Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i8oO3xIvTPmLCC3UzA2E9e3oBLk.cer
File:                     i8oO3xIvTPmLCC3UzA2E9e3oBLk.cer (raw, json)
Hash identifier:          DB7U6pyJp9p/eqx0MCBa3IeKcpFi7y3rXmi/oGd/+9Q=
Subject key identifier:   8B:CA:0E:DF:12:2F:4C:F9:8B:08:2D:D4:CC:0D:84:F5:ED:E8:04:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2866B06061A2657BBC351AB4E04321
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4f/aef0ea-9403-47fb-ad80-1eda53aebe51/1/i8oO3xIvTPmLCC3UzA2E9e3oBLk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4f/aef0ea-9403-47fb-ad80-1eda53aebe51/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:31:34 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207899
                          IP: 92.119.212.0/22
                          IP: 2a0f:66c0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:28:66:b0:60:61:a2:65:7b:bc:35:1a:b4:e0:43:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:31:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8bca0edf122f4cf98b082dd4cc0d84f5ede804b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:87:ec:85:d6:ad:0c:be:fa:f8:ba:0f:80:12:
                    c2:a8:e1:24:a1:ad:e1:c2:9a:7b:9e:29:03:3c:ee:
                    19:62:95:83:2b:33:63:19:6f:42:96:3d:40:07:ca:
                    2e:ba:63:6a:84:94:48:46:43:0c:d9:c4:30:da:4f:
                    33:a4:be:dd:9a:3e:66:91:59:f9:3d:5b:d3:c2:44:
                    97:77:af:bb:6e:67:96:12:79:37:5e:4b:40:9d:fe:
                    f7:a8:a9:35:79:04:6b:66:7f:5d:28:9b:91:63:72:
                    30:08:0f:7a:7c:dc:4a:d2:cf:7c:bd:17:e1:31:40:
                    59:fb:c2:01:36:55:75:52:f5:b3:dc:79:02:b4:ed:
                    5d:30:a4:68:d3:cc:f4:d5:0d:f5:d1:20:ab:d4:ae:
                    f4:1c:4c:26:7b:fc:3b:d8:45:4f:4d:d7:de:14:9f:
                    cd:65:06:3c:4e:b1:56:e3:05:90:ea:85:60:80:e4:
                    39:c2:2e:01:80:a9:5b:63:45:e8:e4:86:86:5d:62:
                    ae:6e:73:ef:16:f0:14:67:4e:9d:10:c8:44:2a:c3:
                    29:06:b0:0f:22:8f:da:3e:89:6f:ea:60:f2:bb:33:
                    ae:0a:08:d1:69:31:45:4e:0f:eb:13:42:19:d8:41:
                    56:5c:c2:64:64:ca:3c:13:0a:d4:f9:c0:b2:56:a3:
                    ca:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:CA:0E:DF:12:2F:4C:F9:8B:08:2D:D4:CC:0D:84:F5:ED:E8:04:B9
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/aef0ea-9403-47fb-ad80-1eda53aebe51/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/aef0ea-9403-47fb-ad80-1eda53aebe51/1/i8oO3xIvTPmLCC3UzA2E9e3oBLk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.212.0/22
                IPv6:
                  2a0f:66c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207899

    Signature Algorithm: sha256WithRSAEncryption
         58:99:b4:e5:fb:ae:57:93:93:c8:fd:57:e5:ec:3e:ca:90:a6:
         44:00:4c:0b:b6:5c:4a:10:c3:69:30:e1:7c:c4:53:28:19:82:
         90:72:33:77:d1:66:0c:eb:31:2a:39:84:f4:26:17:87:f2:fe:
         14:7e:98:00:84:02:84:a2:5e:db:65:9b:82:34:b3:0a:97:33:
         73:46:3e:a3:7d:71:a9:b0:a0:9f:92:92:d7:7c:85:8a:ae:ae:
         af:a4:ec:4c:e7:fe:ff:26:1e:34:18:43:58:74:65:2e:21:16:
         5a:54:09:7f:41:2d:6e:4c:cd:96:04:10:19:86:e9:8b:af:dd:
         be:30:64:34:58:66:65:4d:63:bc:94:85:87:0a:8d:28:25:45:
         cf:d4:d8:13:a3:b0:97:ba:8b:81:1d:a0:ec:0e:40:9e:71:c5:
         d8:96:ca:c7:41:41:59:cb:9d:76:ba:00:d7:22:5f:78:4b:32:
         23:0e:ae:f7:9a:1d:fe:a2:16:ed:1d:43:81:c3:43:bd:da:de:
         cc:b5:1e:ad:e8:b1:96:7e:1d:ef:39:c7:4b:7f:b7:e4:3e:eb:
         ac:26:5c:f0:8b:7e:c8:e0:d6:a2:7b:e0:60:f0:2b:cf:9d:15:
         a6:bf:f5:c0:c2:7e:10:6a:79:84:37:5d:31:04:75:9c:c0:0f:
         7b:1d:db:93
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzKKGawYGGiZXu8NRq04EMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmNhMGVkZjEyMmY0Y2Y5OGIwODJkZDRjYzBkODRmNWVkZTgwNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqofshdatDL76+LoPgBLCqOEkoa3h
wpp7nikDPO4ZYpWDKzNjGW9Clj1AB8ouumNqhJRIRkMM2cQw2k8zpL7dmj5mkVn5
PVvTwkSXd6+7bmeWEnk3XktAnf73qKk1eQRrZn9dKJuRY3IwCA96fNxK0s98vRfh
MUBZ+8IBNlV1UvWz3HkCtO1dMKRo08z01Q310SCr1K70HEwme/w72EVPTdfeFJ/N
ZQY8TrFW4wWQ6oVggOQ5wi4BgKlbY0Xo5IaGXWKubnPvFvAUZ06dEMhEKsMpBrAP
Io/aPolv6mDyuzOuCgjRaTFFTg/rE0IZ2EFWXMJkZMo8EwrU+cCyVqPK1wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFIvKDt8SL0z5iwgt1MwNhPXt6AS5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmL2FlZjBl
YS05NDAzLTQ3ZmItYWQ4MC0xZWRhNTNhZWJlNTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvYWVmMGVh
LTk0MDMtNDdmYi1hZDgwLTFlZGE1M2FlYmU1MS8xL2k4b08zeEl2VFBtTENDM1V6
QTJFOWUzb0JMay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCXHfUMA0EAgACMAcDBQAqD2bAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMsGzANBgkqhkiG9w0BAQsFAAOCAQEAWJm05fuuV5OT
yP1X5ew+ypCmRABMC7ZcShDDaTDhfMRTKBmCkHIzd9FmDOsxKjmE9CYXh/L+FH6Y
AIQChKJe22WbgjSzCpczc0Y+o31xqbCgn5KS13yFiq6ur6TsTOf+/yYeNBhDWHRl
LiEWWlQJf0EtbkzNlgQQGYbpi6/dvjBkNFhmZU1jvJSFhwqNKCVFz9TYE6Owl7qL
gR2g7A5AnnHF2JbKx0FBWcuddroA1yJfeEsyIw6u95od/qIW7R1DgcNDvdrezLUe
reixln4d7znHS3+35D7rrCZc8It+yODWonvgYPArz50Vpr/1wMJ+EGp5hDddMQR1
nMAPex3bkw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:20:02 2024 by rpki-client on console-fra.rpki-client.org