Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
File:                     et9j43Wwt4UIG1lFsdGNnehuDvw.cer (raw, json)
Hash identifier:          EFW8leWuQi6dbCpKGY6PCwYPKycltpbAQRTuFdBzTBQ=
Subject key identifier:   7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3E11395C87F27D76A690843E50CB4C1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 07:15:56 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50530
                          IP: 109.110.160.0/19
                          IP: 185.4.220.0/22
                          IP: 185.205.220.0/22
                          IP: 185.222.184.0/22
                          IP: 193.246.160.0/23
                          IP: 193.246.164.0/23
                          IP: 2a00:1ce0::/32
                          IP: 2a0b:ac0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:e1:13:95:c8:7f:27:d7:6a:69:08:43:e5:0c:b4:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:15:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:63:11:78:3c:6c:8b:ff:04:96:40:b2:f0:40:
                    a2:4c:32:65:3c:fa:e0:c8:a5:63:dc:89:8d:49:b5:
                    40:86:4c:5d:f6:67:08:ba:08:9f:ad:90:b0:51:77:
                    28:da:f1:31:1d:a9:7b:fd:fe:ef:2e:93:48:80:5e:
                    2c:81:24:f4:a6:f1:50:db:79:76:f8:9f:6d:16:b4:
                    c0:80:3b:98:4f:9e:77:01:cd:23:08:c4:9f:d2:52:
                    c2:79:e5:36:b2:3d:82:1e:37:f3:0e:10:73:bd:c6:
                    ac:78:36:9d:75:b3:c4:d3:c2:16:58:d5:06:b8:23:
                    62:9b:1c:ab:cd:0f:8e:69:b8:8e:1f:d7:4b:08:47:
                    14:5b:15:b8:d3:68:9a:c7:0b:4f:ef:18:9e:ef:85:
                    9c:8b:04:ad:33:49:c7:7e:d2:f6:f2:40:9f:23:2f:
                    a9:ba:43:e9:60:ac:18:97:cf:72:e5:36:ce:55:53:
                    37:fe:a5:13:f6:e7:e1:c1:66:e8:04:c7:c4:93:63:
                    c6:84:aa:49:ce:33:ed:7c:b3:4b:2c:a1:bb:75:d3:
                    a7:71:3a:14:8c:d4:2e:e1:49:0c:6d:c9:74:64:5b:
                    27:a0:a3:48:f7:8b:0e:2c:7f:14:57:94:a9:c0:c1:
                    81:e7:88:ec:47:08:19:16:71:3f:13:1d:0e:3d:58:
                    79:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.110.160.0/19
                  185.4.220.0/22
                  185.205.220.0/22
                  185.222.184.0/22
                  193.246.160.0/23
                  193.246.164.0/23
                IPv6:
                  2a00:1ce0::/32
                  2a0b:ac0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50530

    Signature Algorithm: sha256WithRSAEncryption
         94:3f:02:5f:31:9f:60:5d:80:d9:ee:c7:c2:75:55:58:9a:96:
         29:ca:88:88:ef:06:ce:b1:aa:37:c4:6a:3f:ff:f7:93:e3:ed:
         85:b5:d8:ea:43:83:64:2e:66:f1:79:7d:dd:41:ca:0d:56:b5:
         6d:5a:44:f7:02:78:fb:e9:e1:c3:87:bf:4c:b8:72:8a:93:3d:
         01:8e:15:d0:3a:f2:b8:74:fb:d2:82:ac:5f:f0:05:35:1d:60:
         d6:4e:47:2e:0d:2a:34:88:4f:a4:3e:41:97:e1:48:0a:ee:09:
         8c:df:5c:4a:64:8b:4c:a8:85:35:86:cc:6c:e9:9c:51:1b:8f:
         94:6c:08:ea:e1:9d:f5:94:69:67:14:a9:f4:01:a4:1c:26:cc:
         ed:47:ba:1e:30:f3:9a:f6:80:dd:fc:1f:de:2c:7b:61:57:f6:
         37:ec:ca:8b:f0:d8:32:37:05:2f:00:3e:1f:87:f7:75:0c:74:
         0d:28:03:d0:46:22:d8:58:31:55:89:7d:bc:9c:54:ee:2a:73:
         7a:f2:2a:93:21:ee:61:10:4f:48:ad:51:a5:c4:1e:e1:5f:94:
         7c:3f:ef:b1:00:ef:6b:91:69:da:82:cd:25:8f:b7:39:ae:7d:
         f7:59:64:56:e0:ac:22:e8:4f:c6:31:29:83:aa:58:6b:82:c3:
         ad:1e:2c:2b
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYzD4ROVyH8n12ppCEPlDLTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDcxNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWRmNjNlMzc1YjBiNzg1MDgxYjU5NDViMWQxOGQ5ZGU4NmUwZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGMReDxsi/8ElkCy8ECiTDJlPPrg
yKVj3ImNSbVAhkxd9mcIugifrZCwUXco2vExHal7/f7vLpNIgF4sgST0pvFQ23l2
+J9tFrTAgDuYT553Ac0jCMSf0lLCeeU2sj2CHjfzDhBzvcaseDaddbPE08IWWNUG
uCNimxyrzQ+OabiOH9dLCEcUWxW402iaxwtP7xie74WciwStM0nHftL28kCfIy+p
ukPpYKwYl89y5TbOVVM3/qUT9ufhwWboBMfEk2PGhKpJzjPtfLNLLKG7ddOncToU
jNQu4UkMbcl0ZFsnoKNI94sOLH8UV5SpwMGB54jsRwgZFnE/Ex0OPVh5zQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFHrfY+N1sLeFCBtZRbHRjZ3obg78MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FlZTNk
NThkLTkwNGEtNDM3NS1iZjkzLThiNWYzOGNhYjAwMi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVl
M2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvN0FERjYzRTM3NUIw
Qjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAME
BW1uoAMEArkE3AMEArnN3AMEArneuAMEAcH2oAMEAcH2pDAUBAIAAjAOAwUAKgAc
4AMFAyoLCsAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMViMA0GCSqGSIb3DQEB
CwUAA4IBAQCUPwJfMZ9gXYDZ7sfCdVVYmpYpyoiI7wbOsao3xGo///eT4+2Ftdjq
Q4NkLmbxeX3dQcoNVrVtWkT3Anj76eHDh79MuHKKkz0BjhXQOvK4dPvSgqxf8AU1
HWDWTkcuDSo0iE+kPkGX4UgK7gmM31xKZItMqIU1hsxs6ZxRG4+UbAjq4Z31lGln
FKn0AaQcJsztR7oeMPOa9oDd/B/eLHthV/Y37MqL8NgyNwUvAD4fh/d1DHQNKAPQ
RiLYWDFViX28nFTuKnN68iqTIe5hEE9IrVGlxB7hX5R8P++xAO9rkWnags0lj7c5
rn33WWRW4Kwi6E/GMSmDqlhrgsOtHiwr
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:08 2024 by rpki-client on console-ams.rpki-client.org