Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4BZu40DtmLHuAOenyYDqippkPQ.cer
File:                     e4BZu40DtmLHuAOenyYDqippkPQ.cer (raw, json)
Hash identifier:          MFAlwihlczisPxiQi7H8TWwicv9Oxh0XEJjPA3bvcNo=
Subject key identifier:   7B:80:59:BB:8D:03:B6:62:C7:B8:03:9E:9F:26:03:AA:2A:69:90:F4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC42525537E215C883F28AA86525EB3C6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1c/688c23-6a53-4854-a19a-c2d005008ef7/1/e4BZu40DtmLHuAOenyYDqippkPQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1c/688c23-6a53-4854-a19a-c2d005008ef7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:30:17 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198308

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:25:53:7e:21:5c:88:3f:28:aa:86:52:5e:b3:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:30:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7b8059bb8d03b662c7b8039e9f2603aa2a6990f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:6e:c7:3b:97:46:eb:be:19:54:fa:94:15:5c:
                    84:6a:52:ba:8a:af:07:07:63:9f:d9:cf:db:3a:ef:
                    1d:ad:aa:64:ec:d1:22:e4:bf:9d:cf:01:a2:6d:23:
                    9a:fb:26:d6:8d:db:7f:15:6c:f9:f6:c0:3d:5a:c1:
                    0d:ea:b0:36:9f:66:d7:a6:96:a4:c8:4c:b0:9b:bc:
                    6e:7b:7b:54:5c:ec:e1:ce:24:cf:81:83:24:9a:60:
                    27:bd:9b:a6:2d:33:3d:04:84:7f:89:82:ef:14:cb:
                    b2:29:ce:52:1d:0a:6c:62:a6:db:0e:ae:e5:c1:3a:
                    a4:8d:d0:92:6f:23:87:0e:7d:1e:b4:8a:78:48:d0:
                    ef:86:36:86:44:1e:10:bd:ef:f0:7d:ce:40:fb:eb:
                    a2:c4:a4:6a:44:b4:a1:7c:ad:09:6d:2b:d8:8a:db:
                    58:7f:c4:cf:59:17:2e:c2:40:7b:18:df:29:23:8e:
                    1d:cd:f0:e9:aa:83:b5:e5:4d:07:d1:54:fc:aa:cb:
                    2f:58:d0:4d:74:60:a5:6f:1b:cc:3d:b2:00:bc:a9:
                    f2:9d:fc:03:2f:d9:fe:bb:7a:1a:7d:80:50:5a:83:
                    ee:42:37:77:73:00:35:c3:3a:ac:8c:28:55:0f:fc:
                    c1:cf:ac:27:ba:a2:71:72:38:31:bf:d1:e4:f3:37:
                    90:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:80:59:BB:8D:03:B6:62:C7:B8:03:9E:9F:26:03:AA:2A:69:90:F4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/688c23-6a53-4854-a19a-c2d005008ef7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/688c23-6a53-4854-a19a-c2d005008ef7/1/e4BZu40DtmLHuAOenyYDqippkPQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198308

    Signature Algorithm: sha256WithRSAEncryption
         8a:a9:39:67:8a:6b:21:ab:89:fd:ec:9d:4e:05:36:7a:7c:49:
         e3:8f:4d:1c:88:6c:3e:ae:ab:6f:de:86:0c:4c:c7:49:ef:96:
         0b:4b:ca:b1:cc:92:d5:c4:fd:ed:d0:a2:b4:98:a6:7f:46:8f:
         2c:87:a5:87:a3:8b:62:19:50:65:9b:56:ac:87:5a:21:54:fb:
         d8:03:63:80:35:60:c3:10:97:c8:c2:c9:ca:2a:5b:2e:03:ed:
         a7:8c:bc:87:12:1e:a2:d8:65:ec:ce:b0:66:54:e6:d6:8d:24:
         91:92:ef:80:61:a0:c6:83:f3:cb:b1:74:9b:a9:f8:dd:15:d4:
         6c:15:b8:c0:d2:57:aa:b5:38:5f:c7:73:7f:f6:7b:7e:2b:d5:
         8f:13:89:4e:3b:0c:04:77:48:05:af:2d:1b:7a:5e:8a:0a:df:
         e7:5b:a6:13:30:cc:e6:1f:6c:7b:a6:d5:be:ea:ab:7b:9b:e4:
         88:b7:bf:85:65:e8:bd:61:d2:1e:ff:12:99:6d:7f:56:ec:0b:
         a2:b4:1d:f4:7d:59:2a:b0:cc:3b:97:b1:ee:7b:8e:41:b5:26:
         e2:c7:29:ce:2f:47:6d:52:49:e5:3c:96:5c:fa:5e:a1:a6:34:
         09:c9:7a:77:f9:3a:42:86:24:05:f0:07:13:80:4b:57:d4:89:
         8c:b3:9c:f3
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzEJSVTfiFciD8oqoZSXrPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjgwNTliYjhkMDNiNjYyYzdiODAzOWU5ZjI2MDNhYTJhNjk5MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym7HO5dG674ZVPqUFVyEalK6iq8H
B2Of2c/bOu8drapk7NEi5L+dzwGibSOa+ybWjdt/FWz59sA9WsEN6rA2n2bXppak
yEywm7xue3tUXOzhziTPgYMkmmAnvZumLTM9BIR/iYLvFMuyKc5SHQpsYqbbDq7l
wTqkjdCSbyOHDn0etIp4SNDvhjaGRB4Qve/wfc5A++uixKRqRLShfK0JbSvYittY
f8TPWRcuwkB7GN8pI44dzfDpqoO15U0H0VT8qssvWNBNdGClbxvMPbIAvKnynfwD
L9n+u3oafYBQWoPuQjd3cwA1wzqsjChVD/zBz6wnuqJxcjgxv9Hk8zeQOwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHuAWbuNA7Zix7gDnp8mA6oqaZD0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjLzY4OGMy
My02YTUzLTQ4NTQtYTE5YS1jMmQwMDUwMDhlZjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMvNjg4YzIz
LTZhNTMtNDg1NC1hMTlhLWMyZDAwNTAwOGVmNy8xL2U0Qlp1NDBEdG1MSHVBT2Vu
eVlEcWlwcGtQUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMGpDANBgkqhkiG9w0BAQsFAAOCAQEAiqk5Z4prIauJ
/eydTgU2enxJ449NHIhsPq6rb96GDEzHSe+WC0vKscyS1cT97dCitJimf0aPLIel
h6OLYhlQZZtWrIdaIVT72ANjgDVgwxCXyMLJyipbLgPtp4y8hxIeothl7M6wZlTm
1o0kkZLvgGGgxoPzy7F0m6n43RXUbBW4wNJXqrU4X8dzf/Z7fivVjxOJTjsMBHdI
Ba8tG3peigrf51umEzDM5h9se6bVvuqre5vkiLe/hWXovWHSHv8SmW1/VuwLorQd
9H1ZKrDMO5ex7nuOQbUm4scpzi9HbVJJ5TyWXPpeoaY0Ccl6d/k6QoYkBfAHE4BL
V9SJjLOc8w==
-----END CERTIFICATE-----