Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
File:                     eCa2BPb4wD_p32yY5h856u11VaU.cer (raw, json)
Hash identifier:          10o9GcQur11MBIx45TwxfqEXy3R1upHTPgz7ZcxqNmQ=
Subject key identifier:   78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DECD1A97CD01A9E6E66994E451094F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207442
                          IP: 185.89.98.0/24
                          IP: 2a10:1a00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:cd:1a:97:cd:01:a9:e6:e6:69:94:e4:51:09:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:65:5a:fd:ac:2f:2d:1f:3e:ae:1a:65:30:b6:
                    9b:ba:10:d6:95:c4:d1:35:7a:1b:db:88:c4:be:3e:
                    24:85:49:a8:41:13:52:e2:1b:26:95:34:10:6c:28:
                    e6:67:2d:5b:d6:25:34:44:8f:24:65:93:d2:34:ac:
                    1b:b9:05:52:be:f7:75:ae:d7:08:96:21:2b:4a:dd:
                    a1:4a:62:b0:0e:d4:2a:17:fa:b9:6e:ed:01:9c:68:
                    bc:c6:66:0b:df:89:c3:2d:9a:d0:ea:30:d6:ab:69:
                    71:7d:24:a9:26:08:e3:41:4f:59:15:b3:da:25:ea:
                    24:d2:b8:6d:09:ab:f0:05:21:1b:f0:65:79:89:e7:
                    cd:95:6e:3b:c2:b3:ad:dd:1a:ce:f7:29:9b:f1:62:
                    1e:06:c9:bb:cc:ef:23:14:8e:7b:04:fa:3a:14:bf:
                    14:b1:66:e6:e7:42:49:dd:93:f8:af:2f:66:06:95:
                    00:c6:4c:8e:ee:d7:58:92:76:9a:fa:b4:25:5e:58:
                    f1:0c:1b:67:e1:da:10:7b:77:a7:79:21:bd:09:15:
                    88:0d:0a:fe:89:c3:ae:ea:52:08:b5:98:e5:95:60:
                    eb:32:5b:99:68:cd:8c:76:87:ff:a0:b9:89:5d:98:
                    68:ff:96:55:ef:16:e3:90:d2:50:c9:89:93:69:b1:
                    9a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.89.98.0/24
                IPv6:
                  2a10:1a00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207442

    Signature Algorithm: sha256WithRSAEncryption
         1e:48:de:44:18:89:d5:5b:df:6a:c0:f7:67:b2:aa:30:00:d3:
         31:dc:91:e0:a4:e6:65:03:86:82:20:10:16:5e:63:4d:1f:f8:
         af:9b:48:77:87:16:49:61:3a:21:6f:a2:71:74:b7:4e:cc:fc:
         3d:b3:dd:89:13:9b:ef:a3:6d:92:3d:93:56:89:da:31:7d:04:
         43:5f:5a:cb:37:3b:10:25:9a:60:a6:80:8c:36:3d:7d:0e:ae:
         5c:57:10:ec:87:86:5f:bc:0a:74:43:49:e9:20:a4:aa:1e:4a:
         f6:b5:62:3a:ae:79:88:c2:2d:6c:bf:41:b2:8a:dd:2d:7e:bd:
         68:43:b1:c3:a5:db:d2:32:e6:f6:1e:12:03:7e:49:d8:ee:e6:
         43:96:07:28:03:3a:13:25:c9:63:48:bd:73:d6:ca:8e:74:41:
         51:ef:df:62:27:26:47:61:87:20:20:a4:c8:0f:dd:13:1a:06:
         9f:e3:ca:ad:61:e2:17:48:2d:ea:6b:a3:9c:15:48:af:64:42:
         cc:da:16:14:80:84:38:16:27:bb:fb:33:62:07:8e:37:de:ab:
         86:52:b3:60:44:cc:48:36:5f:e5:29:83:d8:61:05:41:d5:27:
         fa:73:35:47:43:c7:f6:cf:ad:99:89:76:0d:ce:6d:e4:da:e7:
         f7:8f:ed:0f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzI3s0al80BqebmaZTkUQlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODI2YjYwNGY2ZjhjMDNmZTlkZjZjOThlNjFmMzllYWVkNzU1NWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWVa/awvLR8+rhplMLabuhDWlcTR
NXob24jEvj4khUmoQRNS4hsmlTQQbCjmZy1b1iU0RI8kZZPSNKwbuQVSvvd1rtcI
liErSt2hSmKwDtQqF/q5bu0BnGi8xmYL34nDLZrQ6jDWq2lxfSSpJgjjQU9ZFbPa
Jeok0rhtCavwBSEb8GV5iefNlW47wrOt3RrO9ymb8WIeBsm7zO8jFI57BPo6FL8U
sWbm50JJ3ZP4ry9mBpUAxkyO7tdYknaa+rQlXljxDBtn4doQe3eneSG9CRWIDQr+
icOu6lIItZjllWDrMluZaM2Mdof/oLmJXZho/5ZV7xbjkNJQyYmTabGavwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHgmtgT2+MA/6d9smOYfOertdVWlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk0L2M5NGM2
NS1lYTAyLTQwNWEtYmJhNy1jYTA0NzRhZGYzNzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQvYzk0YzY1
LWVhMDItNDA1YS1iYmE3LWNhMDQ3NGFkZjM3My8xL2VDYTJCUGI0d0RfcDMyeVk1
aDg1NnUxMVZhVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuVliMA0EAgACMAcDBQMqEBoAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMqUjANBgkqhkiG9w0BAQsFAAOCAQEAHkjeRBiJ1Vvf
asD3Z7KqMADTMdyR4KTmZQOGgiAQFl5jTR/4r5tId4cWSWE6IW+icXS3Tsz8PbPd
iROb76Ntkj2TVonaMX0EQ19ayzc7ECWaYKaAjDY9fQ6uXFcQ7IeGX7wKdENJ6SCk
qh5K9rViOq55iMItbL9BsordLX69aEOxw6Xb0jLm9h4SA35J2O7mQ5YHKAM6EyXJ
Y0i9c9bKjnRBUe/fYicmR2GHICCkyA/dExoGn+PKrWHiF0gt6mujnBVIr2RCzNoW
FICEOBYnu/szYgeON96rhlKzYETMSDZf5SmD2GEFQdUn+nM1R0PH9s+tmYl2Dc5t
5Nrn94/tDw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:17 2024 by rpki-client on console-ams.rpki-client.org