Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UbNIBPm2anHCRyWy13-UkRIYXrE.cer
File:                     UbNIBPm2anHCRyWy13-UkRIYXrE.cer (raw, json)
Hash identifier:          XnU38rOIQ9qy61FYXaU0vjDSp31q/lEdPt/IQ3Xwga8=
Subject key identifier:   51:B3:48:04:F9:B6:6A:71:C2:47:25:B2:D7:7F:94:91:12:18:5E:B1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC64B09A8E56C4F452C54B228DBFF44C5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a7/74606f-d070-432d-a86f-5a7289ef5f63/1/UbNIBPm2anHCRyWy13-UkRIYXrE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a7/74606f-d070-432d-a86f-5a7289ef5f63/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:30:55 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 47134
                          IP: 93.91.64.0/20

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 05 Dec 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:09:a8:e5:6c:4f:45:2c:54:b2:28:db:ff:44:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:30:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=51b34804f9b66a71c24725b2d77f949112185eb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8a:8f:b9:53:e1:90:01:03:05:d6:8c:aa:20:
                    7f:b2:cd:d6:ac:44:c6:ce:03:00:65:80:0c:8d:ab:
                    24:42:18:cc:94:30:7e:7e:21:f3:47:3c:81:ec:58:
                    77:a7:6f:30:4f:6c:9c:75:7a:81:04:b4:06:8f:85:
                    c5:48:f2:56:e4:ec:9a:d2:c0:ca:a2:6c:98:f6:97:
                    bf:2f:05:52:51:ad:a7:03:85:66:e9:ba:5f:6b:60:
                    79:7d:d2:13:7f:63:cc:d7:ec:52:f1:2f:4f:1c:33:
                    63:79:04:92:3f:5f:c9:ac:e6:a6:31:62:d6:a3:a2:
                    5c:56:bd:5a:26:6b:d1:b6:af:6e:37:e8:e7:1c:69:
                    6f:79:1a:6b:35:e5:e9:3e:f0:75:5b:1f:da:fa:67:
                    84:91:d0:81:1c:bb:17:b6:24:70:c5:13:7a:09:3b:
                    5c:10:da:4f:a7:18:90:33:9c:92:d5:19:ca:99:b9:
                    c5:f1:ea:12:82:9d:b9:f9:4b:75:ec:78:22:93:77:
                    96:f5:38:4b:32:2a:03:2b:ad:26:e5:5a:1b:79:1f:
                    7e:1f:fb:96:f4:3d:ad:92:af:27:c8:66:cb:ac:13:
                    39:9b:10:93:11:db:df:38:95:ee:ff:5b:16:0d:94:
                    9f:9b:73:26:48:30:0b:54:76:f8:37:80:10:e2:64:
                    9e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B3:48:04:F9:B6:6A:71:C2:47:25:B2:D7:7F:94:91:12:18:5E:B1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/74606f-d070-432d-a86f-5a7289ef5f63/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/74606f-d070-432d-a86f-5a7289ef5f63/1/UbNIBPm2anHCRyWy13-UkRIYXrE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.91.64.0/20

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47134

    Signature Algorithm: sha256WithRSAEncryption
         9f:64:8b:35:eb:15:35:2a:b8:ee:5d:f5:52:d2:76:ed:e1:54:
         3c:39:a6:cc:31:1d:e4:be:46:34:d4:c6:e4:8b:4b:c6:01:c5:
         4d:db:c5:17:89:c4:c6:ae:47:3a:7c:58:ca:ae:f9:86:c8:5f:
         d8:1b:6f:6a:7f:a9:1d:81:7d:e4:f9:6a:d8:fa:f3:18:d4:ef:
         22:98:47:fc:85:1f:62:5f:9b:a7:22:2f:a7:db:b2:98:b4:a7:
         61:31:dd:41:e2:66:73:34:57:ef:2c:84:d9:c8:cd:1f:03:a3:
         c0:28:ec:bd:ee:fc:6a:7a:0d:c8:a2:92:34:7f:6b:6b:8e:8c:
         af:ba:a7:89:be:1d:b7:e4:3c:26:e6:0d:f9:41:a1:eb:67:0a:
         aa:e3:07:9d:cf:61:e2:45:c4:1e:5d:85:19:f9:7d:ae:e0:e5:
         7f:e0:e0:33:99:49:2b:fc:76:cb:83:7f:a0:4a:c6:0a:56:4d:
         ee:63:74:32:5a:ba:69:37:11:16:cd:7a:0b:39:62:fb:61:9b:
         e7:55:fe:6f:a4:0a:62:5c:4a:8e:04:08:c7:26:25:eb:af:cb:
         1f:b6:de:a1:af:a5:4c:00:b0:3d:8c:bd:3b:36:35:07:83:44:
         95:56:93:5f:e7:b0:10:ec:5d:38:3c:65:1e:02:6a:ce:d9:dd:
         6f:e8:9b:cc
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzGSwmo5WxPRSxUsijb/0TFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIzNDgwNGY5YjY2YTcxYzI0NzI1YjJkNzdmOTQ5MTEyMTg1ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroqPuVPhkAEDBdaMqiB/ss3WrETG
zgMAZYAMjaskQhjMlDB+fiHzRzyB7Fh3p28wT2ycdXqBBLQGj4XFSPJW5Oya0sDK
omyY9pe/LwVSUa2nA4Vm6bpfa2B5fdITf2PM1+xS8S9PHDNjeQSSP1/JrOamMWLW
o6JcVr1aJmvRtq9uN+jnHGlveRprNeXpPvB1Wx/a+meEkdCBHLsXtiRwxRN6CTtc
ENpPpxiQM5yS1RnKmbnF8eoSgp25+Ut17Hgik3eW9ThLMioDK60m5VobeR9+H/uW
9D2tkq8nyGbLrBM5mxCTEdvfOJXu/1sWDZSfm3MmSDALVHb4N4AQ4mSeOwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFFGzSAT5tmpxwkclstd/lJESGF6xMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3Lzc0NjA2
Zi1kMDcwLTQzMmQtYTg2Zi01YTcyODllZjVmNjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvNzQ2MDZm
LWQwNzAtNDMyZC1hODZmLTVhNzI4OWVmNWY2My8xL1ViTklCUG0yYW5IQ1J5V3kx
My1Va1JJWVhyRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQEXVtAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwC4HjANBgkqhkiG9w0BAQsFAAOCAQEAn2SLNesVNSq47l31UtJ27eFUPDmmzDEd
5L5GNNTG5ItLxgHFTdvFF4nExq5HOnxYyq75hshf2Btvan+pHYF95Plq2PrzGNTv
IphH/IUfYl+bpyIvp9uymLSnYTHdQeJmczRX7yyE2cjNHwOjwCjsve78anoNyKKS
NH9ra46Mr7qnib4dt+Q8JuYN+UGh62cKquMHnc9h4kXEHl2FGfl9ruDlf+DgM5lJ
K/x2y4N/oErGClZN7mN0Mlq6aTcRFs16Czli+2Gb51X+b6QKYlxKjgQIxyYl66/L
H7beoa+lTACwPYy9OzY1B4NElVaTX+ewEOxdODxlHgJqztndb+ibzA==
-----END CERTIFICATE-----
Generated at Wed Dec 4 09:03:17 2024 by rpki-client on console-ams.rpki-client.org