Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
File:                     PZijti1aux3K9oriP1Me6CJA8gM.cer (raw, json)
Hash identifier:          waDy2oPZ+r5PUIZ6ujKoBN+VKI+OfEoZ8whnpVpiDC0=
Subject key identifier:   3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC802DCA9EE3324206204992061337F0B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:31:19 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 210860
                          IP: 193.20.0.0/15
                          IP: 2a12:ee40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:dc:a9:ee:33:24:20:62:04:99:20:61:33:7f:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:31:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:8c:3c:f4:f4:db:fc:29:22:93:13:5a:dd:09:
                    49:23:06:f1:24:cf:74:a3:a2:e9:23:4d:ce:36:55:
                    32:b1:5d:92:92:10:40:44:f3:63:16:3c:f5:16:bb:
                    6f:67:a1:88:cd:5a:af:4d:aa:21:ca:7d:6c:9e:27:
                    8c:4a:15:c9:16:54:c1:df:a5:84:78:58:55:52:66:
                    0b:94:b9:90:19:ca:88:7a:36:95:05:54:02:0f:47:
                    3a:c0:d6:2e:eb:66:26:1d:2b:04:56:23:7e:62:4c:
                    7a:7f:2e:b1:c1:be:99:ce:4f:d5:f2:d5:66:f2:b2:
                    5d:98:70:eb:c6:ff:5c:a4:fb:f8:ee:e0:1c:9d:09:
                    00:68:ef:86:bf:03:79:b0:c3:0d:40:75:ef:51:88:
                    57:d3:73:39:d3:19:50:a1:a5:53:28:36:11:03:b4:
                    a2:29:c4:41:22:1b:9c:cd:ef:aa:fe:88:66:71:a1:
                    c0:bb:12:2a:8d:c1:5b:64:cf:78:ec:9c:fa:39:d0:
                    b1:38:20:97:78:4e:74:0f:ec:a8:cc:68:e8:d7:90:
                    40:9e:9e:a4:c3:f4:9c:b7:f3:2a:14:f0:95:48:be:
                    2c:6b:35:cf:a0:1a:57:7b:86:2c:ed:70:af:37:57:
                    27:43:4e:af:b5:f5:90:76:26:df:6e:7c:20:44:da:
                    5c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.20.0.0/15
                IPv6:
                  2a12:ee40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210860

    Signature Algorithm: sha256WithRSAEncryption
         5f:75:de:82:a1:a4:8d:76:b4:b0:88:f1:04:dd:c0:7a:46:0a:
         ba:58:06:54:78:9c:73:ef:fe:0a:6d:ed:55:91:83:62:1c:f3:
         a4:84:9f:b3:b3:0f:94:1b:99:ef:75:00:8e:72:3b:eb:64:68:
         79:01:88:1e:20:e2:77:f9:69:f8:03:b3:57:f8:42:a8:30:33:
         ae:31:6c:7c:a7:a3:3f:9d:a4:e4:22:b0:74:c5:78:05:68:1c:
         bb:2d:94:22:13:b2:0d:76:2e:03:8f:e3:7f:a5:3e:b5:b4:cc:
         1a:aa:d8:4c:1d:4c:17:33:6a:9a:23:db:92:15:b6:59:dc:e0:
         dd:86:3a:94:e0:72:10:50:cc:17:0d:d9:e2:f0:fe:f2:7b:8c:
         70:6e:2c:d6:d4:6b:eb:fb:f8:3f:51:a3:8a:be:88:01:b1:d8:
         77:23:7d:e7:fd:01:64:fe:56:e9:68:1c:e4:2b:84:05:a5:a2:
         77:4c:dc:ca:a5:1f:93:37:3c:ed:c0:58:0b:9c:72:d2:4c:e6:
         e8:52:ac:c0:fa:87:91:19:ad:57:11:61:b9:5d:f4:9c:5f:dc:
         87:9a:8b:fe:fe:de:dd:a0:0d:f6:31:33:f6:fd:7e:2f:4b:a3:
         df:49:a3:d6:3f:5b:be:65:bd:10:ee:84:7f:1d:4f:f9:d1:03:
         6c:f2:f7:5e
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzIAtyp7jMkIGIEmSBhM38LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk4YTNiNjJkNWFiYjFkY2FmNjhhZTIzZjUzMWVlODIyNDBmMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Yw89PTb/CkikxNa3QlJIwbxJM90
o6LpI03ONlUysV2SkhBARPNjFjz1FrtvZ6GIzVqvTaohyn1snieMShXJFlTB36WE
eFhVUmYLlLmQGcqIejaVBVQCD0c6wNYu62YmHSsEViN+Ykx6fy6xwb6Zzk/V8tVm
8rJdmHDrxv9cpPv47uAcnQkAaO+GvwN5sMMNQHXvUYhX03M50xlQoaVTKDYRA7Si
KcRBIhucze+q/ohmcaHAuxIqjcFbZM947Jz6OdCxOCCXeE50D+yozGjo15BAnp6k
w/Sct/MqFPCVSL4sazXPoBpXe4Ys7XCvN1cnQ06vtfWQdibfbnwgRNpcHwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFD2Yo7YtWrsdyvaK4j9THugiQPIDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxL2FjNWZk
Zi01YjY2LTQ4NTAtOTYzYS1mOWI3M2IzZTNlZWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvYWM1ZmRm
LTViNjYtNDg1MC05NjNhLWY5YjczYjNlM2VlZS8xL1BaaWp0aTFhdXgzSzlvcmlQ
MU1lNkNKQThnTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUF
BwEHAQH/BB4wHDALBAIAATAFAwMBwRQwDQQCAAIwBwMFAyoS7kAwGgYIKwYBBQUH
AQgBAf8ECzAJoAcwBQIDAzesMA0GCSqGSIb3DQEBCwUAA4IBAQBfdd6CoaSNdrSw
iPEE3cB6Rgq6WAZUeJxz7/4Kbe1VkYNiHPOkhJ+zsw+UG5nvdQCOcjvrZGh5AYge
IOJ3+Wn4A7NX+EKoMDOuMWx8p6M/naTkIrB0xXgFaBy7LZQiE7INdi4Dj+N/pT61
tMwaqthMHUwXM2qaI9uSFbZZ3ODdhjqU4HIQUMwXDdni8P7ye4xwbizW1Gvr+/g/
UaOKvogBsdh3I33n/QFk/lbpaBzkK4QFpaJ3TNzKpR+TNzztwFgLnHLSTOboUqzA
+oeRGa1XEWG5XfScX9yHmov+/t7doA32MTP2/X4vS6PfSaPWP1u+Zb0Q7oR/HU/5
0QNs8vde
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:08:25 2024 by rpki-client on console-fra.rpki-client.org