Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
File:                     JaVTeUIj5rTGMnebUTcdxOfXBwU.cer (raw, json)
Hash identifier:          5/Kao/vRIOyr6cUbJXEWM2KP80NMtI8afZ58piB7Amo=
Subject key identifier:   25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4247993965B3D35BD28094B08CF1430
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:29:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 46.102.248.0/24
                          IP: 84.40.0.0 -- 84.40.39.255
                          IP: 84.40.48.0/21
                          IP: 89.33.207.0/24
                          IP: 89.36.24.0/21
                          IP: 89.36.255.0/24
                          IP: 89.41.60.0/23
                          IP: 89.42.155.0/24
                          IP: 89.47.247.0/24
                          IP: 176.223.192.0/18
                          IP: 188.215.38.0/24
                          IP: 2001:67c:4dc::/48
                          IP: 2a06:6b80::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:79:93:96:5b:3d:35:bd:28:09:4b:08:cf:14:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=25a553794223e6b4c632779b51371dc4e7d70705
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:bd:b0:79:e1:72:a6:29:9f:7a:da:b3:2e:8a:
                    ea:65:60:b2:b9:ff:7d:2e:e1:83:22:5f:b8:e1:4b:
                    70:f2:a8:c6:54:37:bf:de:bd:96:6c:a6:eb:d1:11:
                    b5:5c:b9:c1:5a:30:4e:5a:c2:a3:28:f0:d9:9b:a2:
                    2d:b7:19:00:e0:9b:8a:43:81:45:42:0c:32:0d:e9:
                    cd:ad:7f:19:20:f5:97:8c:b9:0f:9c:96:50:f1:60:
                    a2:0d:67:df:3d:22:5b:e6:95:e9:e9:1d:44:38:48:
                    9b:ec:60:30:f8:6b:e8:ed:ca:7b:f1:94:0b:6b:91:
                    e3:0e:eb:34:5c:e4:a4:af:b3:4f:42:11:74:01:1f:
                    9d:f6:d5:18:85:b3:02:d6:81:98:be:c4:42:ec:b8:
                    d0:d6:68:31:57:92:7b:a8:5b:1a:94:9c:b9:6b:8e:
                    07:c7:54:59:6a:8b:87:3f:68:75:09:d6:2b:cb:9a:
                    b6:5a:31:b2:78:12:04:10:42:89:86:e0:ac:51:f9:
                    fb:37:ec:67:91:fb:f4:c6:d5:16:90:df:29:b7:a2:
                    80:e3:76:5e:56:d0:77:8c:cf:82:2b:fb:f0:52:22:
                    cd:76:1d:55:f7:78:06:77:2f:b6:20:df:b5:16:02:
                    52:67:aa:45:1f:b0:1c:31:00:13:02:aa:e7:e0:ec:
                    55:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.248.0/24
                  84.40.0.0-84.40.39.255
                  84.40.48.0/21
                  89.33.207.0/24
                  89.36.24.0/21
                  89.36.255.0/24
                  89.41.60.0/23
                  89.42.155.0/24
                  89.47.247.0/24
                  176.223.192.0/18
                  188.215.38.0/24
                IPv6:
                  2001:67c:4dc::/48
                  2a06:6b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         5d:95:4b:1e:85:55:34:49:72:90:b7:f7:17:1d:e1:f7:a8:d5:
         1a:b1:b0:6a:77:5a:4b:7f:e8:90:59:9b:e7:1f:80:13:86:68:
         d8:ef:07:e5:88:57:c1:5c:bc:f3:d2:98:0c:dc:ed:64:b6:97:
         29:34:b7:ab:35:d1:2d:dd:51:c5:ad:98:8b:31:ed:bd:fd:36:
         75:d9:7b:42:f6:d0:9a:ff:6d:1b:50:12:19:4d:55:e9:3e:13:
         93:2d:31:9b:98:be:67:2d:fd:7e:58:ea:cf:af:52:2b:79:f6:
         8a:72:96:b6:c9:67:88:e4:dd:8b:bd:d3:10:ce:ee:86:d5:88:
         67:4f:b9:cf:36:98:61:ce:aa:43:0e:5a:7d:14:3d:3b:4d:0e:
         84:2e:ae:fd:5b:d9:03:eb:bf:23:7c:fc:dc:bf:b7:57:78:17:
         30:c4:50:5a:b1:de:cf:63:36:54:4e:56:41:c4:dd:83:f1:c1:
         1c:cb:b1:fa:1d:01:9e:aa:06:3a:b2:34:a2:4a:a0:bb:a6:a0:
         b3:02:cc:6d:1e:f2:46:25:44:7d:ff:f8:75:bb:e4:1a:80:aa:
         89:85:12:e4:14:7b:c7:cb:e5:36:ff:ba:f7:c7:8a:67:79:63:
         42:f3:67:72:6f:81:f7:6a:61:76:0b:fb:b0:07:0f:ef:b6:d0:
         09:ae:b2:4e
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAYzEJHmTlls9Nb0oCUsIzxQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE1NTM3OTQyMjNlNmI0YzYzMjc3OWI1MTM3MWRjNGU3ZDcwNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr2weeFypimfetqzLorqZWCyuf99
LuGDIl+44Utw8qjGVDe/3r2WbKbr0RG1XLnBWjBOWsKjKPDZm6IttxkA4JuKQ4FF
QgwyDenNrX8ZIPWXjLkPnJZQ8WCiDWffPSJb5pXp6R1EOEib7GAw+Gvo7cp78ZQL
a5HjDus0XOSkr7NPQhF0AR+d9tUYhbMC1oGYvsRC7LjQ1mgxV5J7qFsalJy5a44H
x1RZaouHP2h1CdYry5q2WjGyeBIEEEKJhuCsUfn7N+xnkfv0xtUWkN8pt6KA43Ze
VtB3jM+CK/vwUiLNdh1V93gGdy+2IN+1FgJSZ6pFH7AcMQATAqrn4OxVwwIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzLzFmOTZj
Yy01ZWE2LTQ5ZTMtOGY1Zi0zMGU5MjllZDEwNjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvMWY5NmNj
LTVlYTYtNDllMy04ZjVmLTMwZTkyOWVkMTA2My8xL0phVlRlVUlqNXJUR01uZWJV
VGNkeE9mWEJ3VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHoGCCsGAQUF
BwEHAQH/BGswaTBPBAIAATBJAwQALmb4MAsDAwNUKAMEA1QoIAMEA1QoMAMEAFkh
zwMEA1kkGAMEAFkk/wMEAVkpPAMEAFkqmwMEAFkv9wMEBrDfwAMEALzXJjAWBAIA
AjAQAwcAIAEGfATcAwUDKgZrgDANBgkqhkiG9w0BAQsFAAOCAQEAXZVLHoVVNEly
kLf3Fx3h96jVGrGwandaS3/okFmb5x+AE4Zo2O8H5YhXwVy889KYDNztZLaXKTS3
qzXRLd1Rxa2YizHtvf02ddl7QvbQmv9tG1ASGU1V6T4Tky0xm5i+Zy39fljqz69S
K3n2inKWtslniOTdi73TEM7uhtWIZ0+5zzaYYc6qQw5afRQ9O00OhC6u/VvZA+u/
I3z83L+3V3gXMMRQWrHez2M2VE5WQcTdg/HBHMux+h0BnqoGOrI0okqgu6agswLM
bR7yRiVEff/4dbvkGoCqiYUS5BR7x8vlNv+698eKZ3ljQvNncm+B92phdgv7sAcP
77bQCa6yTg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:48:19 2024 by rpki-client on console-ams.rpki-client.org