Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e-714WwUZ9p6AvGSN2U65CsQllI.cer
File:                     e-714WwUZ9p6AvGSN2U65CsQllI.cer (raw, json)
Hash identifier:          V5FTjpMkjQEd6RluNuRzZMZL2n4zCE9dRFIB9XcvjNs=
Subject key identifier:   7B:EE:F5:E1:6C:14:67:DA:7A:02:F1:92:37:65:3A:E4:2B:10:96:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC42558B37052FA9766F97F694341166A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/e-714WwUZ9p6AvGSN2U65CsQllI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:30:31 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 205890
                          IP: 91.196.144.0/22
                          IP: 91.207.72.0/23
                          IP: 91.207.94.0/23
                          IP: 2a0a:de40::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:58:b3:70:52:fa:97:66:f9:7f:69:43:41:16:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:30:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7beef5e16c1467da7a02f19237653ae42b109652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9c:a2:11:e2:fc:19:8a:68:02:d5:be:61:41:
                    17:e8:68:97:d4:d0:b4:52:53:ee:08:f2:81:a7:c5:
                    7e:cc:ef:69:df:d5:a9:36:30:ba:c6:06:10:2d:0f:
                    ed:a7:c1:17:7f:44:e5:d7:af:68:25:27:15:0f:df:
                    09:dd:ef:10:1a:7a:91:81:9e:61:b0:a8:c5:2a:a3:
                    8e:18:94:ab:3f:32:55:7e:70:85:3f:40:ce:58:07:
                    38:21:2b:2f:c6:72:d3:6b:e0:35:e0:17:92:26:82:
                    06:e4:2a:ce:08:d7:6c:30:1b:db:42:b7:d2:e3:0f:
                    c5:f7:e5:13:a0:b9:32:3c:8f:cc:f0:35:71:37:e3:
                    a8:fb:7d:6b:c3:54:dd:c1:a9:8c:58:ae:ef:54:07:
                    2a:cc:b2:8e:cc:68:76:9d:6b:5b:df:95:57:5d:51:
                    57:7d:5b:46:d9:e3:0b:ed:6e:81:e7:b7:38:d2:74:
                    bd:84:c9:7a:09:04:95:61:81:67:b3:32:65:a5:c3:
                    a6:81:70:d0:e4:cf:be:db:40:ac:93:34:ef:44:91:
                    7f:58:4e:d7:64:7b:5a:aa:f7:9b:8b:42:ca:42:14:
                    a4:1b:53:d3:6c:cf:f0:9d:28:15:bc:69:11:9c:dd:
                    69:0b:cd:13:a7:2c:2c:92:61:29:2c:f7:1d:7d:62:
                    fb:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:EE:F5:E1:6C:14:67:DA:7A:02:F1:92:37:65:3A:E4:2B:10:96:52
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/e-714WwUZ9p6AvGSN2U65CsQllI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.196.144.0/22
                  91.207.72.0/23
                  91.207.94.0/23
                IPv6:
                  2a0a:de40::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205890

    Signature Algorithm: sha256WithRSAEncryption
         9c:0a:f8:7e:37:a1:f7:d8:95:9c:63:9c:2b:db:ff:8d:f3:99:
         2d:2c:47:58:be:eb:98:e3:73:98:9d:aa:63:e5:a6:43:42:26:
         42:cc:e2:31:72:13:5b:79:db:12:63:3f:6c:4f:6a:e3:a3:f1:
         4a:0d:8d:0b:80:cb:14:2e:7c:f4:98:ff:8c:8f:1d:a2:8c:4b:
         2b:21:83:37:8b:6b:42:0d:cb:8b:77:c7:d0:a1:aa:8b:7f:7e:
         1a:96:be:f9:10:09:77:41:94:52:e2:4c:b1:8a:42:6c:65:7a:
         df:1a:9e:35:35:06:c3:4a:f4:e7:e5:7b:ca:46:83:ad:75:b3:
         c8:e0:7e:f0:61:0b:5f:8b:20:8b:20:17:52:ba:94:5c:3c:2c:
         0d:92:ed:9c:af:84:8f:53:b1:2d:4d:30:93:b4:f2:af:f0:c3:
         b6:87:ef:78:a2:9b:73:e7:2f:57:90:ed:c7:48:17:7e:70:9d:
         fc:32:be:b0:8d:39:20:fe:41:d1:1b:80:97:4d:16:ff:e3:b2:
         9c:7b:d5:0c:d1:03:96:c6:57:d2:87:41:00:77:83:95:e2:1e:
         0a:55:c4:c2:6c:8e:04:17:49:88:49:e9:f6:68:b4:3b:fe:da:
         ef:9b:39:2b:fe:d1:34:e3:28:04:7c:04:94:4d:5a:ca:ee:9d:
         85:0b:7b:de
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzEJVizcFL6l2b5f2lDQRZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVlZjVlMTZjMTQ2N2RhN2EwMmYxOTIzNzY1M2FlNDJiMTA5NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZyiEeL8GYpoAtW+YUEX6GiX1NC0
UlPuCPKBp8V+zO9p39WpNjC6xgYQLQ/tp8EXf0Tl169oJScVD98J3e8QGnqRgZ5h
sKjFKqOOGJSrPzJVfnCFP0DOWAc4ISsvxnLTa+A14BeSJoIG5CrOCNdsMBvbQrfS
4w/F9+UToLkyPI/M8DVxN+Oo+31rw1TdwamMWK7vVAcqzLKOzGh2nWtb35VXXVFX
fVtG2eML7W6B57c40nS9hMl6CQSVYYFnszJlpcOmgXDQ5M++20CskzTvRJF/WE7X
ZHtaqvebi0LKQhSkG1PTbM/wnSgVvGkRnN1pC80TpywskmEpLPcdfWL7ewIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFHvu9eFsFGfaegLxkjdlOuQrEJZSMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkL2EyYjk4
My01NTM4LTQ4NWUtYjEwZi0xN2E2OWI3MDJlMWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvYTJiOTgz
LTU1MzgtNDg1ZS1iMTBmLTE3YTY5YjcwMmUxYi8xL2UtNzE0V3dVWjlwNkF2R1NO
MlU2NUNzUWxsSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCW8SQAwQBW89IAwQBW89eMA0EAgACMAcDBQAq
Ct5AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMkQjANBgkqhkiG9w0BAQsFAAOC
AQEAnAr4fjeh99iVnGOcK9v/jfOZLSxHWL7rmONzmJ2qY+WmQ0ImQsziMXITW3nb
EmM/bE9q46PxSg2NC4DLFC589Jj/jI8dooxLKyGDN4trQg3Li3fH0KGqi39+Gpa+
+RAJd0GUUuJMsYpCbGV63xqeNTUGw0r05+V7ykaDrXWzyOB+8GELX4sgiyAXUrqU
XDwsDZLtnK+Ej1OxLU0wk7Tyr/DDtofveKKbc+cvV5Dtx0gXfnCd/DK+sI05IP5B
0RuAl00W/+OynHvVDNEDlsZX0odBAHeDleIeClXEwmyOBBdJiEnp9mi0O/7a75s5
K/7RNOMoBHwElE1ayu6dhQt73g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:39 2024 by rpki-client on console-fra.rpki-client.org