Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.cer
File:                     Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.cer (raw, json)
Hash identifier:          18xUBfJGQx4VGItXdtU3DRg3NurEjH+zpq7QchLz3Zg=
Subject key identifier:   26:9E:13:8E:9F:C6:07:92:35:45:F7:9A:38:68:4A:64:D9:43:98:04
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC9BBD8D904542FAC94B5A6A46EA6EEFB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpkica.mckay.com/rpki/MCnet/Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.mft
caRepository:             rsync://rpkica.mckay.com/rpki/MCnet/
Notify URL:               https://rpkica.mckay.com/rrdp/notify.xml
Certificate not before:   Tue 02 Jan 2024 10:33:00 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50763
                          IP: 37.1.88.0/21
                          IP: 185.128.248.0/22
                          IP: 193.107.204.0/22
                          IP: 2a00:5540::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bb:d8:d9:04:54:2f:ac:94:b5:a6:a4:6e:a6:ee:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 10:33:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=269e138e9fc607923545f79a38684a64d9439804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:41:2a:e9:39:8d:4b:f0:df:95:d4:8b:a9:45:
                    e5:e6:b5:82:71:ef:99:df:94:e2:a2:48:47:4d:15:
                    78:e1:df:e4:8c:93:4f:6b:84:85:38:1d:44:d9:ea:
                    a5:0c:72:4b:02:b4:2c:de:ac:df:00:5f:e1:02:25:
                    44:bd:95:84:0a:eb:3c:f1:94:04:a0:00:2d:07:a4:
                    0d:ac:aa:6c:02:98:01:4b:c4:76:db:7c:86:26:b0:
                    6f:ea:39:74:58:5c:28:cd:a5:02:d3:aa:2c:cf:58:
                    1c:20:d4:b3:ad:6d:3e:68:a0:c1:90:27:8c:63:f2:
                    91:01:75:c8:6d:fe:82:8e:a2:aa:21:74:e6:c2:aa:
                    f9:33:92:ea:0d:e7:44:93:da:a9:fa:8d:89:ad:f9:
                    18:16:79:c9:78:e2:45:96:5f:df:f6:95:fe:3f:b4:
                    2c:c0:96:ae:77:e7:41:1a:13:9e:ea:56:95:e2:f9:
                    d0:bf:7e:16:c6:c4:61:97:17:45:4c:75:6b:4a:60:
                    e8:60:ad:c2:38:7b:dd:fc:5d:ac:f5:3a:6b:1e:36:
                    39:90:67:3a:a3:dc:cc:7d:1e:71:e5:a0:49:80:5c:
                    ac:f9:b6:f9:17:ee:7a:4c:92:1c:7a:14:cb:2e:58:
                    fc:c9:3f:b6:40:60:d5:a7:0e:52:2f:16:68:7a:57:
                    f3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:9E:13:8E:9F:C6:07:92:35:45:F7:9A:38:68:4A:64:D9:43:98:04
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpkica.mckay.com/rpki/MCnet/
                RPKI Manifest - URI:rsync://rpkica.mckay.com/rpki/MCnet/Jp4Tjp_GB5I1RfeaOGhKZNlDmAQ.mft
                RPKI Notify - URI:https://rpkica.mckay.com/rrdp/notify.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.1.88.0/21
                  185.128.248.0/22
