Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
File:                     Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer (raw, json)
Hash identifier:          ERLVA1v+DnrOoc39K/S18QXkOR+htJT+iHG5MAPWjPY=
Subject key identifier:   42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA99E994B6124507CC85046946195584
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 14:35:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 35145
                          IP: 5.181.224.0/22
                          IP: 194.53.200.0/22
                          IP: 194.61.236.0/22
                          IP: 2a0e:800::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:e9:94:b6:12:45:07:cc:85:04:69:46:19:55:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:35:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:58:e4:8b:2a:c9:e6:14:67:4a:fd:8d:30:ed:
                    eb:e5:11:73:86:35:13:e2:25:43:15:21:19:f2:69:
                    bd:72:da:4b:51:f5:e4:a1:58:07:52:74:d8:db:d3:
                    f4:43:c2:67:20:1c:78:be:82:21:5c:70:90:30:34:
                    b8:10:b3:b8:1f:d0:91:bc:b4:8a:0a:58:b7:bd:42:
                    ec:37:8c:b3:17:68:55:b2:f8:d3:ad:53:79:b2:7e:
                    23:5f:1b:7e:c3:af:4b:24:e2:91:a1:98:4c:a5:bb:
                    77:ba:27:39:a8:55:76:c3:2e:5e:7e:ba:e3:e2:68:
                    5a:7a:ae:59:e7:9d:46:08:b2:34:5d:92:ce:34:14:
                    ba:5b:2f:82:6a:d8:8a:e1:03:5b:97:57:df:6d:2b:
                    5b:06:2a:8d:0c:12:eb:39:c9:b1:d4:1c:cd:22:61:
                    71:a7:1d:43:fe:80:d4:ae:3b:1d:d0:40:bd:fc:79:
                    3f:78:f7:49:4c:77:7f:4b:ed:86:bc:d2:86:36:29:
                    b8:22:be:40:b8:89:3c:c9:b8:96:7c:96:0b:64:d6:
                    27:7b:56:24:76:51:30:a5:10:68:a0:bf:72:09:9f:
                    fa:be:d7:95:85:3e:1c:67:91:8b:88:09:65:8c:16:
                    23:0b:63:e1:95:20:5f:63:1f:dd:d6:ef:2e:8b:2f:
                    b7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.224.0/22
                  194.53.200.0/22
                  194.61.236.0/22
                IPv6:
                  2a0e:800::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  35145

    Signature Algorithm: sha256WithRSAEncryption
         a1:31:a3:88:dc:dc:9b:63:bc:01:a0:91:74:59:ab:be:86:bc:
         d2:3e:60:99:33:ab:45:b4:10:4e:aa:a4:39:70:30:05:3f:15:
         06:c1:0b:62:70:74:e9:65:b9:e9:c0:07:34:d7:0c:85:63:7b:
         68:4a:50:6c:09:dc:d0:a0:ce:00:e9:c7:31:c0:6a:c0:53:1e:
         18:19:6a:e2:ee:fa:64:60:d3:28:77:18:24:91:19:19:48:8d:
         07:e2:b3:57:b8:48:23:f4:fd:29:42:d9:f7:97:1a:c1:d5:11:
         f0:b1:c5:0e:12:8f:79:41:93:13:64:6c:89:c4:92:0b:52:c2:
         41:58:8c:22:7c:6e:69:b5:b4:26:b6:46:2b:4b:5b:e1:57:5e:
         c5:0f:74:26:7f:70:24:05:ef:70:ba:2d:e0:ab:ba:1f:0d:4b:
         42:5b:e6:f8:62:fd:b7:a8:64:21:50:06:0a:71:7e:2b:61:d5:
         b8:33:5b:ad:af:8a:81:c5:11:3c:20:71:21:87:9f:79:1d:08:
         b2:03:fd:86:5a:3d:b9:11:d5:46:00:fb:97:16:26:c4:03:93:
         22:f9:cb:70:1f:fe:57:9f:c3:0a:3f:ab:38:ec:4e:d9:7f:10:
         bc:d5:93:a1:f3:09:54:f4:c2:2e:c7:c4:4b:1f:e1:fc:d5:0d:
         c8:06:c4:0a
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzKmemUthJFB8yFBGlGGVWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmNlNzU5MzIwMTk1YjljYzE4Y2NmY2IxYjUzMmFlYTk0OTI1OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArljkiyrJ5hRnSv2NMO3r5RFzhjUT
4iVDFSEZ8mm9ctpLUfXkoVgHUnTY29P0Q8JnIBx4voIhXHCQMDS4ELO4H9CRvLSK
Cli3vULsN4yzF2hVsvjTrVN5sn4jXxt+w69LJOKRoZhMpbt3uic5qFV2wy5efrrj
4mhaeq5Z551GCLI0XZLONBS6Wy+CatiK4QNbl1ffbStbBiqNDBLrOcmx1BzNImFx
px1D/oDUrjsd0EC9/Hk/ePdJTHd/S+2GvNKGNim4Ir5AuIk8ybiWfJYLZNYne1Yk
dlEwpRBooL9yCZ/6vteVhT4cZ5GLiAlljBYjC2PhlSBfYx/d1u8uiy+3lwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFELOdZMgGVucwYzPyxtTKuqUkljxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI0L2E1MjA0
OC0xMmNhLTRhMDMtOTViZS02OTc5NDhlYTcxZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQvYTUyMDQ4
LTEyY2EtNGEwMy05NWJlLTY5Nzk0OGVhNzFmNS8xL1FzNTFreUFaVzV6QmpNX0xH
MU1xNnBTU1dQRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCBbXgAwQCwjXIAwQCwj3sMA0EAgACMAcDBQMq
DggAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJSTANBgkqhkiG9w0BAQsFAAOC
AQEAoTGjiNzcm2O8AaCRdFmrvoa80j5gmTOrRbQQTqqkOXAwBT8VBsELYnB06WW5
6cAHNNcMhWN7aEpQbAnc0KDOAOnHMcBqwFMeGBlq4u76ZGDTKHcYJJEZGUiNB+Kz
V7hII/T9KULZ95cawdUR8LHFDhKPeUGTE2RsicSSC1LCQViMInxuabW0JrZGK0tb
4VdexQ90Jn9wJAXvcLot4Ku6Hw1LQlvm+GL9t6hkIVAGCnF+K2HVuDNbra+KgcUR
PCBxIYefeR0IsgP9hlo9uRHVRgD7lxYmxAOTIvnLcB/+V5/DCj+rOOxO2X8QvNWT
ofMJVPTCLsfESx/h/NUNyAbECg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:36:17 2024 by rpki-client on console-ams.rpki-client.org