Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
File:                     g7826xjvmlfF-2A62kAP5rZojm4.cer (raw, json)
Hash identifier:          arpqjOpuZyVsprvl7R1Ya/llahMco+NbRHkZykaDtqU=
Subject key identifier:   83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC726D800DE40E9AEE4BA84806432F477
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:31:00 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 39047
                          IP: 31.3.24.0/21
                          IP: 37.75.216.0/21
                          IP: 80.242.96.0/20
                          IP: 93.190.176.0/21
                          IP: 185.14.16.0/22
                          IP: 195.66.138.0/23
                          IP: 217.175.0.0/20
                          IP: 2a03:a840::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:d8:00:de:40:e9:ae:e4:ba:84:80:64:32:f4:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:31:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a3:21:5d:cc:a5:3b:20:4b:00:ec:4f:d1:62:
                    f5:31:91:02:b2:4b:68:82:78:cd:e5:f6:0f:dc:51:
                    72:c8:0f:0b:f7:ec:b6:53:7d:b3:61:8e:7b:9c:d8:
                    d1:e7:e4:71:97:2a:c9:8f:a3:de:e2:fe:9c:ca:64:
                    0f:0f:0b:e6:10:53:0f:77:62:95:26:33:92:4f:1e:
                    f2:f5:5f:0c:65:53:6f:48:4b:ef:87:2c:bd:29:24:
                    d5:be:44:00:92:74:47:59:6a:e7:d9:bf:7b:21:ce:
                    92:3d:b2:99:6d:df:2e:b3:d8:dc:d2:f5:51:fe:73:
                    61:1f:c8:0c:97:b3:26:f2:a4:f9:b4:f8:bf:69:6b:
                    d3:2e:87:e3:c5:aa:d1:69:82:ca:3d:2f:e0:96:c7:
                    de:d8:96:85:37:2c:49:4b:45:ff:8a:74:43:55:35:
                    96:7a:19:db:09:32:b0:55:50:23:f6:a8:6b:3f:00:
                    12:ea:c6:e1:65:7c:8d:58:62:5b:e2:b2:94:f9:46:
                    48:78:f6:2c:fb:2e:6d:00:4a:bd:50:ef:94:3c:7f:
                    86:c6:b2:d9:a3:a2:1e:7c:20:31:d7:44:86:70:52:
                    72:d3:f7:32:70:84:fb:9d:65:d5:ea:a8:10:0c:91:
                    48:66:6e:97:f9:9d:1e:3a:1c:02:5a:7b:db:af:5a:
                    92:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.3.24.0/21
                  37.75.216.0/21
                  80.242.96.0/20
                  93.190.176.0/21
                  185.14.16.0/22
                  195.66.138.0/23
                  217.175.0.0/20
                IPv6:
                  2a03:a840::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  39047

    Signature Algorithm: sha256WithRSAEncryption
         6f:63:5d:d5:fa:f7:0f:37:04:51:ff:52:c7:67:9d:c8:f3:48:
         31:a5:d5:2a:3c:45:4c:b9:c6:9b:45:f0:6d:77:47:1a:0e:ca:
         5b:43:58:1b:4c:d4:52:7d:da:ba:75:c8:ee:f2:19:99:d7:97:
         09:61:17:32:ac:ca:a9:b8:25:70:e2:1a:8f:4c:bd:bf:59:79:
         6b:12:8f:c1:dc:7e:2b:a1:ae:db:0a:21:01:fd:8a:41:ab:f5:
         09:ce:d6:cc:15:96:ac:e2:95:19:c1:63:ba:44:46:5e:db:ad:
         59:19:c5:fc:b4:85:53:03:3b:75:d5:b7:51:2e:9d:a9:36:b3:
         ee:0d:6f:31:40:7c:0f:dd:2c:c1:1d:14:47:da:0a:30:c5:80:
         76:89:b4:71:88:8f:9e:4b:4d:d4:bb:79:5e:9b:af:84:fa:35:
         fa:79:82:fa:7a:87:c6:fe:38:84:47:2b:0e:00:00:4a:54:91:
         8a:28:0b:be:a2:8b:7a:c3:05:bc:5d:68:74:5c:fc:3d:7a:c9:
         75:d5:33:de:ba:84:5d:4d:90:a5:a1:a9:d7:ee:0f:e4:d0:95:
         9c:b9:50:d5:3c:51:b6:e1:49:95:e6:cb:28:9b:0d:0d:82:ce:
         c6:03:9f:c8:65:87:50:60:6b:c7:dd:69:ad:26:ba:5e:cd:e5:
         3f:ee:c0:bd
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYzHJtgA3kDpruS6hIBkMvR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JmMzZlYjE4ZWY5YTU3YzVmYjYwM2FkYTQwMGZlNmI2Njg4ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6MhXcylOyBLAOxP0WL1MZECskto
gnjN5fYP3FFyyA8L9+y2U32zYY57nNjR5+RxlyrJj6Pe4v6cymQPDwvmEFMPd2KV
JjOSTx7y9V8MZVNvSEvvhyy9KSTVvkQAknRHWWrn2b97Ic6SPbKZbd8us9jc0vVR
/nNhH8gMl7Mm8qT5tPi/aWvTLofjxarRaYLKPS/glsfe2JaFNyxJS0X/inRDVTWW
ehnbCTKwVVAj9qhrPwAS6sbhZXyNWGJb4rKU+UZIePYs+y5tAEq9UO+UPH+GxrLZ
o6IefCAx10SGcFJy0/cycIT7nWXV6qgQDJFIZm6X+Z0eOhwCWnvbr1qS2QIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFIO/NusY75pXxftgOtpAD+a2aI5uMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyL2Y3N2Q1
MS1lZTFjLTQ3YTktOTBiYy1lMGQyYTFiNmU4YWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIvZjc3ZDUx
LWVlMWMtNDdhOS05MGJjLWUwZDJhMWI2ZThhYy8xL2c3ODI2eGp2bWxmRi0yQTYy
a0FQNXJab2ptNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUF
BwEHAQH/BEMwQTAwBAIAATAqAwQDHwMYAwQDJUvYAwQEUPJgAwQDXb6wAwQCuQ4Q
AwQBw0KKAwQE2a8AMA0EAgACMAcDBQAqA6hAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwCYhzANBgkqhkiG9w0BAQsFAAOCAQEAb2Nd1fr3DzcEUf9Sx2edyPNIMaXV
KjxFTLnGm0XwbXdHGg7KW0NYG0zUUn3aunXI7vIZmdeXCWEXMqzKqbglcOIaj0y9
v1l5axKPwdx+K6Gu2wohAf2KQav1Cc7WzBWWrOKVGcFjukRGXtutWRnF/LSFUwM7
ddW3US6dqTaz7g1vMUB8D90swR0UR9oKMMWAdom0cYiPnktN1Lt5XpuvhPo1+nmC
+nqHxv44hEcrDgAASlSRiigLvqKLesMFvF1odFz8PXrJddUz3rqEXU2QpaGp1+4P
5NCVnLlQ1TxRtuFJlebLKJsNDYLOxgOfyGWHUGBrx91prSa6Xs3lP+7AvQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:47 2024 by rpki-client on console-fra.rpki-client.org