Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bI5k4HENMvJqNtaM_3s_hqyCDOs.cer
File:                     bI5k4HENMvJqNtaM_3s_hqyCDOs.cer (raw, json)
Hash identifier:          +qC8h7wfKQ9cPVI4ASvxtdoUc7cOKJeEJbmn80Wj9Ls=
Subject key identifier:   6C:8E:64:E0:71:0D:32:F2:6A:36:D6:8C:FF:7B:3F:86:AC:82:0C:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0197C07860A7B08E029E602F977B13FDD901
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2d/7be1aa-5b05-4753-b7d8-b8bb9d7da2db/1/bI5k4HENMvJqNtaM_3s_hqyCDOs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2d/7be1aa-5b05-4753-b7d8-b8bb9d7da2db/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 30 Jun 2025 10:53:23 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 194.147.234.0 -- 194.147.237.255
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:78:60:a7:b0:8e:02:9e:60:2f:97:7b:13:fd:d9:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 30 10:53:23 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6c8e64e0710d32f26a36d68cff7b3f86ac820ceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:42:c9:76:fc:60:e4:29:8f:e9:52:2b:c4:63:
                    c5:df:ec:d1:0b:96:29:67:0a:3e:38:30:cb:2f:ab:
                    53:89:73:27:4d:19:89:ed:a8:69:e5:0a:90:00:2d:
                    0e:f5:49:d8:a7:96:5c:78:80:f2:2a:1f:5d:5d:5d:
                    1e:93:dc:71:c6:b4:05:64:6e:ae:24:bf:2a:7e:f0:
                    99:cd:54:d2:ba:50:ab:bf:66:c3:fc:10:5a:77:0c:
                    85:26:f8:7a:ea:46:46:2d:8e:fe:ef:78:2c:6c:7a:
                    64:ff:1e:22:af:64:24:ff:e0:3e:8e:48:3d:89:21:
                    4c:b7:14:8f:32:ae:4e:dd:35:d9:97:cc:3e:92:69:
                    98:09:ff:a8:38:8b:7b:ed:44:c6:21:4e:2f:d7:8a:
                    65:4e:ef:78:e5:59:8f:2c:39:b0:1d:7a:c9:6f:da:
                    70:7b:db:6f:9a:81:dd:12:52:2d:2c:49:7f:d0:ef:
                    5d:23:8c:8b:9b:05:ca:cd:a5:f7:a2:10:32:7d:08:
                    d0:03:b6:6e:09:77:e9:c8:e9:f6:5c:42:82:f6:a9:
                    2b:a6:2d:f9:a5:d6:eb:69:b1:c9:f5:39:53:14:bf:
                    f3:53:f0:89:c1:e3:f8:1f:be:23:9f:ce:4a:13:66:
                    72:4a:d4:7c:71:4e:7c:d0:29:28:eb:da:f1:9b:8d:
                    2c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:8E:64:E0:71:0D:32:F2:6A:36:D6:8C:FF:7B:3F:86:AC:82:0C:EB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7be1aa-5b05-4753-b7d8-b8bb9d7da2db/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7be1aa-5b05-4753-b7d8-b8bb9d7da2db/1/bI5k4HENMvJqNtaM_3s_hqyCDOs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.234.0-194.147.237.255

    Signature Algorithm: sha256WithRSAEncryption
         2e:77:83:80:82:90:4d:37:eb:82:32:ac:df:e9:96:c9:1b:94:
         ed:12:5d:e7:37:4a:ea:a9:1c:28:a6:12:3a:ed:57:f2:7c:87:
         53:4e:33:80:10:54:79:3b:ff:82:bf:3d:c8:0d:bf:bb:2f:6e:
         98:81:ca:bc:44:6d:cf:5d:34:e9:77:1e:f5:e6:09:13:9f:53:
         16:8d:00:fa:23:59:ea:95:75:b5:66:76:67:e9:82:68:1a:f7:
         99:f2:68:90:f2:9c:35:c2:17:1d:d0:18:47:76:53:9a:da:3f:
         b1:79:b6:29:b9:2b:a2:89:73:ff:0d:46:92:e2:63:35:ca:52:
         ea:35:5e:5f:89:e8:ec:1d:b6:44:f5:58:20:b5:3a:3a:e7:4c:
         59:ec:89:d2:aa:e2:98:13:d8:92:83:75:57:89:ea:dc:b6:99:
         dc:a8:1a:d7:51:c8:dc:63:b6:6d:85:7e:0a:21:4e:8b:7a:f8:
         cc:f0:8a:20:f9:bb:d3:82:b8:7c:c0:2d:fb:a9:c5:b6:71:a3:
         c4:93:86:fd:60:a2:5c:55:5c:06:db:a2:49:37:f1:f5:09:12:
         8a:27:d6:61:c5:dc:ef:56:b4:66:7e:32:4a:4f:0e:c6:51:6c:
         d2:6b:a5:92:6e:cb:60:4d:fc:57:f4:aa:49:f3:38:01:9e:52:
         ee:c0:be:3c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZfAeGCnsI4CnmAvl3sT/dkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjMwMTA1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhlNjRlMDcxMGQzMmYyNmEzNmQ2OGNmZjdiM2Y4NmFjODIwY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ULJdvxg5CmP6VIrxGPF3+zRC5Yp
Zwo+ODDLL6tTiXMnTRmJ7ahp5QqQAC0O9UnYp5ZceIDyKh9dXV0ek9xxxrQFZG6u
JL8qfvCZzVTSulCrv2bD/BBadwyFJvh66kZGLY7+73gsbHpk/x4ir2Qk/+A+jkg9
iSFMtxSPMq5O3TXZl8w+kmmYCf+oOIt77UTGIU4v14plTu945VmPLDmwHXrJb9pw
e9tvmoHdElItLEl/0O9dI4yLmwXKzaX3ohAyfQjQA7ZuCXfpyOn2XEKC9qkrpi35
pdbrabHJ9TlTFL/zU/CJweP4H74jn85KE2ZyStR8cU580Cko69rxm40sFwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFGyOZOBxDTLyajbWjP97P4asggzrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkLzdiZTFh
YS01YjA1LTQ3NTMtYjdkOC1iOGJiOWQ3ZGEyZGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvN2JlMWFh
LTViMDUtNDc1My1iN2Q4LWI4YmI5ZDdkYTJkYi8xL2JJNWs0SEVOTXZKcU50YU1f
M3NfaHF5Q0RPcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF
BwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCk+oDBAHCk+wwDQYJKoZIhvcNAQELBQAD
ggEBAC53g4CCkE0364IyrN/plskblO0SXec3SuqpHCimEjrtV/J8h1NOM4AQVHk7
/4K/PcgNv7svbpiByrxEbc9dNOl3HvXmCROfUxaNAPojWeqVdbVmdmfpgmga95ny
aJDynDXCFx3QGEd2U5raP7F5tim5K6KJc/8NRpLiYzXKUuo1Xl+J6OwdtkT1WCC1
OjrnTFnsidKq4pgT2JKDdVeJ6ty2mdyoGtdRyNxjtm2FfgohTot6+MzwiiD5u9OC
uHzALfupxbZxo8SThv1golxVXAbbokk38fUJEoon1mHF3O9WtGZ+MkpPDsZRbNJr
pZJuy2BN/Ff0qknzOAGeUu7Avjw=
-----END CERTIFICATE-----
Generated at Fri Jul 4 05:13:34 2025 by rpki-client