Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y_qsKbkFNPkan7DrYxjwAZRRxu4.cer
File:                     Y_qsKbkFNPkan7DrYxjwAZRRxu4.cer (raw, json)
Hash identifier:          L14nRBS8/YPrT1tC5Py0zbtmsbtcA2IaXZOGDNLphPs=
Subject key identifier:   63:FA:AC:29:B9:05:34:F9:1A:9F:B0:EB:63:18:F0:01:94:51:C6:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC7949591DB423DFAD81A7B27E82C5FDC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/48/661285-7965-4fa4-baab-74c1405c3475/1/Y_qsKbkFNPkan7DrYxjwAZRRxu4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/48/661285-7965-4fa4-baab-74c1405c3475/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:30:52 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 193.73.211.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:95:91:db:42:3d:fa:d8:1a:7b:27:e8:2c:5f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:30:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=63faac29b90534f91a9fb0eb6318f0019451c6ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5b:fd:60:5e:d6:5a:1f:fe:07:65:e3:14:8e:
                    6f:b4:d0:c9:4b:44:ed:f1:58:01:f2:85:5b:cb:a0:
                    9f:8a:40:55:2e:cf:fa:7c:07:02:9e:08:c3:84:4b:
                    a9:e8:47:3b:6c:9e:4b:0d:cb:f0:a6:b8:4e:f7:ef:
                    45:1a:6e:f9:85:1e:83:03:84:4a:9f:a9:99:2c:54:
                    8d:51:cb:db:ab:e5:ec:85:c5:69:62:6d:3f:cb:65:
                    41:0f:0a:73:04:7d:1a:ee:74:ab:ba:47:2a:19:09:
                    90:48:ea:2f:78:87:ce:13:ee:22:72:ea:5b:af:f8:
                    2a:f0:e9:e5:0f:83:78:99:b6:7d:52:66:5f:0a:c5:
                    0d:c8:79:22:0a:62:4e:b4:e9:d2:98:b4:7a:70:81:
                    7f:b8:6b:31:14:0f:f2:6a:d2:57:42:ee:da:20:95:
                    e8:c3:ac:ff:07:55:c9:4d:47:06:b5:9f:01:8b:20:
                    ce:4f:a5:e7:0c:63:9c:e9:b9:b7:08:b9:77:cf:d7:
                    8e:6b:02:d3:17:2e:53:92:8a:b6:90:c3:9c:94:2f:
                    5f:f4:a3:ee:43:77:16:d7:34:1e:f5:2a:76:3a:af:
                    68:a1:d5:44:17:81:2a:e6:18:87:93:0f:5d:19:97:
                    5e:59:e1:4f:76:1c:4d:fe:69:38:b6:ca:58:4b:42:
                    99:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:FA:AC:29:B9:05:34:F9:1A:9F:B0:EB:63:18:F0:01:94:51:C6:EE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/661285-7965-4fa4-baab-74c1405c3475/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/661285-7965-4fa4-baab-74c1405c3475/1/Y_qsKbkFNPkan7DrYxjwAZRRxu4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.73.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:24:d5:00:8f:d4:02:86:dc:53:7f:2b:ac:e3:8f:16:08:75:
         b5:ac:6f:d0:34:65:04:01:0d:0e:17:0b:df:92:fd:47:07:28:
         48:37:1b:1d:4d:51:8c:5f:43:11:41:48:d8:cc:5b:76:e8:75:
         bf:ba:b0:1c:fa:5e:b8:bc:2c:68:cf:1f:81:73:73:c9:e5:8c:
         a2:ad:0f:8d:c4:ad:90:a1:d6:10:24:3f:fe:ac:25:99:37:4e:
         11:d3:47:f4:77:25:b2:5a:17:b8:49:7d:7f:16:de:1d:21:e0:
         ba:88:8a:0d:59:58:30:9f:47:6d:55:4c:98:b3:5b:d8:c4:6a:
         49:71:94:4d:30:a8:c3:dc:4f:13:f9:d0:b9:7c:ad:c5:03:12:
         66:6c:d6:d1:48:76:51:7e:31:8f:20:18:c0:d1:6a:d3:c8:23:
         a2:7c:56:61:0c:46:b3:72:37:5e:f8:d0:39:a8:e3:7d:d9:c8:
         c7:ff:d0:40:66:55:eb:a4:cf:37:91:46:ad:e6:f2:64:79:3e:
         df:9a:d7:ca:4e:cd:3a:5d:80:fe:83:a5:7b:0c:2d:89:1a:20:
         89:c9:1b:f1:e9:60:35:07:54:0f:20:d4:8c:88:7f:32:17:91:
         b3:d9:ac:97:7a:d2:8f:93:93:57:39:21:6e:e7:39:0e:f3:e1:
         67:9d:c8:65
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzHlJWR20I9+tgaeyfoLF/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2ZhYWMyOWI5MDUzNGY5MWE5ZmIwZWI2MzE4ZjAwMTk0NTFjNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1v9YF7WWh/+B2XjFI5vtNDJS0Tt
8VgB8oVby6CfikBVLs/6fAcCngjDhEup6Ec7bJ5LDcvwprhO9+9FGm75hR6DA4RK
n6mZLFSNUcvbq+XshcVpYm0/y2VBDwpzBH0a7nSrukcqGQmQSOoveIfOE+4icupb
r/gq8OnlD4N4mbZ9UmZfCsUNyHkiCmJOtOnSmLR6cIF/uGsxFA/yatJXQu7aIJXo
w6z/B1XJTUcGtZ8BiyDOT6XnDGOc6bm3CLl3z9eOawLTFy5Tkoq2kMOclC9f9KPu
Q3cW1zQe9Sp2Oq9oodVEF4Eq5hiHkw9dGZdeWeFPdhxN/mk4tspYS0KZAwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGP6rCm5BTT5Gp+w62MY8AGUUcbuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ4LzY2MTI4
NS03OTY1LTRmYTQtYmFhYi03NGMxNDA1YzM0NzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgvNjYxMjg1
LTc5NjUtNGZhNC1iYWFiLTc0YzE0MDVjMzQ3NS8xL1lfcXNLYmtGTlBrYW43RHJZ
eGp3QVpSUnh1NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwUnTMA0GCSqGSIb3DQEBCwUAA4IBAQCqJNUA
j9QChtxTfyus448WCHW1rG/QNGUEAQ0OFwvfkv1HByhINxsdTVGMX0MRQUjYzFt2
6HW/urAc+l64vCxozx+Bc3PJ5YyirQ+NxK2QodYQJD/+rCWZN04R00f0dyWyWhe4
SX1/Ft4dIeC6iIoNWVgwn0dtVUyYs1vYxGpJcZRNMKjD3E8T+dC5fK3FAxJmbNbR
SHZRfjGPIBjA0WrTyCOifFZhDEazcjde+NA5qON92cjH/9BAZlXrpM83kUat5vJk
eT7fmtfKTs06XYD+g6V7DC2JGiCJyRvx6WA1B1QPINSMiH8yF5Gz2ayXetKPk5NX
OSFu5zkO8+Fnnchl
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:55:09 2024 by rpki-client on console-fra.rpki-client.org