Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gswXHj3IRnEeBW4uNiQdrJlKYA0.cer
File:                     gswXHj3IRnEeBW4uNiQdrJlKYA0.cer (raw, json)
Hash identifier:          GuhVaQwJwyDw+N3RzJpso7TOHadR4bzSS6e5VDUQ0ZQ=
Subject key identifier:   82:CC:17:1E:3D:C8:46:71:1E:05:6E:2E:36:24:1D:AC:99:4A:60:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC80150DD0902DD026B5CE6E2F9D5E25D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/28/2210c7-9959-44f7-ada6-efd3ae985ee4/1/gswXHj3IRnEeBW4uNiQdrJlKYA0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/28/2210c7-9959-44f7-ada6-efd3ae985ee4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:29:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 59579
                          IP: 193.41.44.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:50:dd:09:02:dd:02:6b:5c:e6:e2:f9:d5:e2:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=82cc171e3dc846711e056e2e36241dac994a600d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ea:d8:66:d1:bf:a9:0e:95:63:ed:58:f5:01:
                    65:d0:ca:a3:91:77:2e:a0:25:ad:aa:0d:f5:f3:59:
                    d1:50:40:f6:6e:db:de:1b:05:bd:6f:ba:f9:af:96:
                    42:98:44:61:ea:6a:e6:7d:30:a3:1e:39:29:39:a1:
                    33:92:79:4a:df:f6:4f:5e:a2:d7:48:e4:f8:c4:5d:
                    74:f5:4d:92:36:01:90:54:ee:aa:4d:1f:10:1e:c0:
                    b3:e5:d2:2a:e0:bf:4e:51:46:a9:b0:39:05:f1:0c:
                    33:91:49:70:73:8a:37:13:33:d9:ef:96:00:ab:f4:
                    e7:84:34:73:cd:cb:fd:82:29:fc:30:ee:a8:f9:56:
                    28:e8:48:7b:61:f6:76:6c:44:10:3f:09:ba:8d:84:
                    46:6d:18:f5:72:c6:48:ab:44:5d:4d:e8:2e:09:f2:
                    16:38:a8:d2:6e:53:65:08:ab:02:62:1b:63:24:f5:
                    26:51:85:25:db:0e:97:b6:43:51:08:63:b9:6d:34:
                    9b:a8:00:35:ac:d9:c8:f0:b1:f7:f2:d3:62:53:e1:
                    5c:94:40:99:52:83:54:01:f2:51:93:f9:6c:6a:2f:
                    dc:70:9e:fe:94:02:d9:08:3a:86:01:75:23:25:84:
                    9a:fd:17:c2:cc:4e:f5:c7:ff:03:a4:1f:06:59:fb:
                    bf:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:CC:17:1E:3D:C8:46:71:1E:05:6E:2E:36:24:1D:AC:99:4A:60:0D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2210c7-9959-44f7-ada6-efd3ae985ee4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2210c7-9959-44f7-ada6-efd3ae985ee4/1/gswXHj3IRnEeBW4uNiQdrJlKYA0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.41.44.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59579

    Signature Algorithm: sha256WithRSAEncryption
         74:a0:1c:ef:10:d3:73:a4:09:fe:bf:98:3e:b2:2f:a0:7e:54:
         c8:51:e4:48:ea:dd:65:be:bf:2b:3d:29:5b:be:7f:18:6f:17:
         ba:5d:2b:0c:5e:3e:ce:b4:92:a2:7b:5c:ac:cc:32:cf:4c:fa:
         40:0f:0b:77:e7:d2:22:7b:17:10:ec:af:63:4b:36:ec:28:99:
         05:6b:2c:25:3d:ef:67:f3:31:bd:af:bd:7b:a9:f9:7e:0a:cb:
         6a:c3:db:a2:1b:0f:07:45:22:87:bc:af:50:33:8b:83:f5:12:
         de:ad:05:d2:96:4a:4a:42:14:bc:25:51:e0:f8:9a:90:4d:e6:
         8e:14:1d:4e:c8:9d:df:8a:ba:af:a2:11:1d:8c:a0:7c:63:ff:
         7c:35:c0:d5:43:12:6e:56:81:80:a9:a8:ef:18:80:85:ef:bf:
         54:71:70:77:e6:2e:07:57:74:cb:af:65:0f:c4:29:b5:65:36:
         c8:99:e6:fc:20:47:4f:d4:13:d7:4e:c0:86:46:91:e2:ce:6f:
         0c:6a:3b:fd:e5:92:f5:76:44:00:c5:71:ec:3e:d8:7a:59:c6:
         0d:de:68:6b:9f:ba:a6:6d:f7:35:f2:27:6c:4b:b7:11:9b:bf:
         2c:63:8e:5d:2c:1e:4b:8e:d9:82:13:cf:bf:cf:52:80:7d:a3:
         66:f7:7a:77
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzIAVDdCQLdAmtc5uL51eJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNjMTcxZTNkYzg0NjcxMWUwNTZlMmUzNjI0MWRhYzk5NGE2MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOrYZtG/qQ6VY+1Y9QFl0MqjkXcu
oCWtqg3181nRUED2btveGwW9b7r5r5ZCmERh6mrmfTCjHjkpOaEzknlK3/ZPXqLX
SOT4xF109U2SNgGQVO6qTR8QHsCz5dIq4L9OUUapsDkF8QwzkUlwc4o3EzPZ75YA
q/TnhDRzzcv9gin8MO6o+VYo6Eh7YfZ2bEQQPwm6jYRGbRj1csZIq0RdTeguCfIW
OKjSblNlCKsCYhtjJPUmUYUl2w6XtkNRCGO5bTSbqAA1rNnI8LH38tNiU+FclECZ
UoNUAfJRk/lsai/ccJ7+lALZCDqGAXUjJYSa/RfCzE71x/8DpB8GWfu/HQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFILMFx49yEZxHgVuLjYkHayZSmANMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI4LzIyMTBj
Ny05OTU5LTQ0ZjctYWRhNi1lZmQzYWU5ODVlZTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvMjIxMGM3
LTk5NTktNDRmNy1hZGE2LWVmZDNhZTk4NWVlNC8xL2dzd1hIajNJUm5FZUJXNHVO
aVFkckpsS1lBMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwSksMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDouzANBgkqhkiG9w0BAQsFAAOCAQEAdKAc7xDTc6QJ/r+YPrIvoH5UyFHkSOrd
Zb6/Kz0pW75/GG8Xul0rDF4+zrSSontcrMwyz0z6QA8Ld+fSInsXEOyvY0s27CiZ
BWssJT3vZ/Mxva+9e6n5fgrLasPbohsPB0Uih7yvUDOLg/US3q0F0pZKSkIUvCVR
4PiakE3mjhQdTsid34q6r6IRHYygfGP/fDXA1UMSblaBgKmo7xiAhe+/VHFwd+Yu
B1d0y69lD8QptWU2yJnm/CBHT9QT107AhkaR4s5vDGo7/eWS9XZEAMVx7D7YelnG
Dd5oa5+6pm33NfInbEu3EZu/LGOOXSweS47ZghPPv89SgH2jZvd6dw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 23:20:20 2024 by rpki-client on console-fra.rpki-client.org