Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/biVY_WHcw98Yjv5yCvxc9x_JimU.cer
File:                     biVY_WHcw98Yjv5yCvxc9x_JimU.cer (raw, json)
Hash identifier:          EFGfBCyEAJNBw3h+TBTnjt9dEr26tC/Frog81bXp0HM=
Subject key identifier:   6E:25:58:FD:61:DC:C3:DF:18:8E:FE:72:0A:FC:5C:F7:1F:C9:8A:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DBE1DB1B7F707D623DE5ADD586666A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3d/297de9-7337-4b49-bc71-7744030a88b8/1/biVY_WHcw98Yjv5yCvxc9x_JimU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3d/297de9-7337-4b49-bc71-7744030a88b8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:29:30 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 211575

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:db:e1:db:1b:7f:70:7d:62:3d:e5:ad:d5:86:66:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6e2558fd61dcc3df188efe720afc5cf71fc98a65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:42:68:86:b2:8c:8a:e3:2d:97:4a:b1:de:37:
                    58:07:ba:eb:5a:e9:70:3e:c7:55:71:ba:b4:79:e8:
                    71:f6:17:51:ae:af:f3:68:54:a5:32:32:fc:73:bc:
                    0a:ae:2f:65:b2:be:6e:09:e0:76:b9:19:c1:67:5b:
                    f2:71:eb:48:85:9d:3d:01:72:8e:61:8a:8c:b0:d8:
                    4b:2e:7f:58:db:20:44:bb:48:bb:70:51:35:46:45:
                    e6:2f:de:27:8b:18:53:21:c1:eb:c6:66:03:70:95:
                    0e:dc:a1:a6:ac:bb:7a:db:12:26:d7:a3:f0:5d:46:
                    09:86:e6:96:20:9d:d7:04:d9:e3:8c:f0:2d:24:53:
                    25:65:1c:0d:2e:16:ff:4b:c2:80:14:f7:56:65:fc:
                    9a:22:36:2c:80:57:8c:c9:97:7b:9e:66:ef:d3:de:
                    ef:1e:62:8e:e0:d5:27:c2:d5:dd:0f:c9:e3:51:67:
                    f8:34:3a:48:3d:6e:06:57:4d:b2:af:95:7c:0b:ca:
                    84:f0:30:00:8f:dd:ce:24:c2:64:cf:74:c3:7b:b5:
                    8e:f3:6d:1d:5b:13:81:cb:a1:9c:f5:dd:67:65:f3:
                    d7:82:ff:ad:80:60:69:ed:6b:81:d0:7d:57:8c:92:
                    b4:b4:20:95:92:28:0f:f7:f1:67:59:95:58:8a:f0:
                    1e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:25:58:FD:61:DC:C3:DF:18:8E:FE:72:0A:FC:5C:F7:1F:C9:8A:65
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/297de9-7337-4b49-bc71-7744030a88b8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/297de9-7337-4b49-bc71-7744030a88b8/1/biVY_WHcw98Yjv5yCvxc9x_JimU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211575

    Signature Algorithm: sha256WithRSAEncryption
         9a:f1:ed:63:a7:4d:a7:d8:74:48:04:5f:ea:3a:b4:20:c0:4d:
         6a:e8:d8:df:23:62:0a:aa:22:95:0e:b7:55:df:91:58:15:e4:
         19:0e:34:50:51:83:fd:99:a8:11:6f:ee:38:6f:69:4b:96:d6:
         91:87:b0:40:bf:f7:85:c0:34:b7:03:e3:a3:0b:9d:8e:8b:cd:
         2b:c2:a4:4e:7c:ac:70:88:81:b7:6b:33:45:a4:e1:cd:55:b1:
         7f:b5:da:4c:19:b9:46:fc:a4:6d:10:b5:40:7c:04:5b:f2:fa:
         41:e2:0a:bf:97:1b:6c:0e:6b:0c:17:59:1c:eb:3a:09:35:0e:
         fb:33:1e:5d:4b:ef:8d:29:4e:26:5d:f6:ad:21:3f:80:7b:52:
         b3:f6:84:80:c1:30:62:49:70:96:95:af:ae:bd:71:ba:68:ec:
         81:a9:0f:b0:ad:12:c1:cc:4b:f1:7c:7b:57:74:d3:f9:f1:f4:
         b9:d0:fd:ca:08:07:ff:d9:7d:a5:31:45:47:9a:c5:51:11:a5:
         44:21:c5:b1:a9:7d:78:70:78:68:46:5f:92:8a:30:67:cd:50:
         42:92:10:2f:a7:78:33:bf:a1:11:e6:75:12:42:6e:73:b6:d3:
         a3:77:d0:5f:ac:23:19:b9:d1:97:d9:c0:f4:50:c3:42:7d:9a:
         b1:9f:e5:85
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzF2+HbG39wfWI95a3VhmZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI1NThmZDYxZGNjM2RmMTg4ZWZlNzIwYWZjNWNmNzFmYzk4YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0JohrKMiuMtl0qx3jdYB7rrWulw
PsdVcbq0eehx9hdRrq/zaFSlMjL8c7wKri9lsr5uCeB2uRnBZ1vycetIhZ09AXKO
YYqMsNhLLn9Y2yBEu0i7cFE1RkXmL94nixhTIcHrxmYDcJUO3KGmrLt62xIm16Pw
XUYJhuaWIJ3XBNnjjPAtJFMlZRwNLhb/S8KAFPdWZfyaIjYsgFeMyZd7nmbv097v
HmKO4NUnwtXdD8njUWf4NDpIPW4GV02yr5V8C8qE8DAAj93OJMJkz3TDe7WO820d
WxOBy6Gc9d1nZfPXgv+tgGBp7WuB0H1XjJK0tCCVkigP9/FnWZVYivAe+QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFG4lWP1h3MPfGI7+cgr8XPcfyYplMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzI5N2Rl
OS03MzM3LTRiNDktYmM3MS03NzQ0MDMwYTg4YjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvMjk3ZGU5
LTczMzctNGI0OS1iYzcxLTc3NDQwMzBhODhiOC8xL2JpVllfV0hjdzk4WWp2NXlD
dnhjOXhfSmltVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM6dzANBgkqhkiG9w0BAQsFAAOCAQEAmvHtY6dNp9h0
SARf6jq0IMBNaujY3yNiCqoilQ63Vd+RWBXkGQ40UFGD/ZmoEW/uOG9pS5bWkYew
QL/3hcA0twPjowudjovNK8KkTnyscIiBt2szRaThzVWxf7XaTBm5RvykbRC1QHwE
W/L6QeIKv5cbbA5rDBdZHOs6CTUO+zMeXUvvjSlOJl32rSE/gHtSs/aEgMEwYklw
lpWvrr1xumjsgakPsK0SwcxL8Xx7V3TT+fH0udD9yggH/9l9pTFFR5rFURGlRCHF
sal9eHB4aEZfkoowZ81QQpIQL6d4M7+hEeZ1EkJuc7bTo3fQX6wjGbnRl9nA9FDD
Qn2asZ/lhQ==
-----END CERTIFICATE-----