Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WBPibXGsW2pgEVbZDODczsWYYkM.cer
File:                     WBPibXGsW2pgEVbZDODczsWYYkM.cer (raw, json)
Hash identifier:          NtlTGnvmLBBIW1E1pEs2Z5l6zCvA8Wroji9VYT0+x7U=
Subject key identifier:   58:13:E2:6D:71:AC:5B:6A:60:11:56:D9:0C:E0:DC:CE:C5:98:62:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018E7C7D5F914EB7C04B088DC4B5A84D45C7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/WBPibXGsW2pgEVbZDODczsWYYkM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 26 Mar 2024 20:39:35 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.224.2.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7c:7d:5f:91:4e:b7:c0:4b:08:8d:c4:b5:a8:4d:45:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 26 20:39:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5813e26d71ac5b6a601156d90ce0dccec5986243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:7f:02:54:75:35:44:75:02:a6:83:1e:a4:98:
                    6a:0f:4d:6e:72:74:99:27:71:a3:61:6d:d2:0f:de:
                    e0:f5:d5:d4:3c:a3:5c:29:74:22:c2:87:23:c1:a6:
                    d8:8b:f3:3f:af:45:24:0c:57:7d:99:ae:d5:a5:0b:
                    47:3d:f7:b6:31:3e:8a:87:94:df:ed:2b:f4:2d:6d:
                    64:19:47:dd:ae:69:50:17:c1:7f:3d:b3:df:ab:3f:
                    5d:09:eb:0f:7a:ca:79:1f:f3:46:d7:21:33:09:37:
                    6f:51:9d:6e:46:e4:38:10:a7:72:39:17:75:9a:74:
                    f6:f3:e1:e3:95:fc:ea:6f:99:bc:53:1e:09:df:28:
                    1d:bf:22:03:1c:44:b5:79:92:77:ea:01:f5:fe:e1:
                    ea:24:cb:78:55:e0:9b:7b:9b:49:23:f2:d5:76:8f:
                    1c:42:db:ab:52:7c:34:a4:09:0c:a1:6f:ef:16:ed:
                    4d:a0:c0:10:b2:80:d9:43:e4:0f:1b:69:eb:a0:4e:
                    7b:28:a5:88:52:1e:68:83:e8:8f:af:ba:c0:69:54:
                    28:12:c3:3c:eb:ed:47:33:0f:5f:2b:11:71:87:0c:
                    21:fa:c5:c9:91:68:97:47:8d:c2:a1:fb:41:d0:bd:
                    36:0a:9b:b3:e8:ac:58:21:3e:0c:04:ee:f2:3a:c7:
                    c6:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:13:E2:6D:71:AC:5B:6A:60:11:56:D9:0C:E0:DC:CE:C5:98:62:43
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/WBPibXGsW2pgEVbZDODczsWYYkM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.224.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:19:f4:11:7c:f2:8a:ee:a5:8f:10:2f:25:c5:09:fb:61:66:
         d0:b1:25:31:6f:32:25:6b:44:89:66:df:c7:b8:34:4e:5d:fa:
         dc:33:b2:24:f9:8e:36:e7:f3:6f:a3:d8:ce:4c:ce:18:62:49:
         ab:1a:15:e4:02:62:82:f1:be:11:5e:ad:cc:6b:17:b9:90:79:
         14:2f:0b:56:bc:0a:2f:c8:d7:6a:23:87:7d:72:ac:e9:47:d8:
         b6:f2:10:ea:0d:6d:bc:91:f7:54:14:5c:3f:1f:b8:e7:80:38:
         fd:41:d7:84:e8:45:11:09:84:9d:0d:43:12:35:8f:69:0b:7f:
         39:38:b8:46:d6:26:bd:f9:9a:d6:d4:58:31:7f:e7:a2:2f:f2:
         ec:5c:4b:c2:f2:d1:d5:88:d3:1a:db:b1:19:d3:7f:60:32:f6:
         98:a3:bc:04:68:f1:03:5f:be:16:6d:d1:ab:35:33:19:7d:b8:
         19:8b:e8:e0:1c:d5:37:83:35:cf:a4:08:da:0d:57:21:51:03:
         53:20:b3:b9:fe:aa:b4:0e:ef:f1:80:88:3d:7a:0e:02:05:ea:
         ff:89:d0:da:8e:84:fb:5b:d7:16:19:66:31:f0:54:e2:05:95:
         bb:62:3d:d0:aa:f4:d4:2b:65:94:2a:e7:fd:6e:0f:50:ff:22:
         91:5a:3d:06
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY58fV+RTrfASwiNxLWoTUXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzI2MjAzOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODEzZTI2ZDcxYWM1YjZhNjAxMTU2ZDkwY2UwZGNjZWM1OTg2MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n8CVHU1RHUCpoMepJhqD01ucnSZ
J3GjYW3SD97g9dXUPKNcKXQiwocjwabYi/M/r0UkDFd9ma7VpQtHPfe2MT6Kh5Tf
7Sv0LW1kGUfdrmlQF8F/PbPfqz9dCesPesp5H/NG1yEzCTdvUZ1uRuQ4EKdyORd1
mnT28+Hjlfzqb5m8Ux4J3ygdvyIDHES1eZJ36gH1/uHqJMt4VeCbe5tJI/LVdo8c
QturUnw0pAkMoW/vFu1NoMAQsoDZQ+QPG2nroE57KKWIUh5og+iPr7rAaVQoEsM8
6+1HMw9fKxFxhwwh+sXJkWiXR43CoftB0L02Cpuz6KxYIT4MBO7yOsfG/QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFgT4m1xrFtqYBFW2Qzg3M7FmGJDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyLzY0YWUz
MS1kMWM4LTQwMDQtYTc3OC0wNmRmMWRjMDMzNjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvNjRhZTMx
LWQxYzgtNDAwNC1hNzc4LTA2ZGYxZGMwMzM2Ny8xL1dCUGliWEdzVzJwZ0VWYlpE
T0RjenNXWVlrTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAueACMA0GCSqGSIb3DQEBCwUAA4IBAQBkGfQR
fPKK7qWPEC8lxQn7YWbQsSUxbzIla0SJZt/HuDROXfrcM7Ik+Y425/Nvo9jOTM4Y
YkmrGhXkAmKC8b4RXq3Maxe5kHkULwtWvAovyNdqI4d9cqzpR9i28hDqDW28kfdU
FFw/H7jngDj9QdeE6EURCYSdDUMSNY9pC385OLhG1ia9+ZrW1Fgxf+eiL/LsXEvC
8tHViNMa27EZ039gMvaYo7wEaPEDX74WbdGrNTMZfbgZi+jgHNU3gzXPpAjaDVch
UQNTILO5/qq0Du/xgIg9eg4CBer/idDajoT7W9cWGWYx8FTiBZW7Yj3QqvTUK2WU
Kuf9bg9Q/yKRWj0G
-----END CERTIFICATE-----