTMxNjAtNDA2NS1iYjY5LWJiMTc4NzVkYjMyMy8xL0pKVlBZSXJCSzJoTy1HWHpt
dkRwVGlVTGxGUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuYsHMA0EAgACMAcDBQMqEqtAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMpBDANBgkqhkiG9w0BAQsFAAOCAQEAkTwtA30KpLT2
iyA6F2/WEBYHxKRtK8Yt75WhPeVJEbFD+7IGw1Kzlf234x7uWyplXZdTPRcGMaAa
PEbqzvvTxJXAIT5NIq+Btp4kWLFaSNg91sp+uUE0KhzyxhJZ8FBjJuvMXRdjOndw
3SyNU9gut1VcGKxC3zRiQ7D1cgGds6OB2+HtqK95QktIsci5GGiVSvTQiusScOHR
nEVGjPIMU9b6FA9B4/Tr0X6Wv1w/CcfzXmhJuYtIE7OX+mvEEukRKqYxB4wjQftw
PhipBQvOu6kJXifVJKp+/XoMakRod0IQrW2ZAw290pgfM3uFUMTasE70UviKeNOo
AAz24FBSbA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:48:14 2024 by rpki-client on console-ams.rpki-client.org