Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Tx097mN940sTx0umz7TSBb5VYn4.cer
File:                     Tx097mN940sTx0umz7TSBb5VYn4.cer (raw, json)
Hash identifier:          7fT8yCJGvQcdSxsWpr2ZkoL1681yxUGtiJk0hz5cJoM=
Subject key identifier:   4F:1D:3D:EE:63:7D:E3:4B:13:C7:4B:A6:CF:B4:D2:05:BE:55:62:7E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B7092CF841351E25FD26F070B11CF1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ff/a1adf5-7642-4e90-a07e-1f1b24118d85/1/Tx097mN940sTx0umz7TSBb5VYn4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ff/a1adf5-7642-4e90-a07e-1f1b24118d85/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:30:01 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 39750
                          IP: 193.8.48.0 -- 193.8.53.255

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:09:2c:f8:41:35:1e:25:fd:26:f0:70:b1:1c:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:30:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4f1d3dee637de34b13c74ba6cfb4d205be55627e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:86:10:e5:9f:b5:cd:d7:18:fb:25:24:da:27:
                    4e:37:7e:ad:d1:a4:f0:33:d5:a6:20:0b:46:79:31:
                    b6:c8:d2:c8:17:69:8a:e0:06:67:62:50:10:3a:66:
                    5d:8c:84:0c:43:69:fb:6c:13:04:86:fe:48:72:c9:
                    b6:eb:35:bf:f9:de:f6:b0:7c:07:78:50:a0:40:0a:
                    2a:b2:9f:46:9d:fe:6d:4f:0c:cd:1b:46:2e:7f:c3:
                    c8:c0:76:b2:9d:f7:5b:17:b7:ff:f0:8b:3b:1a:3f:
                    99:de:c3:8e:dc:1f:1d:2d:c6:9c:35:7c:ab:d4:01:
                    70:98:ac:b1:b6:8a:ed:e8:30:f6:26:bb:8b:bb:59:
                    fb:2a:0c:e3:b9:61:35:57:d6:78:cf:c4:0c:ec:35:
                    78:1c:7d:16:4f:d1:f9:84:4c:fc:a9:f7:b0:62:ac:
                    99:80:b1:33:bf:20:95:5e:c1:d4:37:da:a9:79:c5:
                    8f:49:98:1a:16:92:1f:e7:2c:26:a4:74:cb:26:78:
                    ea:7d:10:06:85:19:73:f5:94:17:9f:32:b5:6d:8f:
                    d2:25:b8:95:1a:64:82:9b:23:89:e4:c2:b9:ad:4e:
                    12:5e:13:e3:06:62:85:ae:e9:5c:87:c3:6f:b7:1c:
                    31:47:8a:3d:5c:95:b4:89:b9:35:81:a8:f9:df:5d:
                    7c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:1D:3D:EE:63:7D:E3:4B:13:C7:4B:A6:CF:B4:D2:05:BE:55:62:7E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a1adf5-7642-4e90-a07e-1f1b24118d85/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a1adf5-7642-4e90-a07e-1f1b24118d85/1/Tx097mN940sTx0umz7TSBb5VYn4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.8.48.0-193.8.53.255

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  39750

    Signature Algorithm: sha256WithRSAEncryption
         58:12:ac:a6:67:9f:42:d9:a1:10:f6:96:6f:07:e9:49:dd:be:
         5e:d1:61:b1:ac:60:38:87:de:a1:28:c2:3c:a8:34:29:0c:81:
         32:41:54:fe:f3:95:60:05:8f:fc:c9:81:0f:01:90:f7:da:70:
         86:95:c1:04:5d:db:b1:66:17:67:31:4f:df:23:e4:f2:1c:2c:
         80:8d:72:23:3f:52:85:c7:33:db:9b:d9:6d:d4:e9:7c:3c:ea:
         c2:2a:51:34:b6:32:26:a2:72:79:82:41:bc:3b:07:f9:5a:39:
         76:c9:54:8d:93:b5:18:07:e2:8a:50:90:3a:90:54:23:44:1f:
         14:2f:1c:ae:a7:56:60:d7:27:98:3f:73:4b:6e:57:cd:bb:ee:
         5d:bc:42:2b:b3:d4:14:83:ce:0a:d5:85:f1:0c:f3:4f:b9:e2:
         83:8b:b4:96:83:49:09:c4:51:70:d4:2c:e2:a7:a4:18:8d:c6:
         61:90:f7:4c:53:a2:3a:e1:92:e8:11:1b:fc:df:ee:f2:36:88:
         13:4f:1d:e4:97:3d:a6:a4:cf:93:d8:28:4c:77:14:1b:83:64:
         ee:ad:22:cf:52:c8:62:e1:35:80:5d:3c:a6:68:fe:dc:5e:01:
         89:a2:00:c9:48:53:a2:b8:30:f6:a9:c3:54:65:f0:9f:80:59:
         af:f3:ba:dd
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYzDtwks+EE1HiX9JvBwsRzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFkM2RlZTYzN2RlMzRiMTNjNzRiYTZjZmI0ZDIwNWJlNTU2MjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IYQ5Z+1zdcY+yUk2idON36t0aTw
M9WmIAtGeTG2yNLIF2mK4AZnYlAQOmZdjIQMQ2n7bBMEhv5Icsm26zW/+d72sHwH
eFCgQAoqsp9Gnf5tTwzNG0Yuf8PIwHaynfdbF7f/8Is7Gj+Z3sOO3B8dLcacNXyr
1AFwmKyxtort6DD2JruLu1n7KgzjuWE1V9Z4z8QM7DV4HH0WT9H5hEz8qfewYqyZ
gLEzvyCVXsHUN9qpecWPSZgaFpIf5ywmpHTLJnjqfRAGhRlz9ZQXnzK1bY/SJbiV
GmSCmyOJ5MK5rU4SXhPjBmKFrulch8NvtxwxR4o9XJW0ibk1gaj53118kQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFE8dPe5jfeNLE8dLps+00gW+VWJ+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmL2ExYWRm
NS03NjQyLTRlOTAtYTA3ZS0xZjFiMjQxMThkODUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvYTFhZGY1
LTc2NDItNGU5MC1hMDdlLTFmMWIyNDExOGQ4NS8xL1R4MDk3bU45NDBzVHgwdW16
N1RTQmI1VlluNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF
BwEHAQH/BBgwFjAUBAIAATAOMAwDBATBCDADBAHBCDQwGgYIKwYBBQUHAQgBAf8E
CzAJoAcwBQIDAJtGMA0GCSqGSIb3DQEBCwUAA4IBAQBYEqymZ59C2aEQ9pZvB+lJ
3b5e0WGxrGA4h96hKMI8qDQpDIEyQVT+85VgBY/8yYEPAZD32nCGlcEEXduxZhdn
MU/fI+TyHCyAjXIjP1KFxzPbm9lt1Ol8POrCKlE0tjImonJ5gkG8Owf5Wjl2yVSN
k7UYB+KKUJA6kFQjRB8ULxyup1Zg1yeYP3NLblfNu+5dvEIrs9QUg84K1YXxDPNP
ueKDi7SWg0kJxFFw1Czip6QYjcZhkPdMU6I64ZLoERv83+7yNogTTx3klz2mpM+T
2ChMdxQbg2TurSLPUshi4TWAXTymaP7cXgGJogDJSFOiuDD2qcNUZfCfgFmv87rd
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:09:32 2024 by rpki-client on console-fra.rpki-client.org