Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.cer (raw, json)
Hash identifier:          7VUoup8pietXoopwawQBkLgprD+Ee8gdoSSIJh5deZ0=
Subject key identifier:   44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01907322EDC94F7A7D6364AD136249E79796
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jul 2024 11:09:47 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216345

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:73:22:ed:c9:4f:7a:7d:63:64:ad:13:62:49:e7:97:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul  2 11:09:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=44dbe3626a76b04a120889704958863d42632f0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:51:e1:3c:d9:bd:b9:3c:1a:0e:ce:00:d4:84:
                    24:33:37:b6:2f:b3:29:b2:37:78:49:5c:41:1e:7c:
                    6f:72:e0:27:4c:4f:b2:1d:b9:18:2d:95:7c:9e:a8:
                    26:28:39:8d:0f:a9:f0:9c:33:fa:20:b8:98:e9:a4:
                    71:44:07:fc:cb:02:3c:ea:ab:09:03:25:5a:6c:70:
                    ad:a7:f2:d7:a6:ac:c2:85:17:2c:cd:ba:60:fd:0b:
                    24:f1:71:b0:7b:9d:af:90:09:2e:21:33:5c:e8:a6:
                    dd:48:aa:56:7f:51:cc:7d:0a:90:05:4e:e6:a8:aa:
                    59:64:50:a8:f2:f7:57:98:b5:2a:74:2a:0f:8c:02:
                    43:de:4e:2f:76:6f:06:41:24:d9:5c:9a:f9:19:bf:
                    5f:50:14:17:29:74:78:ea:ff:08:6c:2b:2f:eb:53:
                    5b:60:4d:fe:de:92:0b:3b:3b:7d:32:5d:a4:71:66:
                    ad:df:78:78:e3:4b:13:c5:15:51:fe:14:31:ff:4c:
                    13:4a:e8:2b:40:39:11:24:c4:a1:ee:07:86:1a:4e:
                    ea:a2:95:db:9c:58:10:c3:19:02:9a:3d:99:93:0d:
                    61:53:eb:72:20:9b:e0:93:d7:45:a9:bb:ce:6b:25:
                    79:07:07:77:fa:90:cd:4a:e5:ac:49:92:48:76:bd:
                    4a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216345

    Signature Algorithm: sha256WithRSAEncryption
         4d:68:b6:8f:c5:d6:4e:da:43:fe:b5:74:d5:c6:70:43:43:19:
         c6:82:e7:11:1c:71:a2:e6:a6:60:e4:83:df:ad:d1:b3:96:e3:
         8f:e7:e6:02:12:3a:e7:69:67:85:f4:28:5b:23:46:83:1d:c4:
         55:81:2f:f3:e2:8c:3c:cf:6a:19:f4:32:a4:b0:19:86:b6:a2:
         f9:4e:ec:f4:19:7a:0e:b6:0f:3b:1e:28:ad:49:9a:b9:57:5d:
         b2:0c:1c:cc:0a:51:8f:2f:45:f7:50:c0:e9:2e:95:a0:fe:08:
         86:82:91:f8:b1:02:38:a2:ec:d9:3b:9d:e0:ba:0e:6f:94:da:
         9c:b8:05:80:2c:16:1b:ca:67:96:b2:f2:4a:67:bb:99:cc:d8:
         ac:5e:8c:12:13:fc:f0:ce:01:ee:0a:cd:67:7c:19:62:40:58:
         84:c8:f3:f9:0e:19:70:26:b9:73:db:67:ca:1d:79:b4:e0:33:
         05:32:b8:d2:3b:af:67:f8:3a:a2:42:c9:82:da:56:56:d1:a5:
         fd:b6:66:78:fe:cb:77:47:f7:b0:2e:dd:f7:08:bd:25:98:a4:
         21:39:a8:14:c7:67:12:37:bf:36:4c:a3:08:fc:09:76:0e:56:
         93:29:e2:ec:cb:b0:99:c7:b2:36:17:9d:e5:9f:7b:5a:5c:c3:
         62:b0:d9:1d
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZBzIu3JT3p9Y2StE2JJ55eWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNzAyMTEwOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGRiZTM2MjZhNzZiMDRhMTIwODg5NzA0OTU4ODYzZDQyNjMyZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VHhPNm9uTwaDs4A1IQkMze2L7Mp
sjd4SVxBHnxvcuAnTE+yHbkYLZV8nqgmKDmND6nwnDP6ILiY6aRxRAf8ywI86qsJ
AyVabHCtp/LXpqzChRcszbpg/Qsk8XGwe52vkAkuITNc6KbdSKpWf1HMfQqQBU7m
qKpZZFCo8vdXmLUqdCoPjAJD3k4vdm8GQSTZXJr5Gb9fUBQXKXR46v8IbCsv61Nb
YE3+3pILOzt9Ml2kcWat33h440sTxRVR/hQx/0wTSugrQDkRJMSh7geGGk7qopXb
nFgQwxkCmj2Zkw1hU+tyIJvgk9dFqbvOayV5Bwd3+pDNSuWsSZJIdr1KlwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFETb42JqdrBKEgiJcElYhj1CYy8PMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQwL2M4ZTQx
OS0wMzQ2LTQzM2YtOTMwOS1kZTgxZjlhZDc3OWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAvYzhlNDE5
LTAzNDYtNDMzZi05MzA5LWRlODFmOWFkNzc5Yy8xL1JOdmpZbXAyc0VvU0NJbHdT
VmlHUFVKakx3OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNNGTANBgkqhkiG9w0BAQsFAAOCAQEATWi2j8XWTtpD
/rV01cZwQ0MZxoLnERxxouamYOSD363Rs5bjj+fmAhI652lnhfQoWyNGgx3EVYEv
8+KMPM9qGfQypLAZhrai+U7s9Bl6DrYPOx4orUmauVddsgwczApRjy9F91DA6S6V
oP4IhoKR+LECOKLs2Tud4LoOb5TanLgFgCwWG8pnlrLySme7mczYrF6MEhP88M4B
7grNZ3wZYkBYhMjz+Q4ZcCa5c9tnyh15tOAzBTK40juvZ/g6okLJgtpWVtGl/bZm
eP7Ld0f3sC7d9wi9JZikITmoFMdnEje/NkyjCPwJdg5Wkyni7MuwmceyNhed5Z97
WlzDYrDZHQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:08:52 2024 by rpki-client on console-fra.rpki-client.org