Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
File:                     W81A0QtW87Uy-g39AdgX75PaGjQ.cer (raw, json)
Hash identifier:          g4245gWORHdKorKlOH34tqAoGnRW+r/lPW4xlwNVLgA=
Subject key identifier:   5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC348FBE6E696893606ED9497EC34B82C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:29:49 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 193.57.173.0/24
                          IP: 193.57.200.0/24
                          IP: 193.57.223.0 -- 193.57.224.255
                          IP: 2a0f:8640::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:fb:e6:e6:96:89:36:06:ed:94:97:ec:34:b8:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4b:0f:2b:f0:6a:92:83:04:a1:d1:17:3a:83:
                    54:52:4f:e9:b1:83:4e:db:5a:68:83:7f:8f:6c:6f:
                    b4:73:80:52:86:89:47:ec:3a:ab:d2:e5:b6:69:ea:
                    bc:fb:09:c7:cf:73:c1:e8:f3:d3:88:23:b9:41:57:
                    d8:80:28:7a:e9:c9:21:38:ee:6b:4f:dc:5e:c0:32:
                    24:d3:10:b5:d8:f3:fb:f5:c4:a8:a5:f9:41:b1:01:
                    09:bb:7a:1c:7a:e7:dc:7c:8c:4a:33:d3:82:f9:1d:
                    a5:9c:bc:d0:89:73:5a:56:54:4d:ba:8e:b3:4f:2a:
                    47:38:85:a8:4c:50:07:5c:eb:ac:a4:bc:4e:8e:06:
                    b5:90:89:ee:47:14:70:0f:2a:67:25:50:4d:e9:92:
                    5d:e9:3a:45:34:3f:4e:f4:19:76:30:62:9a:d7:0a:
                    9c:15:b3:e1:1a:6f:d8:e7:e9:01:f7:0a:b0:6d:e7:
                    03:3b:96:bc:ec:9c:78:6a:0d:bc:c3:49:32:0a:02:
                    12:72:04:34:a0:0b:f7:e6:7c:fa:24:93:12:21:31:
                    09:ec:96:c0:e4:2c:f5:3e:44:01:9e:78:e1:a5:ef:
                    8c:ac:35:a3:0a:1e:a1:b3:2a:99:2a:63:b4:ac:9d:
                    4c:7a:12:da:e5:c5:5d:c2:b2:aa:68:e8:f0:24:23:
                    83:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.173.0/24
                  193.57.200.0/24
                  193.57.223.0-193.57.224.255
                IPv6:
                  2a0f:8640::/29

    Signature Algorithm: sha256WithRSAEncryption
         88:90:e7:0d:5c:03:6d:fd:6c:4d:a0:dc:85:b4:f9:02:19:c1:
         5f:21:d8:56:c1:30:b5:96:c5:54:e9:d2:a5:00:32:94:e7:b7:
         e1:5f:37:5f:10:23:8d:8b:d4:c2:18:ca:73:b9:52:7d:9f:e5:
         b0:fe:e5:c4:ec:c8:28:05:bc:f5:49:35:02:20:4d:c3:cc:e2:
         73:d1:a5:83:ba:db:37:7b:18:a5:3a:c5:84:0e:f3:93:2d:52:
         fc:31:40:c9:23:2b:33:27:13:ed:5f:15:2e:d6:91:f8:2b:94:
         24:35:84:3b:82:fa:be:19:3d:68:fb:29:fd:00:e4:8e:de:f4:
         4f:fd:1d:b6:db:ea:51:35:3b:53:61:ab:a2:40:9b:26:94:4e:
         ba:26:86:55:91:86:37:5e:00:7d:59:e7:ea:04:60:7c:a2:bf:
         91:a3:3e:46:9c:2f:48:ee:ef:ed:eb:99:ac:c3:f8:24:30:aa:
         7e:01:82:5d:fe:08:bb:72:6f:7f:af:35:f3:be:8b:13:1c:87:
         99:20:61:73:5c:05:17:b4:61:3c:d1:c6:4c:45:1d:ed:7b:f2:
         01:11:36:9c:44:45:6e:6e:89:9c:8b:d0:2e:26:2c:e6:7d:0e:
         d0:46:bc:9c:11:91:41:13:ca:21:a7:22:63:30:22:d8:59:d7:
         f7:72:18:42
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYzDSPvm5paJNgbtlJfsNLgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNkNDBkMTBiNTZmM2I1MzJmYTBkZmQwMWQ4MTdlZjkzZGExYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UsPK/BqkoMEodEXOoNUUk/psYNO
21pog3+PbG+0c4BSholH7Dqr0uW2aeq8+wnHz3PB6PPTiCO5QVfYgCh66ckhOO5r
T9xewDIk0xC12PP79cSopflBsQEJu3oceufcfIxKM9OC+R2lnLzQiXNaVlRNuo6z
TypHOIWoTFAHXOuspLxOjga1kInuRxRwDypnJVBN6ZJd6TpFND9O9Bl2MGKa1wqc
FbPhGm/Y5+kB9wqwbecDO5a87Jx4ag28w0kyCgIScgQ0oAv35nz6JJMSITEJ7JbA
5Cz1PkQBnnjhpe+MrDWjCh6hsyqZKmO0rJ1MehLa5cVdwrKqaOjwJCODpQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFFvNQNELVvO1MvoN/QHYF++T2ho0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2JmZjc1
OC00YjgzLTQ3M2QtYjA3Mi1hMmNlMWNjOGI4N2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvYmZmNzU4
LTRiODMtNDczZC1iMDcyLWEyY2UxY2M4Yjg3Zi8xL1c4MUEwUXRXODdVeS1nMzlB
ZGdYNzVQYUdqUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEIGCCsGAQUF
BwEHAQH/BDMwMTAgBAIAATAaAwQAwTmtAwQAwTnIMAwDBADBOd8DBADBOeAwDQQC
AAIwBwMFAyoPhkAwDQYJKoZIhvcNAQELBQADggEBAIiQ5w1cA239bE2g3IW0+QIZ
wV8h2FbBMLWWxVTp0qUAMpTnt+FfN18QI42L1MIYynO5Un2f5bD+5cTsyCgFvPVJ
NQIgTcPM4nPRpYO62zd7GKU6xYQO85MtUvwxQMkjKzMnE+1fFS7WkfgrlCQ1hDuC
+r4ZPWj7Kf0A5I7e9E/9Hbbb6lE1O1Nhq6JAmyaUTromhlWRhjdeAH1Z5+oEYHyi
v5GjPkacL0ju7+3rmazD+CQwqn4Bgl3+CLtyb3+vNfO+ixMch5kgYXNcBRe0YTzR
xkxFHe178gERNpxERW5uiZyL0C4mLOZ9DtBGvJwRkUETyiGnImMwIthZ1/dyGEI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:01:58 2024 by rpki-client on console-ams.rpki-client.org