Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
File:                     WuRDcClllTn1T5ALNeQ74GqUs3s.cer (raw, json)
Hash identifier:          YdSlkGp/S+/+uChlzd1JybnQWW129Agdd1E2OvVTIAs=
Subject key identifier:   5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2C4848918AF4110B30342B6E6CAE4C5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:05:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 62079
                          AS: 207841
                          IP: 185.1.232.0/24
                          IP: 193.57.144.0/24
                          IP: 193.57.159.0/24
                          IP: 193.57.167.0 -- 193.57.168.255
                          IP: 2001:7f8:123::/48
                          IP: 2a0f:85c0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 May 2024 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:c4:84:89:18:af:41:10:b3:03:42:b6:e6:ca:e4:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:05:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:9c:9b:b3:78:9e:89:07:10:3e:3a:77:4f:f4:
                    6d:56:90:7c:18:99:c6:43:a4:17:39:ee:c3:9a:94:
                    ba:94:14:c6:b1:84:6c:7f:9d:10:06:f6:77:cc:7f:
                    d1:23:0a:85:a4:3c:8c:95:80:8a:2e:96:d5:f4:f3:
                    0f:14:bb:46:99:fd:3f:98:1a:04:b0:16:62:3c:96:
                    cc:fa:9e:3c:f1:fa:67:8c:17:40:b2:9d:e4:ac:3b:
                    ee:eb:ce:4b:ee:e8:f5:e3:2b:b7:ee:53:c1:97:67:
                    7e:ea:3f:9d:f4:30:a5:48:db:34:56:38:39:31:86:
                    50:7d:d6:69:bd:5e:60:e6:03:2a:39:49:c7:ce:dd:
                    ed:bd:df:12:ce:4b:ce:55:8e:0a:48:a8:db:f6:16:
                    df:48:44:1b:23:4f:04:41:4c:61:d4:26:1d:b1:ef:
                    12:3d:99:23:4e:fb:ee:1c:43:3b:49:ef:60:ff:80:
                    70:fb:f9:4e:81:a4:98:09:39:e4:ce:1d:d8:7d:83:
                    04:7c:08:50:04:8f:39:0a:a1:d6:83:9a:b0:9b:c8:
                    46:52:6e:94:15:01:e6:77:2f:ec:5d:db:eb:89:1b:
                    f1:70:75:ba:1b:28:36:b5:a0:d9:63:6d:59:38:97:
                    ff:c3:a0:81:c9:4e:96:2d:c2:cc:9c:16:a1:e6:44:
                    be:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.232.0/24
                  193.57.144.0/24
                  193.57.159.0/24
                  193.57.167.0-193.57.168.255
                IPv6:
                  2001:7f8:123::/48
                  2a0f:85c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62079
                  207841

    Signature Algorithm: sha256WithRSAEncryption
         44:41:b5:13:d8:14:3e:21:2f:be:24:f9:a7:68:43:44:7b:a7:
         06:2e:93:a2:e9:49:77:98:f1:53:bc:60:c8:bd:a1:a3:af:d0:
         23:3b:41:05:ae:64:c8:18:9c:ae:f0:98:87:00:d1:fe:58:67:
         07:c6:31:c1:be:78:bd:9c:f5:9d:e0:94:bc:45:ee:ac:a2:00:
         06:d2:72:71:b2:dc:8c:43:61:ed:79:0f:85:f3:de:85:19:84:
         5e:f0:a6:b8:e3:35:0f:d5:e1:82:72:06:c6:47:f6:4a:1e:f3:
         f7:bc:7f:ea:c1:fe:33:8d:45:51:a7:c8:1b:2d:e9:2e:04:80:
         43:c5:a3:c7:14:76:a4:91:07:93:bf:1d:9d:9d:87:ee:b0:fe:
         9c:af:be:be:95:02:99:ab:10:87:ff:d1:e2:c1:b7:76:c7:d7:
         56:ab:0d:fa:92:cd:2c:96:fa:b1:82:c2:ac:07:c5:14:44:a9:
         c2:ba:18:f1:4e:dc:cd:ce:7a:cd:6f:5f:21:dd:db:5b:4e:3d:
         a7:25:d3:8c:75:09:48:78:42:0d:9a:6a:82:6d:c1:e7:e0:fb:
         91:1d:82:f7:a3:bc:65:86:ad:8b:42:39:d0:c3:f5:27:dc:56:
         c2:56:73:de:a1:d4:52:8d:1e:22:5f:21:dd:95:a0:97:0d:b8:
         38:2c:fd:74
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYzCxISJGK9BELMDQrbmyuTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIwNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWU0NDM3MDI5NjU5NTM5ZjU0ZjkwMGIzNWU0M2JlMDZhOTRiMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupybs3ieiQcQPjp3T/RtVpB8GJnG
Q6QXOe7DmpS6lBTGsYRsf50QBvZ3zH/RIwqFpDyMlYCKLpbV9PMPFLtGmf0/mBoE
sBZiPJbM+p488fpnjBdAsp3krDvu685L7uj14yu37lPBl2d+6j+d9DClSNs0Vjg5
MYZQfdZpvV5g5gMqOUnHzt3tvd8SzkvOVY4KSKjb9hbfSEQbI08EQUxh1CYdse8S
PZkjTvvuHEM7Se9g/4Bw+/lOgaSYCTnkzh3YfYMEfAhQBI85CqHWg5qwm8hGUm6U
FQHmdy/sXdvriRvxcHW6Gyg2taDZY21ZOJf/w6CByU6WLcLMnBah5kS+swIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFFrkQ3ApZZU59U+QCzXkO+BqlLN7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBh
ZGQzLWE4OGUtNGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMy
MGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvNUFFNDQzNzAyOTY1
OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAwJgQCAAEwIAME
ALkB6AMEAME5kAMEAME5nzAMAwQAwTmnAwQAwTmoMBYEAgACMBADBwAgAQf4ASMD
BQMqD4XAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDyfwIDAyvhMA0GCSqGSIb3
DQEBCwUAA4IBAQBEQbUT2BQ+IS++JPmnaENEe6cGLpOi6Ul3mPFTvGDIvaGjr9Aj
O0EFrmTIGJyu8JiHANH+WGcHxjHBvni9nPWd4JS8Re6sogAG0nJxstyMQ2HteQ+F
896FGYRe8Ka44zUP1eGCcgbGR/ZKHvP3vH/qwf4zjUVRp8gbLekuBIBDxaPHFHak
kQeTvx2dnYfusP6cr76+lQKZqxCH/9Hiwbd2x9dWqw36ks0slvqxgsKsB8UURKnC
uhjxTtzNznrNb18h3dtbTj2nJdOMdQlIeEINmmqCbcHn4PuRHYL3o7xlhq2LQjnQ
w/Un3FbCVnPeodRSjR4iXyHdlaCXDbg4LP10
-----END CERTIFICATE-----
Generated at Sun May 26 21:13:57 2024 by rpki-client on console-ams.rpki-client.org