Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
File:                     fvUy67B-qFBrZTQwwEbsjUAvlos.cer (raw, json)
Hash identifier:          Kd8AYH9mqfV/AFa2+ZmUinSa8FGF/XNBCQs25vms4SE=
Subject key identifier:   7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC348C80F4CB52E1B9039869095C5DB0D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/fvUy67B-qFBrZTQwwEbsjUAvlos.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:29:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 202050
                          IP: 193.108.215.0/24
                          IP: 193.108.219.0/24
                          IP: 193.109.92.0/24
                          IP: 193.109.94.0/24
                          IP: 2a0f:f840::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:c8:0f:4c:b5:2e:1b:90:39:86:90:95:c5:db:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7ef532ebb07ea8506b653430c046ec8d402f968b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:2d:07:12:b8:58:3f:91:24:bb:c9:26:12:fa:
                    62:92:28:35:44:31:eb:11:e5:07:0a:ea:be:e0:49:
                    ba:06:40:18:67:4d:8a:fe:20:eb:60:38:f4:c8:b7:
                    0d:e4:2b:0e:e4:9f:22:36:bd:63:1b:e7:2d:79:eb:
                    8c:ba:b5:65:5b:f7:7d:86:18:c6:8c:be:a7:ba:fa:
                    bc:97:04:d0:c3:98:b6:e8:c5:37:5d:51:b1:4b:70:
                    df:4b:e2:20:23:7e:e8:da:1c:0e:80:1f:e5:7a:60:
                    e5:a5:50:74:06:3f:1e:0c:92:8e:80:ac:23:61:74:
                    a9:d4:c8:b1:6b:29:74:74:fc:7b:13:66:8e:8c:9f:
                    c2:60:18:e8:de:61:ee:24:7d:4d:e7:25:10:ab:13:
                    7a:78:d4:a9:86:08:1e:36:31:e2:1b:07:15:0c:bf:
                    bb:6d:5c:7e:2a:f6:cc:d5:da:60:f1:b0:be:ac:17:
                    fd:24:68:71:db:f4:a8:62:f1:96:b3:7b:71:63:b0:
                    5e:03:0a:5e:06:15:5d:0a:b9:91:b2:68:ad:58:49:
                    50:72:ec:b3:7b:60:e8:dc:95:b2:b6:ed:97:2c:b3:
                    60:4b:da:ef:59:8f:0f:9c:f4:0c:a5:a5:d3:bf:45:
                    d0:42:46:b4:8f:61:e2:8f:1e:dc:cd:f7:51:a2:17:
                    d4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/fvUy67B-qFBrZTQwwEbsjUAvlos.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.215.0/24
                  193.108.219.0/24
                  193.109.92.0/24
                  193.109.94.0/24
                IPv6:
                  2a0f:f840::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202050

    Signature Algorithm: sha256WithRSAEncryption
         7f:9b:df:1f:f2:54:d1:90:36:30:5a:aa:b1:8f:2d:50:95:37:
         af:03:60:7c:d0:84:7f:84:0f:f8:66:a6:9c:b6:26:ff:36:e9:
         11:17:22:7d:59:a5:f7:5a:aa:b6:58:d9:6e:b2:5a:fe:7a:9c:
         11:00:46:71:83:a0:2e:9a:25:31:c7:b6:43:92:ca:d8:f5:b3:
         e9:46:02:0d:96:2d:b3:1d:13:bb:f0:ce:43:8c:80:f9:52:ce:
         68:ca:7b:59:15:48:11:a7:e3:be:6e:67:80:f2:1d:a2:f0:f0:
         64:fa:8d:f3:9a:8c:f8:e6:27:00:1a:db:cd:ac:89:dd:64:7a:
         1d:1b:45:75:4c:78:66:f7:30:9b:1a:91:22:93:16:84:c2:00:
         bd:a1:7b:22:d5:5e:ae:34:e6:18:4a:f8:6c:0a:ef:ef:7a:82:
         ce:ec:95:b6:2f:b2:7a:37:2a:3e:7e:22:b3:4e:f3:c1:a4:4f:
         78:fa:19:ab:19:38:f7:e5:9e:66:8b:e6:c0:ca:11:ec:5f:82:
         52:13:f7:17:82:f3:15:58:8a:61:8f:1f:69:31:3f:35:bf:7c:
         d9:dc:f0:22:93:39:56:f1:55:f1:2b:ab:c0:ac:2e:38:98:3f:
         a6:85:c7:40:18:20:03:77:87:0c:88:8f:8b:20:db:b5:30:52:
         12:04:ae:2d
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYzDSMgPTLUuG5A5hpCVxdsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY1MzJlYmIwN2VhODUwNmI2NTM0MzBjMDQ2ZWM4ZDQwMmY5NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni0HErhYP5Eku8kmEvpikig1RDHr
EeUHCuq+4Em6BkAYZ02K/iDrYDj0yLcN5CsO5J8iNr1jG+cteeuMurVlW/d9hhjG
jL6nuvq8lwTQw5i26MU3XVGxS3DfS+IgI37o2hwOgB/lemDlpVB0Bj8eDJKOgKwj
YXSp1Mixayl0dPx7E2aOjJ/CYBjo3mHuJH1N5yUQqxN6eNSphggeNjHiGwcVDL+7
bVx+KvbM1dpg8bC+rBf9JGhx2/SoYvGWs3txY7BeAwpeBhVdCrmRsmitWElQcuyz
e2Do3JWytu2XLLNgS9rvWY8PnPQMpaXTv0XQQka0j2Hijx7czfdRohfUxQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFH71MuuwfqhQa2U0MMBG7I1AL5aLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2LzkyNzVm
Zi1iYTllLTQ4ZTAtOTBhMS00NzcyNzA2NjExNjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvOTI3NWZm
LWJhOWUtNDhlMC05MGExLTQ3NzI3MDY2MTE2My8xL2Z2VXk2N0ItcUZCclpUUXd3
RWJzalVBdmxvcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQAwWzXAwQAwWzbAwQAwW1cAwQAwW1eMA0EAgAC
MAcDBQMqD/hAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMVQjANBgkqhkiG9w0B
AQsFAAOCAQEAf5vfH/JU0ZA2MFqqsY8tUJU3rwNgfNCEf4QP+GamnLYm/zbpERci
fVml91qqtljZbrJa/nqcEQBGcYOgLpolMce2Q5LK2PWz6UYCDZYtsx0Tu/DOQ4yA
+VLOaMp7WRVIEafjvm5ngPIdovDwZPqN85qM+OYnABrbzayJ3WR6HRtFdUx4Zvcw
mxqRIpMWhMIAvaF7ItVerjTmGEr4bArv73qCzuyVti+yejcqPn4is07zwaRPePoZ
qxk49+WeZovmwMoR7F+CUhP3F4LzFViKYY8faTE/Nb982dzwIpM5VvFV8SurwKwu
OJg/poXHQBggA3eHDIiPiyDbtTBSEgSuLQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:02:08 2024 by rpki-client on console-ams.rpki-client.org