Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
File:                     VDxcNKYv--2PwPDsAbQsDFDufvc.cer (raw, json)
Hash identifier:          u9wT8y5NKePf/qBoyGAKBfpdNJseKcaRskdUi1OZM9A=
Subject key identifier:   54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4937EA2645ADC8EBDE4517A28E53907
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:30:49 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 91.204.72.0/22
                          IP: 185.23.16.0/22
                          IP: 2a00:6ae0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:7e:a2:64:5a:dc:8e:bd:e4:51:7a:28:e5:39:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:30:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:2e:b8:3d:3b:c1:2b:2d:94:7b:8b:c7:7d:3d:
                    54:2d:5d:b9:81:86:4d:ce:b4:5c:e9:66:4b:9c:91:
                    ee:bf:e9:6f:36:32:28:30:5e:2f:dd:2c:6c:f1:80:
                    d9:57:02:e6:3d:aa:8f:8b:0a:13:c1:51:5c:1f:b1:
                    ba:56:a1:de:8c:b9:38:49:20:b3:de:ae:29:2e:94:
                    b9:ff:23:1c:51:72:0f:fa:d9:ca:65:24:c4:61:ae:
                    08:05:c4:dc:21:d9:ea:b8:2e:70:84:b2:64:26:c4:
                    55:51:4c:fd:fd:2d:66:74:30:5c:dc:bb:fc:57:03:
                    63:f6:38:63:9e:4e:bd:7d:ef:1e:b3:af:02:66:19:
                    ed:bb:83:bb:8d:a4:1e:06:7a:07:b9:b7:35:a5:61:
                    c6:d1:c1:24:dd:72:7e:98:d5:a6:8b:14:91:38:f7:
                    d2:d6:af:09:70:48:bb:81:05:8e:15:c0:45:c9:db:
                    6f:b1:6a:5e:11:8f:4a:b5:cc:8d:f3:b7:0c:64:8e:
                    0a:e8:8b:47:9f:ef:1b:bb:93:b9:c4:d9:aa:77:3e:
                    96:8a:1c:19:91:0a:31:a5:c6:e8:45:e1:1d:fa:85:
                    27:50:ba:74:da:69:cd:39:ea:5b:e5:6c:48:cc:94:
                    8f:4b:90:bd:cd:76:9e:e6:8c:ef:25:03:a7:f8:11:
                    88:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.72.0/22
                  185.23.16.0/22
                IPv6:
                  2a00:6ae0::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:dc:d1:92:20:af:de:d8:54:ee:38:20:23:a7:a0:d7:4f:a2:
         07:72:6f:c4:78:c5:a8:3f:af:82:7d:78:33:e2:e8:4b:cf:f6:
         8f:95:e9:1e:33:49:39:28:84:24:84:fd:eb:72:8f:a8:64:97:
         f9:e8:20:27:af:7b:54:aa:fb:21:87:d3:11:b1:2a:e1:a7:38:
         9a:cb:b3:eb:e9:d0:49:65:ee:ac:81:4b:fb:cd:f0:2c:26:63:
         15:e9:ac:62:b3:42:d1:18:b3:0e:ea:d3:40:db:47:ba:ba:ea:
         10:5f:fc:e8:44:87:53:e2:9d:94:e7:4c:00:8a:e3:2e:22:f1:
         e5:a8:62:60:d1:81:e1:f2:28:91:13:7c:c7:23:f0:f1:ca:ab:
         7d:51:d7:c7:43:9f:07:ff:81:34:33:55:59:5f:e6:de:b2:56:
         f8:86:58:bd:85:0d:8c:75:75:25:5f:cd:c9:f7:1f:9a:fb:bd:
         4b:67:31:1e:e0:b9:8d:ac:49:4f:8b:31:b9:e7:9d:00:ef:a8:
         2d:e7:51:d8:4f:c0:d7:81:11:7b:a1:e5:17:3b:d3:b6:17:d3:
         c0:2f:08:5f:ae:b1:7b:1c:a7:94:f3:8f:8e:57:e9:79:44:0d:
         3e:c7:07:25:8c:76:1b:2a:cf:6c:9e:9e:98:1c:76:a1:1e:73:
         5f:ef:60:bb
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzEk36iZFrcjr3kUXoo5TkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNjNWMzNGE2MmZmYmVkOGZjMGYwZWMwMWI0MmMwYzUwZWU3ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi64PTvBKy2Ue4vHfT1ULV25gYZN
zrRc6WZLnJHuv+lvNjIoMF4v3Sxs8YDZVwLmPaqPiwoTwVFcH7G6VqHejLk4SSCz
3q4pLpS5/yMcUXIP+tnKZSTEYa4IBcTcIdnquC5whLJkJsRVUUz9/S1mdDBc3Lv8
VwNj9jhjnk69fe8es68CZhntu4O7jaQeBnoHubc1pWHG0cEk3XJ+mNWmixSROPfS
1q8JcEi7gQWOFcBFydtvsWpeEY9KtcyN87cMZI4K6ItHn+8bu5O5xNmqdz6WihwZ
kQoxpcboReEd+oUnULp02mnNOepb5WxIzJSPS5C9zXae5ozvJQOn+BGItQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RlLzE2ZTAy
Mi00ZGE4LTQ2ODQtODVlNi1mNGYxZjkzZTA0NjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUvMTZlMDIy
LTRkYTgtNDY4NC04NWU2LWY0ZjFmOTNlMDQ2Ny8xL1ZEeGNOS1l2LS0yUHdQRHNB
YlFzREZEdWZ2Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCW8xIAwQCuRcQMA0EAgACMAcDBQAqAGrgMA0G
CSqGSIb3DQEBCwUAA4IBAQB+3NGSIK/e2FTuOCAjp6DXT6IHcm/EeMWoP6+CfXgz
4uhLz/aPlekeM0k5KIQkhP3rco+oZJf56CAnr3tUqvshh9MRsSrhpziay7Pr6dBJ
Ze6sgUv7zfAsJmMV6axis0LRGLMO6tNA20e6uuoQX/zoRIdT4p2U50wAiuMuIvHl
qGJg0YHh8iiRE3zHI/Dxyqt9UdfHQ58H/4E0M1VZX+beslb4hli9hQ2MdXUlX83J
9x+a+71LZzEe4LmNrElPizG5550A76gt51HYT8DXgRF7oeUXO9O2F9PALwhfrrF7
HKeU84+OV+l5RA0+xwcljHYbKs9snp6YHHahHnNf72C7
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:17:00 2024 by rpki-client on console-ams.rpki-client.org