Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.cer
File:                     Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.cer (raw, json)
Hash identifier:          kR582ucDFEFteffKXb6XK68wp29wi5lxdxzDVlRbHWU=
Subject key identifier:   26:9E:13:8E:9F:C6:07:92:35:45:F7:9A:38:68:4A:64:D9:43:98:04
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019420D608843B35F10572C1FC4D8B8529CF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpkica.mckay.com/rpki/MCnet/Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.mft
caRepository:             rsync://rpkica.mckay.com/rpki/MCnet/
Notify URL:               https://rpkica.mckay.com/rrdp/notify.xml
Certificate not before:   Wed 01 Jan 2025 07:48:05 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 50763
                          IP: 37.1.88.0/21
                          IP: 185.128.248.0/22
                          IP: 193.107.204.0/22
                          IP: 2a00:5540::/29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:d6:08:84:3b:35:f1:05:72:c1:fc:4d:8b:85:29:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:48:05 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=269e138e9fc607923545f79a38684a64d9439804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:41:2a:e9:39:8d:4b:f0:df:95:d4:8b:a9:45:
                    e5:e6:b5:82:71:ef:99:df:94:e2:a2:48:47:4d:15:
                    78:e1:df:e4:8c:93:4f:6b:84:85:38:1d:44:d9:ea:
                    a5:0c:72:4b:02:b4:2c:de:ac:df:00:5f:e1:02:25:
                    44:bd:95:84:0a:eb:3c:f1:94:04:a0:00:2d:07:a4:
                    0d:ac:aa:6c:02:98:01:4b:c4:76:db:7c:86:26:b0:
                    6f:ea:39:74:58:5c:28:cd:a5:02:d3:aa:2c:cf:58:
                    1c:20:d4:b3:ad:6d:3e:68:a0:c1:90:27:8c:63:f2:
                    91:01:75:c8:6d:fe:82:8e:a2:aa:21:74:e6:c2:aa:
                    f9:33:92:ea:0d:e7:44:93:da:a9:fa:8d:89:ad:f9:
                    18:16:79:c9:78:e2:45:96:5f:df:f6:95:fe:3f:b4:
                    2c:c0:96:ae:77:e7:41:1a:13:9e:ea:56:95:e2:f9:
                    d0:bf:7e:16:c6:c4:61:97:17:45:4c:75:6b:4a:60:
                    e8:60:ad:c2:38:7b:dd:fc:5d:ac:f5:3a:6b:1e:36:
                    39:90:67:3a:a3:dc:cc:7d:1e:71:e5:a0:49:80:5c:
                    ac:f9:b6:f9:17:ee:7a:4c:92:1c:7a:14:cb:2e:58:
                    fc:c9:3f:b6:40:60:d5:a7:0e:52:2f:16:68:7a:57:
                    f3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:9E:13:8E:9F:C6:07:92:35:45:F7:9A:38:68:4A:64:D9:43:98:04
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpkica.mckay.com/rpki/MCnet/
                RPKI Manifest - URI:rsync://rpkica.mckay.com/rpki/MCnet/Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.mft
                RPKI Notify - URI:https://rpkica.mckay.com/rrdp/notify.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.1.88.0/21
