Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
File:                     QKJJ6t6yqSj-DC51yRgki1oaKLk.cer (raw, json)
Hash identifier:          oXyNfecjhvkI5n8OsFZ2MM2wRMf7P+P3veF6Mq6O9x4=
Subject key identifier:   40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B6A0DBD953EBA75BB1B0E311D963C0
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/QKJJ6t6yqSj-DC51yRgki1oaKLk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:35 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 29259
                          IP: 83.170.0.0/18
                          IP: 84.11.0.0/16
                          IP: 195.158.212.0/22
                          IP: 2001:1b10::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:a0:db:d9:53:eb:a7:5b:b1:b0:e3:11:d9:63:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:53:2b:b8:36:bc:cd:2d:ca:f3:fd:c1:52:59:
                    89:b2:95:b9:fe:57:e7:4f:63:54:cd:f2:21:21:e4:
                    2c:c1:a0:0a:c5:5d:25:f5:32:c7:cc:23:a4:df:e1:
                    2e:2e:83:8a:dc:2f:82:f2:2c:0e:38:ba:df:e0:f8:
                    f7:6a:55:42:a8:ab:71:97:c5:58:7a:67:da:f0:7f:
                    f3:9a:fd:4c:51:7f:96:11:95:cf:e3:5e:37:27:51:
                    ca:ac:f2:4a:a4:ef:1a:41:ff:bb:7b:55:7a:d2:4a:
                    66:10:c9:41:06:6a:48:c0:18:71:2f:ad:c2:8a:33:
                    60:13:cf:0a:05:f9:16:46:17:8d:3c:93:3e:d9:44:
                    62:ad:74:1d:f6:8e:64:e5:17:86:c8:fb:80:fb:d8:
                    9f:dd:a6:e1:ec:39:af:2a:2b:b1:6d:19:60:85:a5:
                    23:cb:8d:5f:0a:1d:37:00:5f:1e:00:c5:c9:c3:15:
                    76:59:a4:4d:1b:75:53:6b:0a:28:f8:38:10:9b:8f:
                    19:8f:82:40:92:4e:1d:f8:e8:07:01:91:6b:c1:43:
                    d0:48:8e:4f:de:3b:c2:05:82:a0:44:4a:d8:d7:dd:
                    3d:83:63:d0:34:da:14:50:44:90:b1:6c:9e:8d:d5:
                    83:af:5f:8d:bb:d3:85:e0:e4:c5:94:1e:83:84:1f:
                    94:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/QKJJ6t6yqSj-DC51yRgki1oaKLk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.170.0.0/18
                  84.11.0.0/16
                  195.158.212.0/22
                IPv6:
                  2001:1b10::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  29259

    Signature Algorithm: sha256WithRSAEncryption
         a3:4d:f1:be:49:93:ad:06:f3:26:14:e8:02:c2:9e:a7:3c:d1:
         c6:d4:da:06:8b:0c:3a:6a:34:de:fe:aa:93:b0:5b:26:42:64:
         6c:64:d8:8f:2b:74:fd:dc:9c:9d:ca:4f:d8:84:48:9f:23:43:
         ba:7b:50:a2:3b:fb:77:b5:14:d1:3e:42:2e:eb:a7:d9:97:b7:
         ba:dc:46:2b:8a:89:c4:75:c3:9a:ae:92:6f:3c:8c:53:da:61:
         50:37:49:3c:28:8a:26:ca:8e:e0:22:33:8d:6e:99:1f:1e:2a:
         ba:2b:13:e9:61:00:c2:05:44:7d:48:b4:4b:17:5d:bd:c4:7d:
         c1:b9:f0:e4:2d:41:86:f3:2f:22:56:4c:c2:db:f9:8e:45:64:
         ad:40:5c:02:11:c3:8d:9a:b6:ed:b7:28:0f:fa:4f:db:f6:d2:
         c7:1c:fb:90:6f:b6:06:cb:15:af:d0:a4:ef:96:da:1f:0c:99:
         b4:0a:97:c9:89:4b:26:7e:9f:9d:53:92:52:a4:d6:2b:84:58:
         a6:88:06:c3:a7:e1:ee:05:34:6a:95:24:5a:9f:c1:d2:5c:9f:
         da:b0:c5:55:5b:76:ad:d8:25:82:a9:0e:f4:7a:44:56:00:c8:
         52:1d:8f:3f:c2:63:a3:b0:7e:b7:d0:3d:e1:69:4c:07:b6:54:
         9f:5f:2f:30
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYzDtqDb2VPrp1uxsOMR2WPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGEyNDllYWRlYjJhOTI4ZmUwYzJlNzVjOTE4MjQ4YjVhMWEyOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFMruDa8zS3K8/3BUlmJspW5/lfn
T2NUzfIhIeQswaAKxV0l9TLHzCOk3+EuLoOK3C+C8iwOOLrf4Pj3alVCqKtxl8VY
emfa8H/zmv1MUX+WEZXP4143J1HKrPJKpO8aQf+7e1V60kpmEMlBBmpIwBhxL63C
ijNgE88KBfkWRheNPJM+2URirXQd9o5k5ReGyPuA+9if3abh7DmvKiuxbRlghaUj
y41fCh03AF8eAMXJwxV2WaRNG3VTawoo+DgQm48Zj4JAkk4d+OgHAZFrwUPQSI5P
3jvCBYKgRErY1909g2PQNNoUUESQsWyejdWDr1+Nu9OF4OTFlB6DhB+UKwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFECiSeresqko/gwudckYJItaGii5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM4L2FlNTQ4
OC0xMTlkLTQwYWEtYWU0MC04MzMwZTdlMzJlMTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgvYWU1NDg4
LTExOWQtNDBhYS1hZTQwLTgzMzBlN2UzMmUxOS8xL1FLSko2dDZ5cVNqLURDNTF5
UmdraTFvYUtMay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUF
BwEHAQH/BCowKDAXBAIAATARAwQGU6oAAwMAVAsDBALDntQwDQQCAAIwBwMFACAB
GxAwGQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICckswDQYJKoZIhvcNAQELBQADggEB
AKNN8b5Jk60G8yYU6ALCnqc80cbU2gaLDDpqNN7+qpOwWyZCZGxk2I8rdP3cnJ3K
T9iESJ8jQ7p7UKI7+3e1FNE+Qi7rp9mXt7rcRiuKicR1w5qukm88jFPaYVA3STwo
iibKjuAiM41umR8eKrorE+lhAMIFRH1ItEsXXb3EfcG58OQtQYbzLyJWTMLb+Y5F
ZK1AXAIRw42atu23KA/6T9v20scc+5BvtgbLFa/QpO+W2h8MmbQKl8mJSyZ+n51T
klKk1iuEWKaIBsOn4e4FNGqVJFqfwdJcn9qwxVVbdq3YJYKpDvR6RFYAyFIdjz/C
Y6OwfrfQPeFpTAe2VJ9fLzA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:49:53 2024 by rpki-client on console-ams.rpki-client.org