Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_sY8Uk5V3zS_dYKCd1PnenaZx6I.cer
File:                     _sY8Uk5V3zS_dYKCd1PnenaZx6I.cer (raw, json)
Hash identifier:          5zwtvQiuogM/iCRO7F4N0B8CksyqCRLgBkpdoDmY5qA=
Subject key identifier:   FE:C6:3C:52:4E:55:DF:34:BF:75:82:82:77:53:E7:7A:76:99:C7:A2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA99E720FC1DCED33977EB43F22B8BF6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/84/cca115-2b93-4afd-ad02-b31df7117715/1/_sY8Uk5V3zS_dYKCd1PnenaZx6I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/84/cca115-2b93-4afd-ad02-b31df7117715/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 14:35:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 31396
                          IP: 193.30.42.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:e7:20:fc:1d:ce:d3:39:77:eb:43:f2:2b:8b:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:35:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fec63c524e55df34bf7582827753e77a7699c7a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:77:f5:05:fe:64:a2:f9:a1:f6:29:33:52:1e:
                    91:be:24:b1:34:7e:37:43:71:b9:ac:96:1d:14:6c:
                    64:08:ae:fb:87:3a:37:23:19:23:a5:df:51:33:18:
                    90:2d:87:22:a2:4c:f1:b3:70:30:e8:5d:a4:ba:ef:
                    c5:72:79:a9:87:bf:b4:6d:e0:71:0f:45:95:3f:42:
                    21:2a:84:8c:79:05:8c:2d:1f:16:e2:92:2e:b5:2b:
                    a4:b2:ed:4d:e1:ed:25:4a:c8:58:72:27:d6:b7:c2:
                    3a:79:8a:1c:96:b6:09:a3:0a:54:6b:0b:73:ad:7a:
                    55:22:93:90:17:d2:6a:ce:49:4c:8c:48:2a:1a:90:
                    53:ea:41:a9:32:89:ef:c7:42:40:67:78:f4:35:ef:
                    b3:0f:a3:c3:5a:03:01:01:a0:30:35:2f:56:e2:01:
                    db:fb:95:33:7a:f7:5e:a6:bd:f5:a6:08:69:2f:63:
                    e2:a1:17:c5:ab:e1:61:b4:54:39:54:df:e5:b8:dd:
                    d3:04:4f:a6:4d:66:14:15:ef:aa:22:a5:a0:f4:16:
                    95:1c:dc:cb:6b:9e:c5:25:2b:cb:45:58:2f:f7:42:
                    3c:59:be:0a:d0:36:1f:92:8a:c8:e3:57:6b:a1:36:
                    b2:f1:ea:10:fd:52:ca:76:94:aa:27:6b:82:82:2f:
                    28:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C6:3C:52:4E:55:DF:34:BF:75:82:82:77:53:E7:7A:76:99:C7:A2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cca115-2b93-4afd-ad02-b31df7117715/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cca115-2b93-4afd-ad02-b31df7117715/1/_sY8Uk5V3zS_dYKCd1PnenaZx6I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.30.42.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  31396

    Signature Algorithm: sha256WithRSAEncryption
         63:88:d7:40:c3:79:c6:8d:ae:59:f5:99:9a:1f:8b:08:2b:3a:
         32:89:53:4a:d5:44:b9:3d:27:28:e6:eb:7a:ed:a1:e8:9d:06:
         e3:b9:85:bd:99:fb:f2:11:b4:75:e0:33:5b:8e:c1:0e:79:0e:
         da:d5:2d:4d:52:4a:b6:58:d7:c7:c4:b7:ab:a7:5d:05:b7:92:
         5b:3c:ad:6b:b2:48:2a:e5:59:f3:79:72:15:85:f1:b2:ed:de:
         54:ae:d3:ed:da:f9:cf:8c:0e:ae:cf:9a:f9:af:a4:31:bd:11:
         23:90:c8:d2:2e:53:86:e3:d6:b7:9b:29:e7:da:78:8f:fa:55:
         8e:8e:fa:ae:ce:59:6f:d1:df:b5:e6:7b:90:91:cf:21:20:16:
         77:10:91:43:55:a7:46:a9:32:81:a9:22:1f:c5:bd:7b:f0:d3:
         09:52:21:2c:67:b1:b9:83:e7:1e:45:a0:53:3c:15:97:e3:bd:
         1b:b9:c2:ff:0c:7e:59:81:1b:6e:e2:f5:8f:2b:ec:62:d1:a8:
         07:00:d4:85:c2:92:00:f4:1b:68:b4:f1:74:e2:4c:6e:e7:6a:
         81:ed:70:3b:95:29:fc:3f:43:c7:83:03:a3:fc:17:27:9d:a5:
         2a:89:dc:df:3e:5e:96:ba:6c:ad:36:f2:97:24:4c:c1:00:94:
         2c:5c:62:db
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzKmecg/B3O0zl360PyK4v2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWM2M2M1MjRlNTVkZjM0YmY3NTgyODI3NzUzZTc3YTc2OTljN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHf1Bf5kovmh9ikzUh6RviSxNH43
Q3G5rJYdFGxkCK77hzo3Ixkjpd9RMxiQLYciokzxs3Aw6F2kuu/Fcnmph7+0beBx
D0WVP0IhKoSMeQWMLR8W4pIutSuksu1N4e0lSshYcifWt8I6eYoclrYJowpUawtz
rXpVIpOQF9JqzklMjEgqGpBT6kGpMonvx0JAZ3j0Ne+zD6PDWgMBAaAwNS9W4gHb
+5Uzevdepr31pghpL2PioRfFq+FhtFQ5VN/luN3TBE+mTWYUFe+qIqWg9BaVHNzL
a57FJSvLRVgv90I8Wb4K0DYfkorI41droTay8eoQ/VLKdpSqJ2uCgi8ogQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFP7GPFJOVd80v3WCgndT53p2mceiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg0L2NjYTEx
NS0yYjkzLTRhZmQtYWQwMi1iMzFkZjcxMTc3MTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQvY2NhMTE1
LTJiOTMtNGFmZC1hZDAyLWIzMWRmNzExNzcxNS8xL19zWThVazVWM3pTX2RZS0Nk
MVBuZW5hWng2SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwR4qMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AnqkMA0GCSqGSIb3DQEBCwUAA4IBAQBjiNdAw3nGja5Z9ZmaH4sIKzoyiVNK1US5
PSco5ut67aHonQbjuYW9mfvyEbR14DNbjsEOeQ7a1S1NUkq2WNfHxLerp10Ft5Jb
PK1rskgq5VnzeXIVhfGy7d5UrtPt2vnPjA6uz5r5r6QxvREjkMjSLlOG49a3mynn
2niP+lWOjvquzllv0d+15nuQkc8hIBZ3EJFDVadGqTKBqSIfxb178NMJUiEsZ7G5
g+ceRaBTPBWX470bucL/DH5ZgRtu4vWPK+xi0agHANSFwpIA9BtotPF04kxu52qB
7XA7lSn8P0PHgwOj/BcnnaUqidzfPl6WumytNvKXJEzBAJQsXGLb
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:18:21 2024 by rpki-client on console-ams.rpki-client.org