                  185.128.248.0/22
                  193.107.204.0/22
                IPv6:
                  2a00:5540::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50763

    Signature Algorithm: sha256WithRSAEncryption
         44:70:e0:ee:3a:d8:79:9f:4e:12:46:da:b5:20:fc:12:aa:ad:
         bb:cf:f5:db:c6:3d:5a:0f:c0:ca:b4:ac:db:85:34:e9:38:73:
         af:2b:39:64:68:7e:cd:f5:c4:c9:1e:01:91:c5:a4:4a:17:a3:
         6d:9a:e1:fc:97:d4:ad:30:7f:e4:0e:a9:c3:de:c8:5e:ea:06:
         c5:f3:d8:03:ee:66:91:06:d2:b8:de:af:bc:c2:c6:ea:3d:e9:
         e0:4e:e3:37:63:d2:85:88:4a:c5:ed:21:b3:52:fc:07:ec:57:
         ab:56:aa:85:a9:ec:df:55:b2:0b:06:a8:88:fc:20:ca:c7:ef:
         fa:75:0a:f1:d1:60:0d:ca:ee:3e:1f:87:c3:13:a3:3c:ba:60:
         f5:ff:5b:b7:ce:4e:d1:89:e5:6d:32:21:3c:39:6e:1f:b3:30:
         68:1a:e2:2a:4d:ed:e8:26:ed:00:1f:ba:50:be:74:1c:53:41:
         66:34:35:85:5a:cc:36:82:af:d1:85:9c:95:fa:5e:12:b9:44:
         b3:0f:52:56:5d:6a:33:4d:16:68:75:a6:21:03:0c:f2:f0:3f:
         c5:12:a1:45:e2:e3:80:ff:7d:4f:68:76:09:fa:f6:75:c1:fa:
         cd:6e:9a:96:15:80:50:bd:87:b9:88:4d:b8:43:27:bc:22:e6:
         50:16:e8:5b
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZQg1giEOzXxBXLB/E2LhSnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjllMTM4ZTlmYzYwNzkyMzU0NWY3OWEzODY4NGE2NGQ5NDM5ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EEq6TmNS/DfldSLqUXl5rWCce+Z
35TiokhHTRV44d/kjJNPa4SFOB1E2eqlDHJLArQs3qzfAF/hAiVEvZWECus88ZQE
oAAtB6QNrKpsApgBS8R223yGJrBv6jl0WFwozaUC06osz1gcINSzrW0+aKDBkCeM
Y/KRAXXIbf6CjqKqIXTmwqr5M5LqDedEk9qp+o2JrfkYFnnJeOJFll/f9pX+P7Qs
wJaud+dBGhOe6laV4vnQv34WxsRhlxdFTHVrSmDoYK3COHvd/F2s9TprHjY5kGc6
o9zMfR5x5aBJgFys+bb5F+56TJIcehTLLlj8yT+2QGDVpw5SLxZoelfzDwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFCaeE46fxgeSNUX3mjhoSmTZQ5gEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgckGCCsGAQUFBwELBIG8MIG5MDAGCCsGAQUFBzAFhiRyc3lu
YzovL3Jwa2ljYS5tY2theS5jb20vcnBraS9NQ25ldC8wTwYIKwYBBQUHMAqGQ3Jz
eW5jOi8vcnBraWNhLm1ja2F5LmNvbS9ycGtpL01DbmV0L0pwNFRqcF9HQjVJMVJm
ZWFPR2hLWk5sRG1BUS5tZnQwNAYIKwYBBQUHMA2GKGh0dHBzOi8vcnBraWNhLm1j
a2F5LmNvbS9ycmRwL25vdGlmeS54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6
Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJ
Sm5IQzJRSFZWM2Q1bWsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwOgYI
KwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAMlAVgDBAK5gPgDBALBa8wwDQQCAAIw
BwMFAyoAVUAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMZLMA0GCSqGSIb3DQEB
CwUAA4IBAQBEcODuOth5n04SRtq1IPwSqq27z/Xbxj1aD8DKtKzbhTTpOHOvKzlk
aH7N9cTJHgGRxaRKF6NtmuH8l9StMH/kDqnD3she6gbF89gD7maRBtK43q+8wsbq
PengTuM3Y9KFiErF7SGzUvwH7FerVqqFqezfVbILBqiI/CDKx+/6dQrx0WANyu4+
H4fDE6M8umD1/1u3zk7RieVtMiE8OW4fszBoGuIqTe3oJu0AH7pQvnQcU0FmNDWF
Wsw2gq/RhZyV+l4SuUSzD1JWXWozTRZodaYhAwzy8D/FEqFF4uOA/31PaHYJ+vZ1
wfrNbpqWFYBQvYe5iE24Qye8IuZQFuhb
-----END CERTIFICATE-----