Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
File:                     L1SHXb4wvk9_xEoEaLUbF47fZOY.cer (raw, json)
Hash identifier:          ArwkBOo9WYLus/lPMM9dAPzHdNQe8C+NsH4PjrOHqRE=
Subject key identifier:   2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2A878B2660FD5C4520F35C9F4CCD48
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:54 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 210104
                          IP: 85.115.212.0/22
                          IP: 93.177.88.0/22
                          IP: 185.215.74.0/23
                          IP: 2a09:b500::/29
                          IP: 2a0d:b240::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Nov 2024 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:87:8b:26:60:fd:5c:45:20:f3:5c:9f:4c:cd:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7d:81:80:85:a2:98:4e:ea:42:54:fa:76:96:
                    68:0a:93:9c:83:23:63:d3:32:d2:c0:b1:80:25:b2:
                    d5:fd:65:70:5d:13:fe:37:ad:17:5c:73:3a:08:91:
                    6c:19:fd:96:51:35:96:4a:42:18:f3:46:12:cd:1f:
                    4d:16:25:aa:9c:7f:61:ea:9b:65:7e:d6:86:e3:81:
                    b3:e3:27:8e:73:09:30:7d:1d:e0:da:23:43:19:f6:
                    46:4c:1d:80:04:38:b0:50:f4:bd:4b:bb:2c:81:e8:
                    03:ae:3d:04:65:b6:50:4f:50:9a:e7:14:e0:aa:53:
                    5e:f4:f1:df:16:62:2c:19:ac:37:ff:92:57:9c:f8:
                    17:9f:90:e4:6c:8c:43:d1:d6:84:09:95:1b:85:45:
                    96:b1:a8:38:c5:80:9b:4b:f2:bb:16:73:24:79:58:
                    5b:c6:c9:56:72:35:b1:24:8e:7d:16:dc:c7:62:5b:
                    ea:b7:53:1e:7d:ef:de:88:8d:33:84:4d:96:56:b8:
                    25:a2:46:e2:8e:d1:b7:0f:e4:8a:b7:93:4b:55:67:
                    4e:7f:55:5d:2d:07:3c:dd:49:9d:be:61:b7:4c:89:
                    fa:4a:54:34:7a:6f:7b:be:13:0e:5f:9e:85:21:6e:
                    2e:2d:36:1e:ab:21:2a:36:b4:33:0b:76:10:27:32:
                    47:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.212.0/22
                  93.177.88.0/22
                  185.215.74.0/23
                IPv6:
                  2a09:b500::/29
                  2a0d:b240::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210104

    Signature Algorithm: sha256WithRSAEncryption
         5f:85:ad:ee:af:e1:f7:42:78:2b:6a:9c:83:96:02:7f:1f:90:
         0e:32:8b:fa:c9:39:5e:8d:15:5f:d3:ee:5d:07:09:8b:ff:3f:
         63:4a:80:0d:78:cd:55:36:98:c9:c7:fc:c7:a0:90:bd:4a:88:
         18:84:c7:c7:be:c2:33:e7:3a:d4:86:1a:87:a2:ca:90:9b:71:
         8a:41:53:25:4c:9c:71:43:5c:40:2c:0d:8e:f6:5b:28:8e:c2:
         55:b7:0b:3b:da:4b:40:6a:76:3a:13:15:bb:56:10:d3:a6:d5:
         8e:df:f8:58:1b:a9:14:8e:59:3c:bb:13:6d:59:c3:5a:13:5a:
         0f:d2:e8:6c:33:81:f4:ec:33:b7:15:a8:c4:ea:92:ae:85:0e:
         16:f3:e9:50:0b:c1:5a:54:67:af:d3:ac:7f:33:e4:8a:01:3f:
         e8:d8:48:38:0d:44:65:1a:b3:8e:19:cb:86:9e:37:42:41:5f:
         aa:6d:88:f9:59:58:2f:51:ed:30:9f:6b:12:df:f7:d4:4f:86:
         8c:47:d8:26:72:73:fa:a9:4e:bd:d9:3d:1d:c8:66:95:00:b3:
         0f:32:91:70:44:54:54:6a:ed:78:03:84:35:12:0f:fc:b8:48:
         be:40:e7:cd:04:53:88:15:03:29:71:4f:27:0e:20:06:f6:12:
         ab:19:34:60
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYzKKoeLJmD9XEUg81yfTM1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU0ODc1ZGJlMzBiZTRmN2ZjNDRhMDQ2OGI1MWIxNzhlZGY2NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH2BgIWimE7qQlT6dpZoCpOcgyNj
0zLSwLGAJbLV/WVwXRP+N60XXHM6CJFsGf2WUTWWSkIY80YSzR9NFiWqnH9h6ptl
ftaG44Gz4yeOcwkwfR3g2iNDGfZGTB2ABDiwUPS9S7ssgegDrj0EZbZQT1Ca5xTg
qlNe9PHfFmIsGaw3/5JXnPgXn5DkbIxD0daECZUbhUWWsag4xYCbS/K7FnMkeVhb
xslWcjWxJI59FtzHYlvqt1Mefe/eiI0zhE2WVrglokbijtG3D+SKt5NLVWdOf1Vd
LQc83UmdvmG3TIn6SlQ0em97vhMOX56FIW4uLTYeqyEqNrQzC3YQJzJHwQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFC9Uh12+ML5Pf8RKBGi1GxeO32TmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1L2RhNTNi
OS1kY2E1LTQ5NWQtODc2My1iZmVhNjFiNzcwYjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvZGE1M2I5
LWRjYTUtNDk1ZC04NzYzLWJmZWE2MWI3NzBiNi8xL0wxU0hYYjR3dms5X3hFb0Vh
TFViRjQ3ZlpPWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF
BwEHAQH/BDIwMDAYBAIAATASAwQCVXPUAwQCXbFYAwQBuddKMBQEAgACMA4DBQMq
CbUAAwUDKg2yQDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDNLgwDQYJKoZIhvcN
AQELBQADggEBAF+Fre6v4fdCeCtqnIOWAn8fkA4yi/rJOV6NFV/T7l0HCYv/P2NK
gA14zVU2mMnH/MegkL1KiBiEx8e+wjPnOtSGGoeiypCbcYpBUyVMnHFDXEAsDY72
WyiOwlW3CzvaS0BqdjoTFbtWENOm1Y7f+FgbqRSOWTy7E21Zw1oTWg/S6GwzgfTs
M7cVqMTqkq6FDhbz6VALwVpUZ6/TrH8z5IoBP+jYSDgNRGUas44Zy4aeN0JBX6pt
iPlZWC9R7TCfaxLf99RPhoxH2CZyc/qpTr3ZPR3IZpUAsw8ykXBEVFRq7XgDhDUS
D/y4SL5A580EU4gVAylxTycOIAb2EqsZNGA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 08:47:38 2024 by rpki-client on console-fra.rpki-client.org