Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YFAJnjNUCdsDrBEz0WTwKg1dxm8.cer
File:                     YFAJnjNUCdsDrBEz0WTwKg1dxm8.cer (raw, json)
Hash identifier:          p8bJRSQZ5XKM06ZCSYb7B+5O/ttvfqgvQOpQqmdgJz4=
Subject key identifier:   60:50:09:9E:33:54:09:DB:03:AC:11:33:D1:64:F0:2A:0D:5D:C6:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC42462C3F6855DF79EA2BA1974521065
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ac/0c55d2-c89c-46d6-ba35-4c65bd33d6f6/1/YFAJnjNUCdsDrBEz0WTwKg1dxm8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ac/0c55d2-c89c-46d6-ba35-4c65bd33d6f6/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:29:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 25420
                          IP: 77.244.48.0/20

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:62:c3:f6:85:5d:f7:9e:a2:ba:19:74:52:10:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:29:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6050099e335409db03ac1133d164f02a0d5dc66f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ee:a7:5a:73:5c:9d:c3:c0:d0:a6:4a:0f:ce:
                    66:96:c5:eb:89:e5:97:e2:93:74:75:33:d5:ca:8d:
                    0c:02:0d:4f:0b:b0:bf:b5:51:1b:c9:43:0f:d4:ca:
                    8b:b4:39:83:91:8c:be:e7:d9:cb:79:b1:91:ef:ab:
                    f1:c8:75:91:d7:04:66:0a:ff:c3:42:92:74:dd:18:
                    89:4c:cb:8b:24:49:c4:0b:51:67:e5:9e:a8:ab:4c:
                    55:97:3d:2c:f0:ac:a4:f2:53:23:70:8f:5a:35:85:
                    bf:7e:b9:75:c9:6c:9a:94:2c:7c:db:1e:25:bf:46:
                    19:b3:4e:66:51:65:2a:1d:f9:6f:91:a0:8f:10:a8:
                    31:1c:94:2c:fc:2e:27:ba:f9:87:cb:10:62:00:a0:
                    ef:1b:3c:e1:e0:b8:5c:69:7c:a2:7c:d9:45:f4:d1:
                    e1:86:4e:93:ff:0b:ce:f6:b7:6b:f8:6c:95:f8:3e:
                    8b:a4:cf:8b:79:b3:0f:bf:59:9e:8e:fa:c0:f3:37:
                    4b:d4:86:b0:9f:bf:77:cb:0c:c2:20:41:f1:1f:80:
                    9b:c2:76:df:1a:8c:f0:ad:9e:75:74:74:3c:64:73:
                    a9:7d:2f:38:db:3a:8c:72:36:5b:24:e5:fa:d6:bc:
                    d0:a0:e6:5e:35:04:43:98:a3:9e:22:c2:82:c8:7f:
                    da:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:50:09:9E:33:54:09:DB:03:AC:11:33:D1:64:F0:2A:0D:5D:C6:6F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0c55d2-c89c-46d6-ba35-4c65bd33d6f6/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0c55d2-c89c-46d6-ba35-4c65bd33d6f6/1/YFAJnjNUCdsDrBEz0WTwKg1dxm8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.244.48.0/20

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  25420

    Signature Algorithm: sha256WithRSAEncryption
         07:f0:34:1a:17:48:b8:b3:2f:9f:07:9a:62:fa:8a:53:42:ae:
         95:4f:b9:b1:30:ab:b6:30:0e:97:13:e3:36:6b:26:58:d3:20:
         45:ea:79:7a:a2:e1:83:ac:b1:eb:ae:a1:1b:64:d0:cc:e1:9e:
         43:e6:da:77:01:cb:fb:d4:19:c7:2f:24:2c:94:28:e8:d1:12:
         db:97:c1:52:98:08:63:9a:8e:c9:5d:03:ad:21:b2:5b:37:01:
         50:84:d7:be:81:ba:5a:93:96:28:08:54:e8:74:a1:73:a5:71:
         48:77:68:30:e2:f6:eb:af:69:58:a3:3c:b3:b0:cc:45:11:41:
         78:ac:0a:86:b4:81:96:7b:09:70:aa:f3:e9:79:dd:6e:52:0e:
         b8:2d:4d:59:fb:91:56:0a:27:4a:09:f5:15:69:36:ed:f2:e9:
         ff:11:ae:7b:22:47:a9:eb:ca:69:af:0c:80:9c:6c:de:7d:a2:
         82:cc:2e:d9:5c:f9:82:d1:0d:6c:99:33:48:62:e1:25:c0:2c:
         29:e0:d7:fb:65:49:f9:c3:a0:a3:81:4c:d0:7b:ef:5a:a9:99:
         e2:09:8c:8a:fe:ca:a5:c1:44:d5:9b:66:50:27:cb:d4:63:29:
         da:4a:7a:27:65:7b:04:a0:34:94:da:af:16:b6:69:57:fd:e4:
         86:52:d9:83
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzEJGLD9oVd956iuhl0UhBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUwMDk5ZTMzNTQwOWRiMDNhYzExMzNkMTY0ZjAyYTBkNWRjNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe6nWnNcncPA0KZKD85mlsXrieWX
4pN0dTPVyo0MAg1PC7C/tVEbyUMP1MqLtDmDkYy+59nLebGR76vxyHWR1wRmCv/D
QpJ03RiJTMuLJEnEC1Fn5Z6oq0xVlz0s8Kyk8lMjcI9aNYW/frl1yWyalCx82x4l
v0YZs05mUWUqHflvkaCPEKgxHJQs/C4nuvmHyxBiAKDvGzzh4LhcaXyifNlF9NHh
hk6T/wvO9rdr+GyV+D6LpM+LebMPv1mejvrA8zdL1Iawn793ywzCIEHxH4Cbwnbf
GozwrZ51dHQ8ZHOpfS842zqMcjZbJOX61rzQoOZeNQRDmKOeIsKCyH/a7QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFGBQCZ4zVAnbA6wRM9Fk8CoNXcZvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FjLzBjNTVk
Mi1jODljLTQ2ZDYtYmEzNS00YzY1YmQzM2Q2ZjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMvMGM1NWQy
LWM4OWMtNDZkNi1iYTM1LTRjNjViZDMzZDZmNi8xL1lGQUpuak5VQ2RzRHJCRXow
V1R3S2cxZHhtOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQETfQwMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AmNMMA0GCSqGSIb3DQEBCwUAA4IBAQAH8DQaF0i4sy+fB5pi+opTQq6VT7mxMKu2
MA6XE+M2ayZY0yBF6nl6ouGDrLHrrqEbZNDM4Z5D5tp3Acv71BnHLyQslCjo0RLb
l8FSmAhjmo7JXQOtIbJbNwFQhNe+gbpak5YoCFTodKFzpXFId2gw4vbrr2lYozyz
sMxFEUF4rAqGtIGWewlwqvPped1uUg64LU1Z+5FWCidKCfUVaTbt8un/Ea57Ikep
68pprwyAnGzefaKCzC7ZXPmC0Q1smTNIYuElwCwp4Nf7ZUn5w6CjgUzQe+9aqZni
CYyK/sqlwUTVm2ZQJ8vUYynaSnonZXsEoDSU2q8WtmlX/eSGUtmD
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:10:35 2024 by rpki-client on console-fra.rpki-client.org