Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
File:                     WAbaWlklEnXOsYaU4XQVNSrt1qo.cer (raw, json)
Hash identifier:          bARR4TD8fCSwlF+6zhgD5EinRfX8zjjNkUVXG0ZxAUk=
Subject key identifier:   58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019424459F6EF264FD6E64B45101633A6F49
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 23:48:50 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 43332
                          AS: 57991
                          AS: 58119
                          AS: 203840
                          AS: 212560
                          IP: 31.193.184.0/24
                          IP: 91.237.119.0/24
                          IP: 185.187.80.0/22
                          IP: 185.220.144.0/22
                          IP: 185.255.196.0/22
                          IP: 2a0b:9b80::/29
                          IP: 2a0b:f7c0::/29
                          IP: 2a0c:b200::/29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Feb 2025 17:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:45:9f:6e:f2:64:fd:6e:64:b4:51:01:63:3a:6f:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:48:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:d4:09:37:3b:0f:cb:53:77:b5:6e:0b:97:54:
                    dd:e8:90:e1:c0:e1:ad:85:30:c8:07:d2:f3:26:2e:
                    c6:23:07:69:02:33:54:e1:68:8d:6f:40:86:5b:86:
                    b1:46:0d:62:4f:1f:ec:1e:3d:06:ef:8e:0c:3e:c4:
                    82:be:b7:c1:9a:50:dd:7e:d2:45:55:80:ab:2b:3c:
                    4f:5a:ae:ac:d6:35:f4:38:f3:9f:7b:84:6c:e7:4a:
                    a3:8c:a3:a5:ae:b9:78:7f:63:4f:53:8a:8b:77:b5:
                    9e:1d:5e:84:2d:87:40:6b:8e:b0:0c:25:4e:20:d7:
                    ad:ee:3f:f5:b5:2c:b0:8d:26:08:d5:97:c1:90:c5:
                    c6:9e:cb:bc:49:b6:11:e8:39:6b:b5:b5:dd:b4:3b:
                    f7:61:dc:78:39:3f:36:30:3b:41:e2:f3:b1:69:f5:
                    36:2a:70:cd:d9:e8:df:94:3e:d2:2a:58:6a:d0:c5:
                    05:39:70:8d:e0:b8:03:00:6a:8e:a4:be:20:bf:f1:
                    1b:da:35:03:81:95:10:21:bb:3c:2e:b0:40:0f:b0:
                    20:3b:83:25:34:bb:01:e3:a5:a5:16:0a:c5:96:9c:
                    14:10:dd:a7:62:62:07:b5:51:3b:43:0d:79:9c:6f:
                    82:c5:a4:c9:21:33:51:90:8c:c7:3f:97:08:4e:6b:
                    6c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.193.184.0/24
                  91.237.119.0/24
                  185.187.80.0/22
                  185.220.144.0/22
                  185.255.196.0/22
                IPv6:
                  2a0b:9b80::/29
                  2a0b:f7c0::/29
                  2a0c:b200::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43332
                  57991
                  58119
                  203840
                  212560

    Signature Algorithm: sha256WithRSAEncryption
         7c:92:cc:51:f7:a9:69:3f:c4:80:6d:a3:cd:fe:77:69:bb:7a:
         3d:6d:0f:75:c0:31:a8:8d:1f:73:4c:2f:da:c0:23:92:bc:60:
         0e:64:db:03:5f:0d:67:2f:c7:e0:b9:21:70:8b:10:17:c6:47:
         e3:d2:32:34:97:1d:b4:05:19:a9:48:8b:73:c7:21:f1:af:c6:
         1f:7e:ba:f2:18:51:dc:be:8e:2b:ef:7c:69:a7:b1:4c:92:2c:
         93:ff:8f:5a:0e:a1:14:6f:32:74:c2:67:bc:c8:76:5c:36:11:
         4e:2c:5c:f7:1e:82:c7:00:ec:63:8d:cb:8b:8c:c3:5b:62:22:
         ac:e2:05:93:90:36:8e:e5:ac:5f:16:8a:f2:9e:46:f3:d1:81:
         07:44:74:c3:23:1b:02:e5:75:51:a3:9f:1a:1f:e6:03:88:0d:
         fb:ab:ed:dc:5a:f2:59:e5:b9:b3:ae:3b:8c:e7:fc:b8:db:dd:
         45:b8:52:cf:20:bc:80:6e:7e:cb:42:dc:84:e3:48:0d:14:30:
         e6:ed:c2:ef:b4:13:5f:bf:3e:34:b4:22:b4:48:cf:5d:ef:9e:
         b9:fc:5b:a4:9d:e5:ce:78:b1:2d:29:92:de:3e:6d:70:82:15:
         36:c0:fc:05:6d:dc:70:f9:28:10:4b:3d:eb:67:ea:97:08:df:
         14:47:bb:3a
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAZQkRZ9u8mT9bmS0UQFjOm9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODA2ZGE1YTU5MjUxMjc1Y2ViMTg2OTRlMTc0MTUzNTJhZWRkNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tQJNzsPy1N3tW4Ll1Td6JDhwOGt
hTDIB9LzJi7GIwdpAjNU4WiNb0CGW4axRg1iTx/sHj0G744MPsSCvrfBmlDdftJF
VYCrKzxPWq6s1jX0OPOfe4Rs50qjjKOlrrl4f2NPU4qLd7WeHV6ELYdAa46wDCVO
INet7j/1tSywjSYI1ZfBkMXGnsu8SbYR6DlrtbXdtDv3Ydx4OT82MDtB4vOxafU2
KnDN2ejflD7SKlhq0MUFOXCN4LgDAGqOpL4gv/Eb2jUDgZUQIbs8LrBAD7AgO4Ml
NLsB46WlFgrFlpwUEN2nYmIHtVE7Qw15nG+CxaTJITNRkIzHP5cITmts6QIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFFgG2lpZJRJ1zrGGlOF0FTUq7daqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2LzVkZjEx
OS1iMWRmLTRjZWItYmQ0Zi1mNzljY2MzZjRlYWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvNWRmMTE5
LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8xL1dBYmFXbGtsRW5YT3NZYVU0
WFFWTlNydDFxby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUF
BwEHAQH/BEUwQzAkBAIAATAeAwQAH8G4AwQAW+13AwQCubtQAwQCudyQAwQCuf/E
MBsEAgACMBUDBQMqC5uAAwUDKgv3wAMFAyoMsgAwLgYIKwYBBQUHAQgBAf8EHzAd
oBswGQIDAKlEAgMA4ocCAwDjBwIDAxxAAgMDPlAwDQYJKoZIhvcNAQELBQADggEB
AHySzFH3qWk/xIBto83+d2m7ej1tD3XAMaiNH3NML9rAI5K8YA5k2wNfDWcvx+C5
IXCLEBfGR+PSMjSXHbQFGalIi3PHIfGvxh9+uvIYUdy+jivvfGmnsUySLJP/j1oO
oRRvMnTCZ7zIdlw2EU4sXPcegscA7GONy4uMw1tiIqziBZOQNo7lrF8WivKeRvPR
gQdEdMMjGwLldVGjnxof5gOIDfur7dxa8lnlubOuO4zn/Ljb3UW4Us8gvIBufstC
3ITjSA0UMObtwu+0E1+/PjS0IrRIz13vnrn8W6Sd5c54sS0pkt4+bXCCFTbA/AVt
3HD5KBBLPetn6pcI3xRHuzo=
-----END CERTIFICATE-----
Generated at Sat Feb 15 00:02:55 2025 by rpki-client