Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ak81ztxqAWg6Z4q05ZiJdSakCIA.cer
File:                     ak81ztxqAWg6Z4q05ZiJdSakCIA.cer (raw, json)
Hash identifier:          xpKx8AHOH3cx9aYa6Xtpk6/bELlCeib/XYTiCIiBWIM=
Subject key identifier:   6A:4F:35:CE:DC:6A:01:68:3A:67:8A:B4:E5:98:89:75:26:A4:08:80
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018FBDF4A598E239699769BB8B0DBECE9A9D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/1/6A4F35CEDC6A01683A678AB4E598897526A40880.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Tue 28 May 2024 06:47:58 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50104
                          AS: 210537

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:bd:f4:a5:98:e2:39:69:97:69:bb:8b:0d:be:ce:9a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May 28 06:47:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6a4f35cedc6a01683a678ab4e598897526a40880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:98:c7:23:bb:ab:57:c1:01:ce:12:b3:63:55:
                    4c:90:0f:ff:6e:45:fd:e8:ff:fa:bb:27:8c:b8:a6:
                    64:a5:05:d8:40:e9:21:41:08:99:fa:6e:5d:24:57:
                    f3:5f:f9:d0:a1:13:ed:46:e8:b0:df:db:ab:2f:ac:
                    ec:da:a0:0f:36:00:80:92:e8:01:12:a8:4e:9f:e4:
                    78:7a:9c:12:55:e1:e9:ec:e0:18:6f:23:2e:43:04:
                    b0:fe:df:61:8f:5a:3f:07:1b:ab:92:7f:22:f3:ee:
                    dc:88:a7:64:16:c5:ef:0f:96:a2:c2:4e:68:da:35:
                    9b:0a:02:e8:2d:74:37:df:a6:d3:3d:14:46:51:ef:
                    39:09:74:58:a4:9f:c1:74:92:70:2f:48:c4:5f:15:
                    b5:63:65:c6:5d:f9:01:88:23:dd:ee:86:65:a5:9b:
                    73:5d:99:b0:ea:24:91:61:a0:4b:d7:f8:2c:3d:10:
                    93:c3:24:76:9a:e8:8c:eb:5c:20:d3:6f:42:80:b9:
                    84:48:c0:dc:55:02:54:cf:30:20:37:53:de:0a:00:
                    58:ba:04:d2:84:51:89:37:28:aa:e6:fb:47:50:b3:
                    a2:72:13:99:a3:75:d0:31:a2:06:91:03:51:a1:9b:
                    96:0c:81:a8:0d:45:d1:a6:98:a7:99:92:4a:16:21:
                    92:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:4F:35:CE:DC:6A:01:68:3A:67:8A:B4:E5:98:89:75:26:A4:08:80
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f0f5aca9-dc28-4592-9712-4084de9c9421/1/6A4F35CEDC6A01683A678AB4E598897526A40880.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50104
                  210537

    Signature Algorithm: sha256WithRSAEncryption
         05:c7:65:e7:4d:0d:42:f3:27:c1:f5:22:a9:b1:39:7e:d3:54:
         c4:12:db:09:d4:ab:b5:03:d0:be:1d:35:b3:23:7a:92:b5:98:
         5c:4a:76:95:8e:59:8a:92:98:9e:29:9b:fc:e1:38:c0:3c:a4:
         54:4a:07:00:3d:57:b3:5b:b8:34:03:a6:19:7c:d7:07:25:46:
         d3:4c:18:41:a3:6d:11:0f:dc:3c:b8:58:bb:bb:9e:d5:f7:3e:
         c6:76:b2:40:6d:cc:da:6b:53:be:cb:d2:d2:41:3c:ad:90:aa:
         74:fa:f3:49:96:26:0e:1b:54:8d:cb:11:2b:43:85:83:d5:98:
         81:52:b4:30:b0:f7:52:fd:6e:ef:35:4e:1d:04:b1:bf:0f:f7:
         e2:61:90:26:80:3d:59:43:17:73:24:a3:37:5b:c4:72:2a:ff:
         0f:ff:d8:9d:c0:19:93:13:00:1b:eb:0e:c8:83:5b:b8:1d:41:
         41:34:95:2a:5a:ff:fc:93:da:f0:d5:e5:43:ce:20:19:5e:03:
         32:cb:90:49:2d:8c:1a:7b:ae:71:63:4c:9a:59:15:93:75:1e:
         0c:3c:45:da:10:48:76:4b:92:3f:b3:40:d1:7a:ba:dd:05:22:
         27:cb:7c:4a:64:76:9b:36:f3:86:bd:47:31:01:b5:48:00:e3:
         0a:20:d2:b4
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAY+99KWY4jlpl2m7iw2+zpqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTI4MDY0NzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRmMzVjZWRjNmEwMTY4M2E2NzhhYjRlNTk4ODk3NTI2YTQwODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55jHI7urV8EBzhKzY1VMkA//bkX9
6P/6uyeMuKZkpQXYQOkhQQiZ+m5dJFfzX/nQoRPtRuiw39urL6zs2qAPNgCAkugB
EqhOn+R4epwSVeHp7OAYbyMuQwSw/t9hj1o/Bxurkn8i8+7ciKdkFsXvD5aiwk5o
2jWbCgLoLXQ336bTPRRGUe85CXRYpJ/BdJJwL0jEXxW1Y2XGXfkBiCPd7oZlpZtz
XZmw6iSRYaBL1/gsPRCTwyR2muiM61wg029CgLmESMDcVQJUzzAgN1PeCgBYugTS
hFGJNyiq5vtHULOichOZo3XQMaIGkQNRoZuWDIGoDUXRppinmZJKFiGSnwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFGpPNc7cagFoOmeKtOWYiXUmpAiAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2YwZjVh
Y2E5LWRjMjgtNDU5Mi05NzEyLTQwODRkZTljOTQyMS8xLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjBm
NWFjYTktZGMyOC00NTkyLTk3MTItNDA4NGRlOWM5NDIxLzEvNkE0RjM1Q0VEQzZB
MDE2ODNBNjc4QUI0RTU5ODg5NzUyNkE0MDg4MC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMAw7gC
AwM2aTANBgkqhkiG9w0BAQsFAAOCAQEABcdl500NQvMnwfUiqbE5ftNUxBLbCdSr
tQPQvh01syN6krWYXEp2lY5ZipKYnimb/OE4wDykVEoHAD1Xs1u4NAOmGXzXByVG
00wYQaNtEQ/cPLhYu7ue1fc+xnayQG3M2mtTvsvS0kE8rZCqdPrzSZYmDhtUjcsR
K0OFg9WYgVK0MLD3Uv1u7zVOHQSxvw/34mGQJoA9WUMXcySjN1vEcir/D//YncAZ
kxMAG+sOyINbuB1BQTSVKlr//JPa8NXlQ84gGV4DMsuQSS2MGnuucWNMmlkVk3Ue
DDxF2hBIdkuSP7NA0Xq63QUiJ8t8SmR2mzbzhr1HMQG1SADjCiDStA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:51 2024 by rpki-client on console-ams.rpki-client.org