Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer
File:                     UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer (raw, json)
Hash identifier:          IwnnfdP1EsNrfVzdnRPp6f48nMiayUyui/PnUtM7ri4=
Subject key identifier:   50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4251AF253C06C70FD09F33B410BC356
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:30:15 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 44071
                          IP: 185.167.188.0/22
                          IP: 2a0b:a600::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:1a:f2:53:c0:6c:70:fd:09:f3:3b:41:0b:c3:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=50399d4435bb85fae910abe38e68533204dfd60b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fa:a1:68:e5:27:6e:5d:8d:1d:67:99:8f:35:
                    99:09:a1:e5:a4:52:03:68:72:ac:27:60:c0:9c:0b:
                    b8:5b:34:1d:92:ca:59:75:c9:36:65:c2:7f:cb:f1:
                    d7:55:73:c2:fb:db:93:81:b8:1b:90:c8:b0:c0:e3:
                    92:4c:d7:b0:3a:c5:b3:f5:f1:10:8e:48:9d:37:af:
                    27:af:c0:d5:83:77:8f:3e:d9:f1:1c:ad:ce:76:70:
                    d3:d5:6e:72:f7:48:d9:46:fd:9d:52:58:da:98:db:
                    b8:7c:03:9e:a4:5b:a7:0a:9f:d9:80:98:e6:0d:56:
                    52:b4:df:c5:d5:ac:11:e8:f0:59:02:39:81:33:9a:
                    51:73:d1:66:21:2a:03:60:4a:97:3e:af:d1:a5:49:
                    1c:1c:da:9a:d7:cd:58:ca:d8:ec:37:66:93:f4:c3:
                    e6:b3:1c:22:1c:ba:c3:a5:d4:1f:ae:4f:91:e7:d2:
                    23:1a:5b:80:da:15:d7:9e:ec:2e:91:71:fc:fd:db:
                    b8:5a:3b:67:5f:56:92:1d:ea:53:92:c8:75:3f:fe:
                    de:84:b6:c8:6c:0e:d3:77:8a:52:cb:ad:50:98:3d:
                    72:52:b3:f7:7b:48:57:46:7a:59:4a:59:e9:30:bc:
                    d9:b5:a7:5c:e8:fc:85:a6:01:51:c7:db:b4:13:5a:
                    ae:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.188.0/22
                IPv6:
                  2a0b:a600::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44071

    Signature Algorithm: sha256WithRSAEncryption
         3a:9d:f4:7e:02:2e:6a:59:be:42:6f:43:16:54:30:13:8c:0e:
         b4:7c:8b:5a:85:69:af:b0:6c:96:4f:60:f7:9d:10:f7:4e:64:
         4c:34:06:eb:d9:3f:6a:78:ae:42:23:fc:6b:31:8c:b7:59:fd:
         8c:0b:22:0e:1e:9b:98:25:e8:c6:68:be:0c:49:68:cb:0c:b1:
         5d:f0:b8:c6:92:ac:fe:c0:b9:96:c2:f2:33:55:20:af:4b:18:
         dc:e7:6a:a5:b9:75:e5:68:ed:9d:e1:40:3e:59:d4:f7:bc:96:
         ca:7c:93:7d:95:23:99:f8:ab:aa:47:40:3d:86:ca:c2:02:14:
         aa:d3:23:ad:30:fe:ae:84:07:02:a6:84:14:c5:0d:dd:5b:5c:
         2c:0d:40:b2:84:5e:06:fd:09:1b:6c:d4:ab:fb:a1:27:e4:be:
         02:40:91:db:e0:93:a2:c6:59:ce:8c:c9:13:12:d1:5e:d1:1b:
         05:f4:7e:b5:72:f0:7d:70:46:ac:ca:53:b0:72:c6:0f:64:18:
         22:41:ec:38:e8:f2:0c:04:d8:65:7d:65:0b:20:8b:f1:77:5a:
         dd:f8:7b:38:cd:d9:72:37:79:3a:d7:27:13:88:dd:c9:94:08:
         ce:86:5f:64:76:df:e3:fe:eb:00:d8:df:80:35:40:16:fe:e9:
         01:3c:58:15
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzEJRryU8BscP0J8ztBC8NWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM5OWQ0NDM1YmI4NWZhZTkxMGFiZTM4ZTY4NTMzMjA0ZGZkNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPqhaOUnbl2NHWeZjzWZCaHlpFID
aHKsJ2DAnAu4WzQdkspZdck2ZcJ/y/HXVXPC+9uTgbgbkMiwwOOSTNewOsWz9fEQ
jkidN68nr8DVg3ePPtnxHK3OdnDT1W5y90jZRv2dUljamNu4fAOepFunCp/ZgJjm
DVZStN/F1awR6PBZAjmBM5pRc9FmISoDYEqXPq/RpUkcHNqa181YytjsN2aT9MPm
sxwiHLrDpdQfrk+R59IjGluA2hXXnuwukXH8/du4WjtnX1aSHepTksh1P/7ehLbI
bA7Td4pSy61QmD1yUrP3e0hXRnpZSlnpMLzZtadc6PyFpgFRx9u0E1quuQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFA5nUQ1u4X66RCr445oUzIE39YLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyLzRmM2Yw
OC05ODZiLTQ4ZTQtODVkZC0zNGZmZGI0NDIxMTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvNGYzZjA4
LTk4NmItNDhlNC04NWRkLTM0ZmZkYjQ0MjExMy8xL1VEbWRSRFc3aGZycEVLdmpq
bWhUTWdUZjFncy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuae8MA0EAgACMAcDBQAqC6YAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCsJzANBgkqhkiG9w0BAQsFAAOCAQEAOp30fgIualm+
Qm9DFlQwE4wOtHyLWoVpr7Bslk9g950Q905kTDQG69k/aniuQiP8azGMt1n9jAsi
Dh6bmCXoxmi+DEloywyxXfC4xpKs/sC5lsLyM1Ugr0sY3Odqpbl15WjtneFAPlnU
97yWynyTfZUjmfirqkdAPYbKwgIUqtMjrTD+roQHAqaEFMUN3VtcLA1AsoReBv0J
G2zUq/uhJ+S+AkCR2+CTosZZzozJExLRXtEbBfR+tXLwfXBGrMpTsHLGD2QYIkHs
OOjyDATYZX1lCyCL8Xda3fh7OM3Zcjd5OtcnE4jdyZQIzoZfZHbf4/7rANjfgDVA
Fv7pATxYFQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:32:31 2024 by rpki-client on console-fra.rpki-client.org