Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YfvYiH2oRHExjYOISsAF8BtE_Uk.cer
File:                     YfvYiH2oRHExjYOISsAF8BtE_Uk.cer (raw, json)
Hash identifier:          Uug5/yFthIorIylT+a88GwZgGOaO2jKInGANPzxxmpM=
Subject key identifier:   61:FB:D8:88:7D:A8:44:71:31:8D:83:88:4A:C0:05:F0:1B:44:FD:49
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018E79977BD51F431E3B7F06572744EB3A6E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/YfvYiH2oRHExjYOISsAF8BtE_Uk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 26 Mar 2024 07:09:14 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 203412
                          IP: 79.142.36.0/24
                          IP: 79.142.44.0/22
                          IP: 185.125.172.0/22
                          IP: 2a07:f00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:79:97:7b:d5:1f:43:1e:3b:7f:06:57:27:44:eb:3a:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 26 07:09:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=61fbd8887da84471318d83884ac005f01b44fd49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:2e:20:26:43:b2:62:32:29:6e:9a:bb:9d:7e:
                    89:21:0b:27:0e:af:17:e0:fd:34:7b:01:13:e5:19:
                    89:20:9d:ab:1f:62:fb:69:01:5b:b8:42:32:58:ea:
                    a3:cf:08:db:b3:5b:90:6e:c4:5c:09:1b:8e:3c:03:
                    f9:13:13:91:a2:cc:98:ed:1b:14:39:4f:b2:93:75:
                    12:52:5c:02:65:7b:bf:be:f9:46:f0:45:ff:d6:d2:
                    1f:1e:44:e1:af:22:f0:19:0c:d0:89:b7:e6:b5:b3:
                    11:c1:73:5e:b7:9e:51:c7:49:47:7b:80:e4:a2:1d:
                    39:a6:ce:c2:1b:fa:ca:78:cb:52:ae:35:64:7f:5a:
                    d0:93:04:39:42:d6:8e:ef:a5:2b:de:4d:44:4d:92:
                    b1:db:e6:42:9a:05:1e:38:aa:2e:e0:85:c4:14:4f:
                    de:f8:cb:fa:d2:4a:f9:02:d4:7c:d8:9c:49:00:f6:
                    21:65:11:77:c4:28:01:ea:f1:48:91:33:78:3d:6d:
                    a6:f6:88:f9:4d:4e:67:79:a9:d0:82:b9:95:4d:5f:
                    53:25:14:27:ed:f0:8f:27:54:e4:97:b1:e4:83:51:
                    88:07:59:4c:3e:61:f2:c6:da:f7:44:5f:0f:4b:73:
                    b7:92:a9:c1:c2:c6:a6:5c:ae:fb:b6:93:9d:53:45:
                    23:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FB:D8:88:7D:A8:44:71:31:8D:83:88:4A:C0:05:F0:1B:44:FD:49
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/YfvYiH2oRHExjYOISsAF8BtE_Uk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.142.36.0/24
                  79.142.44.0/22
                  185.125.172.0/22
                IPv6:
                  2a07:f00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203412

    Signature Algorithm: sha256WithRSAEncryption
         37:32:f1:c4:92:50:8f:19:c5:ab:cb:ee:76:ef:31:5e:bd:76:
         cf:be:8c:5f:35:13:6f:92:c0:ae:bd:ce:38:69:85:ff:49:fb:
         5c:95:d5:cc:0a:3d:47:35:42:32:7b:fe:5a:d9:3e:3f:07:9e:
         43:1b:cb:aa:f5:cb:8d:c6:be:95:31:93:fd:cf:16:31:b7:75:
         da:50:8d:4d:03:cd:24:c8:d1:a7:dc:17:e7:ba:c7:d9:ec:de:
         29:51:54:b6:8b:9c:45:a4:fc:38:92:b3:93:c8:d1:9d:2b:40:
         fa:53:1f:5e:b6:1d:02:8a:47:e4:78:1e:59:f3:62:e9:b0:95:
         42:3e:a5:87:31:9e:a5:84:cf:b5:38:2e:33:0f:6c:9f:e3:12:
         b8:0b:3c:63:37:ea:42:62:4f:0d:ae:b7:90:fa:6a:3f:77:3f:
         7d:00:e8:21:8e:2e:bc:28:85:c2:0d:b7:51:b8:ef:63:8d:ce:
         da:da:0d:b3:1f:e2:c1:1e:81:02:cb:9c:93:99:fb:ff:b7:c5:
         ff:fa:6c:0e:36:e3:4b:71:04:be:c4:a1:89:6e:8e:f6:07:49:
         24:9d:83:bd:e4:d6:d8:3f:b3:a2:41:c2:5c:83:60:11:96:4b:
         db:48:88:28:5b:56:03:fa:d9:fb:51:29:8f:28:a7:79:a5:5b:
         be:c1:8d:71
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAY55l3vVH0MeO38GVydE6zpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzI2MDcwOTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZiZDg4ODdkYTg0NDcxMzE4ZDgzODg0YWMwMDVmMDFiNDRmZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS4gJkOyYjIpbpq7nX6JIQsnDq8X
4P00ewET5RmJIJ2rH2L7aQFbuEIyWOqjzwjbs1uQbsRcCRuOPAP5ExORosyY7RsU
OU+yk3USUlwCZXu/vvlG8EX/1tIfHkThryLwGQzQibfmtbMRwXNet55Rx0lHe4Dk
oh05ps7CG/rKeMtSrjVkf1rQkwQ5QtaO76Ur3k1ETZKx2+ZCmgUeOKou4IXEFE/e
+Mv60kr5AtR82JxJAPYhZRF3xCgB6vFIkTN4PW2m9oj5TU5neanQgrmVTV9TJRQn
7fCPJ1Tkl7Hkg1GIB1lMPmHyxtr3RF8PS3O3kqnBwsamXK77tpOdU0UjVwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFGH72Ih9qERxMY2DiErABfAbRP1JMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzBjZTU2
OS1hYjhlLTQ3MTItOTQ5YS1jZWM5ZTE3ZjUwNGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvMGNlNTY5
LWFiOGUtNDcxMi05NDlhLWNlYzllMTdmNTA0Yi8xL1lmdllpSDJvUkhFeGpZT0lT
c0FGOEJ0RV9Vay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQAT44kAwQCT44sAwQCuX2sMA0EAgACMAcDBQMq
Bw8AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMalDANBgkqhkiG9w0BAQsFAAOC
AQEANzLxxJJQjxnFq8vudu8xXr12z76MXzUTb5LArr3OOGmF/0n7XJXVzAo9RzVC
Mnv+Wtk+PweeQxvLqvXLjca+lTGT/c8WMbd12lCNTQPNJMjRp9wX57rH2ezeKVFU
toucRaT8OJKzk8jRnStA+lMfXrYdAopH5HgeWfNi6bCVQj6lhzGepYTPtTguMw9s
n+MSuAs8YzfqQmJPDa63kPpqP3c/fQDoIY4uvCiFwg23UbjvY43O2toNsx/iwR6B
Asuck5n7/7fF//psDjbjS3EEvsShiW6O9gdJJJ2DveTW2D+zokHCXINgEZZL20iI
KFtWA/rZ+1EpjyineaVbvsGNcQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:14:49 2024 by rpki-client on console-fra.rpki-client.org