Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RkXJxY1aSZm13OngcNMvSI4zH1I.cer
File:                     RkXJxY1aSZm13OngcNMvSI4zH1I.cer (raw, json)
Hash identifier:          syQQfdJ2r0CSSS6QBDjGcIEvzb0Z4IsW9o1M9lIcHlM=
Subject key identifier:   46:45:C9:C5:8D:5A:49:99:B5:DC:E9:E0:70:D3:2F:48:8E:33:1F:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019026B816D0F114D3CCA458C4CF25B4F5C0
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/RkXJxY1aSZm13OngcNMvSI4zH1I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 17 Jun 2024 15:01:57 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215160
                          IP: 185.18.224.0/23
                          IP: 2a14:3540::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:26:b8:16:d0:f1:14:d3:cc:a4:58:c4:cf:25:b4:f5:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 17 15:01:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4645c9c58d5a4999b5dce9e070d32f488e331f52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:71:7a:b6:d7:36:b8:01:7c:eb:70:d8:d0:23:
                    68:2f:6f:eb:c0:72:df:fa:40:18:d5:c5:1f:f2:95:
                    05:03:69:0f:09:27:b3:4a:fb:f7:96:ed:73:0e:04:
                    84:62:86:61:03:26:7a:fc:25:82:a8:05:f8:58:2e:
                    d9:c2:d3:2f:2c:6d:95:fe:6b:b0:b8:64:92:49:08:
                    35:a5:c5:79:ad:8e:dd:bb:92:db:96:07:d1:af:4d:
                    21:10:ac:fb:2f:f9:a2:b4:17:b4:db:64:60:6d:cf:
                    79:00:35:dd:07:db:6e:36:77:6a:e9:f0:10:fa:8d:
                    10:c4:81:90:9d:bf:23:ac:c6:7b:02:10:3f:4a:21:
                    f8:03:e7:49:4b:6d:55:85:45:37:8a:53:1a:e2:72:
                    c2:3b:c1:d1:d4:7f:a3:57:0d:71:e6:69:4b:6a:4d:
                    47:16:0c:c6:b7:f7:72:4a:5b:66:96:41:cd:ff:58:
                    00:c9:c8:21:65:22:e2:c6:b8:04:13:0a:f2:1d:0f:
                    ce:95:fe:8f:61:52:31:07:72:a5:cb:97:7b:1c:9a:
                    8c:47:c1:2a:44:f6:75:b9:2e:06:c0:1d:b7:3e:88:
                    b2:64:8e:22:8e:d6:82:af:ca:26:df:2e:47:91:fe:
                    04:c9:a4:2a:0e:f4:97:51:b2:2b:e2:0b:30:3d:0d:
                    e0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:45:C9:C5:8D:5A:49:99:B5:DC:E9:E0:70:D3:2F:48:8E:33:1F:52
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/RkXJxY1aSZm13OngcNMvSI4zH1I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.224.0/23
                IPv6:
                  2a14:3540::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215160

    Signature Algorithm: sha256WithRSAEncryption
         86:35:36:45:df:76:85:fe:31:ad:b4:61:61:8d:fa:9b:ad:97:
         92:57:82:97:95:75:cd:54:11:be:72:d9:64:83:e2:7d:2c:07:
         08:12:2a:3c:fc:41:56:e4:56:3b:d5:16:f0:10:fd:7c:2e:67:
         cf:5f:02:e1:1f:54:ca:64:a0:63:ef:60:8f:13:f0:2a:0d:8f:
         5e:97:ba:9e:db:74:f1:50:8f:8c:82:86:37:92:fd:4e:ed:49:
         8f:d2:c8:e6:f1:7e:af:ee:cd:a3:18:0f:ba:65:60:b3:d1:9d:
         04:0e:ae:3d:a9:9a:61:d4:b8:86:37:ab:5a:fc:f2:03:a5:01:
         34:9c:2d:45:a8:7f:20:a8:04:e0:e5:fe:13:aa:15:6e:4a:f0:
         0b:28:db:92:d0:10:40:ed:8d:dd:2a:f7:3b:a6:39:4e:85:e7:
         36:3b:8b:c2:13:08:c4:c9:d8:34:38:56:b8:2d:fb:62:f2:c4:
         ae:95:2f:ec:b3:5a:29:53:58:d2:ab:c0:d0:f2:bc:a4:47:9b:
         29:f5:59:f9:e2:4f:8a:fe:1e:43:45:de:37:6f:74:76:31:8c:
         1e:50:db:db:91:2a:92:5c:b2:b8:ce:ec:b1:d9:28:ee:6a:2f:
         f5:4b:15:9b:ed:23:68:11:3b:5a:b8:1c:af:ec:cc:d3:ae:bf:
         55:5f:15:dd
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZAmuBbQ8RTTzKRYxM8ltPXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjE3MTUwMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQ1YzljNThkNWE0OTk5YjVkY2U5ZTA3MGQzMmY0ODhlMzMxZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHF6ttc2uAF863DY0CNoL2/rwHLf
+kAY1cUf8pUFA2kPCSezSvv3lu1zDgSEYoZhAyZ6/CWCqAX4WC7ZwtMvLG2V/muw
uGSSSQg1pcV5rY7du5LblgfRr00hEKz7L/mitBe022Rgbc95ADXdB9tuNndq6fAQ
+o0QxIGQnb8jrMZ7AhA/SiH4A+dJS21VhUU3ilMa4nLCO8HR1H+jVw1x5mlLak1H
FgzGt/dySltmlkHN/1gAycghZSLixrgEEwryHQ/Olf6PYVIxB3Kly5d7HJqMR8Eq
RPZ1uS4GwB23PoiyZI4ijtaCr8om3y5Hkf4EyaQqDvSXUbIr4gswPQ3gfwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEZFycWNWkmZtdzp4HDTL0iOMx9SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzZjNTMz
MS1kYzFiLTRmOGMtOWQzZC0yOGJmMWQzM2FhOTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvNmM1MzMx
LWRjMWItNGY4Yy05ZDNkLTI4YmYxZDMzYWE5MC8xL1JrWEp4WTFhU1ptMTNPbmdj
Tk12U0k0ekgxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQBuRLgMA0EAgACMAcDBQAqFDVAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNIeDANBgkqhkiG9w0BAQsFAAOCAQEAhjU2Rd92hf4x
rbRhYY36m62XkleCl5V1zVQRvnLZZIPifSwHCBIqPPxBVuRWO9UW8BD9fC5nz18C
4R9UymSgY+9gjxPwKg2PXpe6ntt08VCPjIKGN5L9Tu1Jj9LI5vF+r+7NoxgPumVg
s9GdBA6uPamaYdS4hjerWvzyA6UBNJwtRah/IKgE4OX+E6oVbkrwCyjbktAQQO2N
3Sr3O6Y5ToXnNjuLwhMIxMnYNDhWuC37YvLErpUv7LNaKVNY0qvA0PK8pEebKfVZ
+eJPiv4eQ0XeN290djGMHlDb25EqklyyuM7ssdko7mov9UsVm+0jaBE7Wrgcr+zM
066/VV8V3Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:12:58 2024 by rpki-client on console-fra.rpki-client.org