Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Wjsd3asz5FUGrZdwQJJHIEF9Vog.cer
File:                     Wjsd3asz5FUGrZdwQJJHIEF9Vog.cer (raw, json)
Hash identifier:          KHWAdK9s9FT2k0L8urbzaF0JZOel/MVkurwlMG9wKNE=
Subject key identifier:   5A:3B:1D:DD:AB:33:E4:55:06:AD:97:70:40:92:47:20:41:7D:56:88
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC79435213B1119B35CEDC7D8FB8E39BC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/Wjsd3asz5FUGrZdwQJJHIEF9Vog.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:30:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200915
                          IP: 185.91.152.0/22
                          IP: 2a05:eb40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:35:21:3b:11:19:b3:5c:ed:c7:d8:fb:8e:39:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:30:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5a3b1dddab33e45506ad977040924720417d5688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:e7:35:13:db:14:39:2c:59:8f:59:01:bf:16:
                    85:99:2e:ea:14:e3:7c:10:96:21:b4:bd:6e:e9:a4:
                    ae:44:52:a0:d7:71:37:ed:84:5a:16:69:11:29:f0:
                    4f:12:bf:01:a8:c8:24:9a:78:d9:30:7d:91:8f:21:
                    d6:5e:4d:ba:b9:fe:ed:d0:fa:12:a2:55:d5:6f:97:
                    39:a9:aa:ff:5c:77:37:9b:28:8b:21:6d:4b:d4:64:
                    31:fa:da:54:0c:bd:88:12:41:fb:8b:d3:74:9e:8f:
                    61:81:e9:00:89:b6:7b:a7:86:4a:c1:c2:68:15:d8:
                    3b:66:bf:5b:50:1c:87:a8:3e:db:f0:ca:2d:04:4e:
                    59:63:60:a8:1d:e0:37:c1:35:b6:8a:3f:46:a1:4c:
                    d9:be:e2:d1:2e:0a:02:da:3c:a0:5a:be:2f:75:2b:
                    55:1a:e2:ee:d7:60:79:f7:ec:23:4e:2c:8b:5b:ed:
                    fa:36:86:ab:c5:37:98:26:37:9b:4c:d8:22:49:8f:
                    19:e4:12:f7:14:99:34:d5:72:cb:75:98:ef:b0:7e:
                    dc:30:cd:44:3f:4b:0b:a0:7d:0b:8b:a8:82:b2:96:
                    d0:ec:96:68:0d:38:69:7c:3b:97:a1:9e:a3:e0:9c:
                    61:d4:1d:a6:f9:f2:3c:16:1f:82:1c:f6:8d:df:e8:
                    22:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:3B:1D:DD:AB:33:E4:55:06:AD:97:70:40:92:47:20:41:7D:56:88
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/Wjsd3asz5FUGrZdwQJJHIEF9Vog.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.91.152.0/22
                IPv6:
                  2a05:eb40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200915

    Signature Algorithm: sha256WithRSAEncryption
         94:98:f5:fc:b2:00:76:90:77:97:be:29:00:e3:20:64:63:d5:
         0b:a3:84:72:4a:37:f5:93:ef:19:8c:30:e5:60:b5:ae:59:12:
         00:78:5e:89:45:25:8b:df:74:94:f2:a7:fd:a2:6d:80:5f:81:
         b1:6a:0c:62:68:79:c2:95:eb:4b:b0:83:c1:6a:a6:3a:4c:bf:
         c0:04:c5:fe:72:de:a4:c8:74:23:d5:6f:a1:48:34:2a:ce:7b:
         40:e5:95:36:e9:e4:0f:fe:a1:70:0b:04:df:b5:79:a7:63:9a:
         66:22:1d:92:72:d7:86:cd:bd:79:56:86:fa:80:d0:c4:c1:01:
         07:01:91:95:b3:5b:59:84:9d:12:31:95:b9:7d:0a:80:5c:b5:
         71:30:5c:08:d9:bc:08:af:70:6c:40:62:ff:0e:c2:48:ce:c0:
         7f:3c:67:26:0c:1a:47:bc:0e:45:98:a8:b3:20:f2:f7:f1:1e:
         9c:cd:89:f0:cb:2e:f5:61:2a:dc:b9:fc:4b:e5:05:2b:68:50:
         d3:ba:1e:40:74:7a:1a:cc:f0:82:fc:45:f9:a4:6d:a7:c8:1d:
         30:c7:03:4f:04:5d:a2:16:18:48:7b:14:76:5a:13:94:ac:86:
         0a:fa:4b:15:b2:e8:ad:88:f8:e1:97:28:7f:ef:1f:0a:9a:07:
         55:ad:e2:f5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHlDUhOxEZs1ztx9j7jjm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNiMWRkZGFiMzNlNDU1MDZhZDk3NzA0MDkyNDcyMDQxN2Q1Njg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ec1E9sUOSxZj1kBvxaFmS7qFON8
EJYhtL1u6aSuRFKg13E37YRaFmkRKfBPEr8BqMgkmnjZMH2RjyHWXk26uf7t0PoS
olXVb5c5qar/XHc3myiLIW1L1GQx+tpUDL2IEkH7i9N0no9hgekAibZ7p4ZKwcJo
Fdg7Zr9bUByHqD7b8MotBE5ZY2CoHeA3wTW2ij9GoUzZvuLRLgoC2jygWr4vdStV
GuLu12B59+wjTiyLW+36NoarxTeYJjebTNgiSY8Z5BL3FJk01XLLdZjvsH7cMM1E
P0sLoH0Li6iCspbQ7JZoDThpfDuXoZ6j4Jxh1B2m+fI8Fh+CHPaN3+giYQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFo7Hd2rM+RVBq2XcECSRyBBfVaIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVjLzE3OWJk
OC1mYzY4LTRmNzYtODZmZi02OGYzMTY2MDczNzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMvMTc5YmQ4
LWZjNjgtNGY3Ni04NmZmLTY4ZjMxNjYwNzM3Ni8xL1dqc2QzYXN6NUZVR3JaZHdR
SkpISUVGOVZvZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuVuYMA0EAgACMAcDBQMqBetAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMQ0zANBgkqhkiG9w0BAQsFAAOCAQEAlJj1/LIAdpB3
l74pAOMgZGPVC6OEcko39ZPvGYww5WC1rlkSAHheiUUli990lPKn/aJtgF+BsWoM
Ymh5wpXrS7CDwWqmOky/wATF/nLepMh0I9VvoUg0Ks57QOWVNunkD/6hcAsE37V5
p2OaZiIdknLXhs29eVaG+oDQxMEBBwGRlbNbWYSdEjGVuX0KgFy1cTBcCNm8CK9w
bEBi/w7CSM7AfzxnJgwaR7wORZiosyDy9/EenM2J8Msu9WEq3Ln8S+UFK2hQ07oe
QHR6GszwgvxF+aRtp8gdMMcDTwRdohYYSHsUdloTlKyGCvpLFbLorYj44Zcof+8f
CpoHVa3i9Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:10:12 2024 by rpki-client on console-fra.rpki-client.org