Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a15HDpDV693Mqpz2uyLoneDZ8gc.cer
File:                     a15HDpDV693Mqpz2uyLoneDZ8gc.cer (raw, json)
Hash identifier:          kUttnGYLAFbB7A2YvqlmrwstsqAAbprCDKCOGIB5Bh8=
Subject key identifier:   6B:5E:47:0E:90:D5:EB:DD:CC:AA:9C:F6:BB:22:E8:9D:E0:D9:F2:07
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2A85564567A89DC137F2D044130122
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1c/a82c10-5218-47a7-a7c4-eeb6daa75ec5/1/a15HDpDV693Mqpz2uyLoneDZ8gc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1c/a82c10-5218-47a7-a7c4-eeb6daa75ec5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:53 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198467
                          IP: 195.254.176.0/23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:85:56:45:67:a8:9d:c1:37:f2:d0:44:13:01:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6b5e470e90d5ebddccaa9cf6bb22e89de0d9f207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7a:89:95:b1:58:47:b0:ad:0f:f3:89:51:ad:
                    7c:58:e0:1d:9f:13:25:8f:9c:7a:be:ff:d2:53:39:
                    3c:96:c1:96:d7:76:bb:a0:97:e6:ac:25:fd:44:ed:
                    d6:f4:6c:84:a5:66:e0:2e:e4:2d:eb:19:ff:9c:72:
                    af:47:bb:92:c4:cd:7c:be:44:7e:fd:f1:b4:e7:0e:
                    2b:04:6b:11:05:31:e0:b8:1c:b9:6d:e3:80:d4:ee:
                    d9:4b:1a:16:93:17:9b:18:58:ff:16:f1:f9:8f:f5:
                    43:3b:43:62:0a:77:07:d7:5c:d9:3d:4b:97:87:ec:
                    78:b6:30:20:cb:35:bf:e4:ea:3b:0c:57:3d:7c:4c:
                    e8:aa:3e:fd:b4:88:ea:26:3d:7f:73:08:95:16:cc:
                    ec:05:21:91:83:38:f1:39:6b:67:04:30:1a:88:78:
                    59:5d:98:ac:e8:9e:30:fd:c8:2f:7f:af:e8:53:5c:
                    d6:29:3a:d5:74:2e:a0:60:5b:44:ff:1d:e6:fe:3b:
                    5e:cb:9a:28:d7:ea:e7:53:71:71:11:2c:11:ca:32:
                    90:f2:e8:06:f9:00:fb:94:3f:5a:27:34:92:96:72:
                    df:b8:b7:61:84:79:0d:e4:f7:0c:e7:b8:b5:cb:ca:
                    69:c9:f4:d2:df:d5:6a:fc:be:3b:e8:32:f5:77:68:
                    4f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:5E:47:0E:90:D5:EB:DD:CC:AA:9C:F6:BB:22:E8:9D:E0:D9:F2:07
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a82c10-5218-47a7-a7c4-eeb6daa75ec5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a82c10-5218-47a7-a7c4-eeb6daa75ec5/1/a15HDpDV693Mqpz2uyLoneDZ8gc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.254.176.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198467

    Signature Algorithm: sha256WithRSAEncryption
         2d:ad:a1:f2:d7:6f:ca:11:d0:2b:9a:5f:c0:4b:c5:48:74:f9:
         50:fd:50:a1:fd:39:04:52:fa:3e:84:75:6f:d5:a2:6c:fc:e2:
         0f:52:1a:98:d2:6b:d2:cc:b0:8d:bc:26:65:37:89:ac:32:4a:
         07:05:c9:0c:ac:73:d7:46:fd:f1:19:32:68:64:86:18:50:d1:
         fe:ca:20:b3:e0:a9:bf:52:32:c5:3e:9d:80:5f:d8:19:35:dd:
         7d:04:55:8c:bc:d2:60:0e:f2:ec:30:14:cf:97:23:d9:2c:56:
         42:df:ba:20:9e:d7:21:88:ec:68:ea:b6:c0:8a:3d:89:ea:28:
         42:e9:50:53:9b:bc:53:9c:6c:83:98:79:51:ab:42:34:1c:ae:
         ed:91:c5:15:f2:5b:69:2b:c0:7c:fb:96:ee:6c:dc:2b:b0:da:
         34:62:be:9e:ef:ce:d9:7b:23:3f:89:de:e1:36:29:37:40:5f:
         6c:e9:bd:35:43:da:71:ca:5b:10:55:6b:65:1f:bc:90:24:1f:
         29:42:a8:c8:18:f5:af:23:1e:b7:01:ca:a3:76:ca:73:2c:90:
         76:fb:3f:1f:0a:ac:34:e4:59:2b:b1:79:b1:54:b4:76:b2:47:
         fd:c5:ac:94:4f:5b:26:a7:ca:66:aa:c4:fa:03:59:e7:cf:5a:
         fd:20:bc:0d
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzKKoVWRWeoncE38tBEEwEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjVlNDcwZTkwZDVlYmRkY2NhYTljZjZiYjIyZTg5ZGUwZDlmMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3qJlbFYR7CtD/OJUa18WOAdnxMl
j5x6vv/SUzk8lsGW13a7oJfmrCX9RO3W9GyEpWbgLuQt6xn/nHKvR7uSxM18vkR+
/fG05w4rBGsRBTHguBy5beOA1O7ZSxoWkxebGFj/FvH5j/VDO0NiCncH11zZPUuX
h+x4tjAgyzW/5Oo7DFc9fEzoqj79tIjqJj1/cwiVFszsBSGRgzjxOWtnBDAaiHhZ
XZis6J4w/cgvf6/oU1zWKTrVdC6gYFtE/x3m/jtey5oo1+rnU3FxESwRyjKQ8ugG
+QD7lD9aJzSSlnLfuLdhhHkN5PcM57i1y8ppyfTS39Vq/L476DL1d2hP1QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFGteRw6Q1evdzKqc9rsi6J3g2fIHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjL2E4MmMx
MC01MjE4LTQ3YTctYTdjNC1lZWI2ZGFhNzVlYzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMvYTgyYzEw
LTUyMTgtNDdhNy1hN2M0LWVlYjZkYWE3NWVjNS8xL2ExNUhEcERWNjkzTXFwejJ1
eUxvbmVEWjhnYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBw/6wMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMHQzANBgkqhkiG9w0BAQsFAAOCAQEALa2h8tdvyhHQK5pfwEvFSHT5UP1Qof05
BFL6PoR1b9WibPziD1IamNJr0sywjbwmZTeJrDJKBwXJDKxz10b98RkyaGSGGFDR
/sogs+Cpv1IyxT6dgF/YGTXdfQRVjLzSYA7y7DAUz5cj2SxWQt+6IJ7XIYjsaOq2
wIo9ieooQulQU5u8U5xsg5h5UatCNByu7ZHFFfJbaSvAfPuW7mzcK7DaNGK+nu/O
2XsjP4ne4TYpN0BfbOm9NUPaccpbEFVrZR+8kCQfKUKoyBj1ryMetwHKo3bKcyyQ
dvs/HwqsNORZK7F5sVS0drJH/cWslE9bJqfKZqrE+gNZ589a/SC8DQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:31:19 2024 by rpki-client on console-ams.rpki-client.org