Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OWTN7uNGEWy5ZBukgA9VuZBtw6U.cer
File:                     OWTN7uNGEWy5ZBukgA9VuZBtw6U.cer (raw, json)
Hash identifier:          vqehHZa/l1Tmy8cugIOyS0jrm5M/uaN7A/mKHiX3xzU=
Subject key identifier:   39:64:CD:EE:E3:46:11:6C:B9:64:1B:A4:80:0F:55:B9:90:6D:C3:A5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018DC1359B9C4872E0359A0807380BA0D332
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/54/a018a7-6b5c-4239-89b7-2a0247fbb6d5/1/OWTN7uNGEWy5ZBukgA9VuZBtw6U.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/54/a018a7-6b5c-4239-89b7-2a0247fbb6d5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 19 Feb 2024 11:52:12 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215574
                          IP: 2001:67c:ddc::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c1:35:9b:9c:48:72:e0:35:9a:08:07:38:0b:a0:d3:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 19 11:52:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3964cdeee346116cb9641ba4800f55b9906dc3a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9c:6e:74:d6:29:1e:54:49:bc:70:72:55:3a:
                    3e:1e:12:cd:24:11:c7:33:d3:ec:4c:f3:9f:41:03:
                    9d:f3:f5:a2:c3:62:c1:71:b7:71:ec:88:55:17:ee:
                    e5:89:04:72:22:21:e9:0a:ca:c2:c6:88:9d:7f:b4:
                    68:93:5e:46:3b:a3:38:29:78:62:7e:79:bd:71:67:
                    5f:7b:af:b6:5e:8a:ff:cb:c9:3c:47:ce:d7:22:39:
                    9d:ae:9c:c3:e3:08:0f:3a:9a:22:65:38:9d:9c:59:
                    98:5c:70:71:98:23:55:f8:ff:25:b5:67:46:63:c3:
                    f4:8e:64:c4:64:84:fc:0a:50:42:0d:23:38:f6:53:
                    90:20:45:a0:57:1d:f4:0c:a9:4d:75:12:fc:99:6f:
                    13:ca:21:4c:a2:4c:41:96:52:af:95:4c:0f:7a:d6:
                    d1:59:aa:88:cd:ea:61:5c:5a:d5:5d:3c:8f:d5:99:
                    1f:83:2a:aa:1b:ae:6a:03:01:76:0c:23:6f:03:9b:
                    12:7d:84:2e:b6:71:13:fb:64:2c:86:a9:10:9e:cb:
                    c8:72:8a:51:21:84:78:ca:f9:41:c7:7c:6c:e2:6e:
                    a5:13:7b:cb:b6:3e:12:ed:a8:21:8a:f2:d6:34:31:
                    33:1f:4b:31:b4:37:f5:20:49:c6:b7:b3:c9:29:fd:
                    78:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:64:CD:EE:E3:46:11:6C:B9:64:1B:A4:80:0F:55:B9:90:6D:C3:A5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a018a7-6b5c-4239-89b7-2a0247fbb6d5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a018a7-6b5c-4239-89b7-2a0247fbb6d5/1/OWTN7uNGEWy5ZBukgA9VuZBtw6U.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:ddc::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215574

    Signature Algorithm: sha256WithRSAEncryption
         ac:96:a4:f9:be:77:e9:40:46:ff:7e:e7:51:89:fd:55:80:4d:
         b4:a7:c5:81:cd:1f:bd:17:74:06:75:b2:0c:1b:93:e9:b3:63:
         d0:8a:3e:b6:17:fd:92:bd:0e:10:aa:e9:a1:74:47:ff:c2:61:
         cf:e8:e0:49:28:4b:62:f6:2b:59:e0:6c:7f:2e:73:e9:ec:fd:
         36:37:8a:cd:35:da:c2:c5:3c:02:74:a7:59:c5:83:16:54:0c:
         5f:4b:5c:fc:70:87:69:22:ad:a1:48:56:31:44:59:99:56:00:
         40:b9:d3:15:1c:56:10:67:ca:1f:7c:cf:07:79:a1:69:90:1c:
         ec:1f:e6:1d:78:5b:47:f4:65:18:fb:cb:84:67:2e:46:37:13:
         f6:b7:0c:17:eb:d1:3e:c4:40:c8:13:78:5d:04:e5:5f:9c:18:
         8f:d3:1b:13:4f:ac:d2:79:c8:f5:fe:aa:a0:28:1a:d5:dc:f0:
         d0:c2:5d:92:a9:b1:dc:8d:27:be:01:9f:88:cf:33:cf:fe:e6:
         a8:75:09:c6:b3:cc:a1:ce:34:1a:bc:2f:2e:2e:0c:56:54:ed:
         5e:fe:7b:28:2d:c4:97:52:7d:ed:c9:48:82:b9:df:39:88:07:
         56:38:5f:68:e6:e5:ff:aa:f1:e6:fb:b7:c7:3c:e8:d9:a7:26:
         4b:9a:f3:a9
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY3BNZucSHLgNZoIBzgLoNMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjE5MTE1MjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY0Y2RlZWUzNDYxMTZjYjk2NDFiYTQ4MDBmNTViOTkwNmRjM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZxudNYpHlRJvHByVTo+HhLNJBHH
M9PsTPOfQQOd8/Wiw2LBcbdx7IhVF+7liQRyIiHpCsrCxoidf7Rok15GO6M4KXhi
fnm9cWdfe6+2Xor/y8k8R87XIjmdrpzD4wgPOpoiZTidnFmYXHBxmCNV+P8ltWdG
Y8P0jmTEZIT8ClBCDSM49lOQIEWgVx30DKlNdRL8mW8TyiFMokxBllKvlUwPetbR
WaqIzephXFrVXTyP1ZkfgyqqG65qAwF2DCNvA5sSfYQutnET+2QshqkQnsvIcopR
IYR4yvlBx3xs4m6lE3vLtj4S7aghivLWNDEzH0sxtDf1IEnGt7PJKf143QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFDlkze7jRhFsuWQbpIAPVbmQbcOlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0L2EwMThh
Ny02YjVjLTQyMzktODliNy0yYTAyNDdmYmI2ZDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvYTAxOGE3
LTZiNWMtNDIzOS04OWI3LTJhMDI0N2ZiYjZkNS8xL09XVE43dU5HRVd5NVpCdWtn
QTlWdVpCdHc2VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA3cMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwNKFjANBgkqhkiG9w0BAQsFAAOCAQEArJak+b536UBG/37nUYn9VYBNtKfF
gc0fvRd0BnWyDBuT6bNj0Io+thf9kr0OEKrpoXRH/8Jhz+jgSShLYvYrWeBsfy5z
6ez9NjeKzTXawsU8AnSnWcWDFlQMX0tc/HCHaSKtoUhWMURZmVYAQLnTFRxWEGfK
H3zPB3mhaZAc7B/mHXhbR/RlGPvLhGcuRjcT9rcMF+vRPsRAyBN4XQTlX5wYj9Mb
E0+s0nnI9f6qoCga1dzw0MJdkqmx3I0nvgGfiM8zz/7mqHUJxrPMoc40GrwvLi4M
VlTtXv57KC3El1J97clIgrnfOYgHVjhfaObl/6rx5vu3xzzo2acmS5rzqQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:08:11 2024 by rpki-client on console-fra.rpki-client.org