Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
File:                     _OoI6EId8vJFx8szPudqFKiILUo.cer (raw, json)
Hash identifier:          okNT3HxLOO9dH047bVH9t9xLXWa32PIshC242znCNhE=
Subject key identifier:   FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86EFB5E6BB2A650B9891E9A20E5BDF8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:29:25 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 208662
                          IP: 45.86.104.0/22
                          IP: 2a0f:95c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6e:fb:5e:6b:b2:a6:50:b9:89:1e:9a:20:e5:bd:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:27:3e:2a:14:c2:e4:24:e3:1c:41:f7:48:24:
                    84:ab:3f:de:bd:86:ce:b9:66:30:48:eb:64:9c:3d:
                    50:2d:3a:d5:37:4b:fc:5a:bb:64:5b:74:36:df:f3:
                    2c:66:33:60:77:a1:48:09:ea:90:c9:7b:de:86:0b:
                    56:71:00:2a:9e:8f:3e:55:b1:0a:46:c2:fb:5f:d4:
                    aa:04:89:0a:70:e9:30:02:7f:ba:bf:8a:02:51:e6:
                    1a:db:c1:1c:1d:e8:4b:90:25:2a:24:ae:83:31:55:
                    b9:0d:08:f5:38:d4:d9:28:a3:28:a6:91:45:db:b1:
                    48:34:34:fa:70:50:81:3c:8d:b2:93:0c:6a:24:de:
                    7e:d2:f1:af:08:3d:fa:2b:f2:32:a7:ff:66:8c:29:
                    ee:4d:a6:f4:6b:33:43:dd:71:24:31:33:13:12:32:
                    84:d2:3d:a7:ec:9e:54:57:6f:6f:dd:16:8e:1e:f4:
                    02:dd:93:60:21:fb:dc:b9:2f:2e:e1:7a:71:ad:3e:
                    c4:6a:30:05:af:ba:d7:3f:b9:48:7e:2b:c2:23:db:
                    81:46:05:e5:3b:bd:f0:63:23:e6:4f:a0:c0:bd:d4:
                    42:5f:c7:f5:58:ed:e0:d6:1d:80:41:8c:fe:1c:00:
                    13:c7:03:2a:5d:4b:ab:0e:2d:e5:46:14:2e:77:05:
                    ca:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.104.0/22
                IPv6:
                  2a0f:95c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208662

    Signature Algorithm: sha256WithRSAEncryption
         a9:a8:27:1c:42:ad:0c:84:b5:b1:0e:89:25:ee:96:f0:5e:45:
         63:4a:da:a0:93:62:d8:59:b3:5d:c3:2a:2f:21:a5:c0:20:ca:
         ef:d5:5c:5c:08:92:a8:4c:6c:6d:1d:02:c7:59:7f:d0:cc:17:
         4f:07:8d:e9:46:c9:33:18:1a:7f:dc:90:f6:49:08:39:98:54:
         17:39:b2:7d:5c:c7:7c:f3:28:9f:60:fe:0b:cd:a2:7b:91:d4:
         4d:25:46:3d:90:05:fd:a1:7b:e0:01:6a:bd:bf:83:79:e4:27:
         c0:d2:9a:4d:e0:d1:3c:1a:ba:4d:7e:3a:da:9b:ba:7c:cf:3c:
         56:04:84:d8:b6:c7:90:58:d9:ce:0e:f3:ad:48:f4:be:e1:16:
         84:21:8a:30:0d:12:a4:cd:4e:19:5e:0f:58:0c:35:07:33:fb:
         62:48:c0:86:4f:04:5d:0a:e4:33:9c:4c:e2:60:85:5d:e1:45:
         f5:18:08:f0:16:56:a8:eb:c1:43:d6:9b:c2:86:20:05:52:eb:
         75:5a:2e:03:a1:fe:e3:08:a4:a3:67:70:e6:9e:3a:a3:dc:3a:
         b9:1f:a0:36:b6:92:f6:49:3a:80:3e:ad:b3:01:dd:3f:b6:e8:
         94:50:c3:af:8a:c7:bb:e8:dd:7f:9e:1d:57:06:6f:1d:72:56:
         3a:45:33:a2
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIbvtea7KmULmJHpog5b34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VhMDhlODQyMWRmMmYyNDVjN2NiMzMzZWU3NmExNGE4ODgyZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ic+KhTC5CTjHEH3SCSEqz/evYbO
uWYwSOtknD1QLTrVN0v8WrtkW3Q23/MsZjNgd6FICeqQyXvehgtWcQAqno8+VbEK
RsL7X9SqBIkKcOkwAn+6v4oCUeYa28EcHehLkCUqJK6DMVW5DQj1ONTZKKMoppFF
27FINDT6cFCBPI2ykwxqJN5+0vGvCD36K/Iyp/9mjCnuTab0azND3XEkMTMTEjKE
0j2n7J5UV29v3RaOHvQC3ZNgIfvcuS8u4XpxrT7EajAFr7rXP7lIfivCI9uBRgXl
O73wYyPmT6DAvdRCX8f1WO3g1h2AQYz+HAATxwMqXUurDi3lRhQudwXKxwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPzqCOhCHfLyRcfLMz7nahSoiC1KMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y1L2VhN2U2
MS05OGIzLTQxMjAtODNjZS1jMDc3ZTE3MDJiYzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUvZWE3ZTYx
LTk4YjMtNDEyMC04M2NlLWMwNzdlMTcwMmJjNy8xL19Pb0k2RUlkOHZKRng4c3pQ
dWRxRktpSUxVby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLVZoMA0EAgACMAcDBQAqD5XAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMvFjANBgkqhkiG9w0BAQsFAAOCAQEAqagnHEKtDIS1
sQ6JJe6W8F5FY0raoJNi2FmzXcMqLyGlwCDK79VcXAiSqExsbR0Cx1l/0MwXTweN
6UbJMxgaf9yQ9kkIOZhUFzmyfVzHfPMon2D+C82ie5HUTSVGPZAF/aF74AFqvb+D
eeQnwNKaTeDRPBq6TX462pu6fM88VgSE2LbHkFjZzg7zrUj0vuEWhCGKMA0SpM1O
GV4PWAw1BzP7YkjAhk8EXQrkM5xM4mCFXeFF9RgI8BZWqOvBQ9abwoYgBVLrdVou
A6H+4wiko2dw5p46o9w6uR+gNraS9kk6gD6tswHdP7bolFDDr4rHu+jdf54dVwZv
HXJWOkUzog==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:21:09 2024 by rpki-client on console-fra.rpki-client.org