Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
File:                     VQt8DIuuYQ9-UZwEhaR3O860jas.cer (raw, json)
Hash identifier:          +j20awIEicmJo9IW94wcntV7FAyHV31AWLyBTzUgRCI=
Subject key identifier:   55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC01123052358A1A10605C2DDB807B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:29:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 34619
                          IP: 37.148.208.0/21
                          IP: 80.253.240.0/22
                          IP: 85.159.64.0/21
                          IP: 89.19.0.0/19
                          IP: 94.73.128.0/18
                          IP: 185.22.184.0/22
                          IP: 2a02:2020::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:01:12:30:52:35:8a:1a:10:60:5c:2d:db:80:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3c:bf:1c:d2:dd:d0:a3:59:ba:77:ae:0c:62:
                    93:af:9d:3a:99:d9:9a:b6:0f:f7:f1:cd:fb:4b:5f:
                    e7:77:ee:0f:4c:89:06:b8:4c:7d:e6:3b:2d:69:9a:
                    dc:e8:56:c2:52:1e:4c:ec:9f:75:46:94:00:ec:08:
                    da:09:07:72:bd:82:d4:29:5f:e8:39:2e:5b:38:e6:
                    3b:bc:da:2a:59:8e:d0:26:f1:38:f4:59:92:45:73:
                    5c:2d:0f:54:f1:05:ad:5a:ad:8c:d5:cf:bb:2d:a7:
                    dd:fd:4e:98:b4:4e:41:bf:7d:3e:62:8e:dd:96:fa:
                    e1:ea:ea:1f:52:3a:ed:8a:e5:60:a6:f5:c9:07:5b:
                    be:91:93:dc:08:df:d9:50:40:72:ed:27:8a:bf:0c:
                    bf:74:dc:ec:1f:a8:23:e6:07:2c:2f:97:ba:2d:a8:
                    f2:9f:40:61:b2:32:50:12:7d:8f:1d:ab:de:4f:f9:
                    9a:b0:73:4c:1b:3e:e2:fc:27:c5:5e:91:d5:b1:c1:
                    c6:d7:83:07:f1:6d:a3:08:29:ff:50:78:01:73:50:
                    3c:3c:28:94:72:ff:92:c7:f3:00:af:2d:ff:2a:22:
                    87:73:f3:b9:0f:4c:42:15:09:30:ff:89:b6:4d:1a:
                    55:a5:0f:82:3e:08:9d:0a:2e:87:83:f7:f0:87:7b:
                    48:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.148.208.0/21
                  80.253.240.0/22
                  85.159.64.0/21
                  89.19.0.0/19
                  94.73.128.0/18
                  185.22.184.0/22
                IPv6:
                  2a02:2020::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  34619

    Signature Algorithm: sha256WithRSAEncryption
         40:bb:a7:cd:95:11:34:87:f9:e4:f9:c3:8f:18:a4:43:53:e6:
         fd:1c:b6:f7:6f:ba:74:fe:20:90:8f:19:43:ab:38:1b:28:e2:
         1e:8c:ab:e3:e5:5b:aa:d4:7e:3b:2b:5e:b8:39:dd:93:c5:c0:
         f9:f6:d6:81:10:6d:69:11:3f:52:42:30:93:b9:90:ca:9a:76:
         7a:d1:39:ab:7f:f1:da:fb:7e:8b:ca:07:fa:1f:a3:2d:5e:c9:
         15:96:16:a6:76:25:e6:da:ec:a8:59:0a:16:ed:4a:99:04:a8:
         ab:75:cf:d4:bf:cb:dd:a9:3e:31:3a:a3:f6:59:e2:dc:53:34:
         3f:3b:9e:a8:6c:21:9c:bf:c4:02:bf:cd:0d:92:da:7e:ce:63:
         b3:c5:82:6d:a8:a8:ed:32:22:c1:16:29:91:8c:2f:28:05:64:
         b5:a3:3f:54:1b:35:de:c6:dc:bf:58:c2:05:65:26:87:9d:07:
         5b:8f:ab:29:fd:64:7b:57:19:8a:c1:43:c1:34:79:b0:08:d1:
         b8:f0:a3:d6:42:cf:97:d0:0a:34:53:b6:c8:18:50:9f:a1:30:
         8c:ac:34:48:5e:8e:83:cd:1e:80:ac:fd:bd:23:24:a5:67:02:
         48:9f:f4:8e:6e:bc:69:a3:bb:34:a1:d4:7e:3c:11:22:81:03:
         fc:be:c5:95
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYzF3AESMFI1ihoQYFwt24B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTBiN2MwYzhiYWU2MTBmN2U1MTljMDQ4NWE0NzczYmNlYjQ4ZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTy/HNLd0KNZuneuDGKTr506mdma
tg/38c37S1/nd+4PTIkGuEx95jstaZrc6FbCUh5M7J91RpQA7AjaCQdyvYLUKV/o
OS5bOOY7vNoqWY7QJvE49FmSRXNcLQ9U8QWtWq2M1c+7Lafd/U6YtE5Bv30+Yo7d
lvrh6uofUjrtiuVgpvXJB1u+kZPcCN/ZUEBy7SeKvwy/dNzsH6gj5gcsL5e6Lajy
n0BhsjJQEn2PHaveT/masHNMGz7i/CfFXpHVscHG14MH8W2jCCn/UHgBc1A8PCiU
cv+Sx/MAry3/KiKHc/O5D0xCFQkw/4m2TRpVpQ+CPgidCi6Hg/fwh3tIjwIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFFULfAyLrmEPflGcBIWkdzvOtI2rMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZhL2FlZGIw
My1iMDRjLTQyMTItODEzYi1mZjI1YmE1OTkwMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvYWVkYjAz
LWIwNGMtNDIxMi04MTNiLWZmMjViYTU5OTAzMS8xL1ZRdDhESXV1WVE5LVVad0Vo
YVIzTzg2MGphcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF
BwEHAQH/BD0wOzAqBAIAATAkAwQDJZTQAwQCUP3wAwQDVZ9AAwQFWRMAAwQGXkmA
AwQCuRa4MA0EAgACMAcDBQAqAiAgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCH
OzANBgkqhkiG9w0BAQsFAAOCAQEAQLunzZURNIf55PnDjxikQ1Pm/Ry292+6dP4g
kI8ZQ6s4GyjiHoyr4+VbqtR+OyteuDndk8XA+fbWgRBtaRE/UkIwk7mQypp2etE5
q3/x2vt+i8oH+h+jLV7JFZYWpnYl5trsqFkKFu1KmQSoq3XP1L/L3ak+MTqj9lni
3FM0PzueqGwhnL/EAr/NDZLafs5js8WCbaio7TIiwRYpkYwvKAVktaM/VBs13sbc
v1jCBWUmh50HW4+rKf1ke1cZisFDwTR5sAjRuPCj1kLPl9AKNFO2yBhQn6EwjKw0
SF6Og80egKz9vSMkpWcCSJ/0jm68aaO7NKHUfjwRIoED/L7FlQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:09:55 2024 by rpki-client on console-fra.rpki-client.org