                  193.107.204.0/22
                IPv6:
                  2a00:5540::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50763

    Signature Algorithm: sha256WithRSAEncryption
         0c:36:56:aa:4c:79:94:40:e7:d6:cd:71:91:a2:07:31:b5:f4:
         9d:c2:d5:d5:8f:cf:6c:aa:3d:ee:ef:9a:9f:6c:db:18:c5:68:
         35:c8:34:2d:18:bb:5b:48:35:50:8e:06:4a:c8:36:25:60:1f:
         bd:08:09:2c:ef:77:a3:09:46:7a:76:2a:20:c9:aa:91:03:6a:
         85:52:4e:10:9f:7f:a1:7b:51:96:a0:25:05:1e:57:9a:ff:92:
         52:d4:72:8b:ef:7d:3f:86:7f:76:b9:be:5a:e2:35:b7:1e:2d:
         49:a0:79:1d:3f:3a:b3:a3:05:5a:b8:57:49:16:58:6c:a8:9a:
         9e:dd:5c:ad:35:d1:cb:f1:6e:f9:43:bc:16:f3:85:51:c8:02:
         97:98:f2:09:4e:94:b0:b0:4d:6b:ac:1f:e4:ca:86:96:d0:0e:
         98:81:8b:85:f2:f0:c7:e3:0b:d0:a9:85:b9:a7:10:7a:a0:a9:
         93:46:f6:e2:0a:35:65:05:8d:fa:56:d7:fa:28:c3:57:cd:97:
         f3:0c:36:30:c5:ba:a0:df:e3:b2:95:38:47:86:49:c2:a5:09:
         09:20:44:8f:b7:39:80:3b:6a:a8:a3:cb:13:79:37:ab:62:3e:
         35:50:71:26:52:fe:3f:78:4b:f3:51:95:cf:7f:3f:db:58:e1:
         39:6a:2e:74
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzJu9jZBFQvrJS1pqRupu77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjllMTM4ZTlmYzYwNzkyMzU0NWY3OWEzODY4NGE2NGQ5NDM5ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EEq6TmNS/DfldSLqUXl5rWCce+Z
35TiokhHTRV44d/kjJNPa4SFOB1E2eqlDHJLArQs3qzfAF/hAiVEvZWECus88ZQE
oAAtB6QNrKpsApgBS8R223yGJrBv6jl0WFwozaUC06osz1gcINSzrW0+aKDBkCeM
Y/KRAXXIbf6CjqKqIXTmwqr5M5LqDedEk9qp+o2JrfkYFnnJeOJFll/f9pX+P7Qs
wJaud+dBGhOe6laV4vnQv34WxsRhlxdFTHVrSmDoYK3COHvd/F2s9TprHjY5kGc6
o9zMfR5x5aBJgFys+bb5F+56TJIcehTLLlj8yT+2QGDVpw5SLxZoelfzDwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFCaeE46fxgeSNUX3mjhoSmTZQ5gEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgckGCCsGAQUFBwELBIG8MIG5MDAGCCsGAQUFBzAFhiRyc3lu
YzovL3Jwa2ljYS5tY2theS5jb20vcnBraS9NQ25ldC8wTwYIKwYBBQUHMAqGQ3Jz
eW5jOi8vcnBraWNhLm1ja2F5LmNvbS9ycGtpL01DbmV0L0pwNFRqcF9HQjVJMVJm
ZWFPR2hLWk5sRG1BUS5tZnQwNAYIKwYBBQUHMA2GKGh0dHBzOi8vcnBraWNhLm1j
a2F5LmNvbS9ycmRwL25vdGlmeS54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6
Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJ
Sm5IQzJRSFZWM2Q1bWsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwOgYI
KwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAMlAVgDBAK5gPgDBALBa8wwDQQCAAIw
BwMFAyoAVUAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMZLMA0GCSqGSIb3DQEB
CwUAA4IBAQAMNlaqTHmUQOfWzXGRogcxtfSdwtXVj89sqj3u75qfbNsYxWg1yDQt
GLtbSDVQjgZKyDYlYB+9CAks73ejCUZ6diogyaqRA2qFUk4Qn3+he1GWoCUFHlea
/5JS1HKL730/hn92ub5a4jW3Hi1JoHkdPzqzowVauFdJFlhsqJqe3VytNdHL8W75
Q7wW84VRyAKXmPIJTpSwsE1rrB/kyoaW0A6YgYuF8vDH4wvQqYW5pxB6oKmTRvbi
CjVlBY36Vtf6KMNXzZfzDDYwxbqg3+OylThHhknCpQkJIESPtzmAO2qoo8sTeTer
Yj41UHEmUv4/eEvzUZXPfz/bWOE5ai50
-----END CERTIFICATE-----