Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iSWuMjSiyXwn9171HT_zJr4GDiw.cer
File:                     iSWuMjSiyXwn9171HT_zJr4GDiw.cer (raw, json)
Hash identifier:          mup+qGTEaKHRj3tZcLzJPwq8OX3hWVrteS6lR/DjZGw=
Subject key identifier:   89:25:AE:32:34:A2:C9:7C:27:F7:5E:F5:1D:3F:F3:26:BE:06:0E:2C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019F27B39DAB5C41E41CB547714D5638E948
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 03 Jul 2026 11:18:30 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 203378
                          IP: 82.197.54.0/23
                          IP: 185.117.128.0/22
                          IP: 2a06:8480::/29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 17:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:27:b3:9d:ab:5c:41:e4:1c:b5:47:71:4d:56:38:e9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul  3 11:18:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8925ae3234a2c97c27f75ef51d3ff326be060e2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:68:04:5b:0b:99:80:98:45:96:d1:b7:dc:48:
                    3a:42:ae:54:c3:d0:ca:99:04:55:43:4b:e0:eb:29:
                    55:42:5c:3a:e4:eb:16:41:89:cf:3b:95:32:94:f0:
                    ae:1a:e8:18:20:bf:46:d8:d6:03:cd:a6:22:fa:be:
                    3b:28:50:ca:fa:6b:d2:7f:1b:20:9b:39:9b:38:34:
                    05:b3:65:82:df:5a:b4:00:67:5b:84:43:cf:dd:80:
                    44:4f:78:52:e8:f5:15:f1:fc:c9:36:4b:8a:f6:6b:
                    83:ea:ee:66:02:39:25:a0:65:47:75:b4:36:88:2b:
                    ba:a9:62:d6:1e:87:b1:6f:78:4e:ae:20:07:9d:78:
                    57:7f:ba:fc:3e:3c:3b:39:d2:4f:27:38:34:64:62:
                    31:26:85:a1:10:8f:29:2c:5f:d9:8b:61:b6:6c:85:
                    23:82:cd:b4:07:9e:9c:84:15:73:20:2e:be:2e:d9:
                    4a:f8:38:62:12:8d:43:90:da:bf:e0:96:50:a4:70:
                    da:8c:4f:38:8a:8c:37:c3:cc:15:5e:09:38:56:aa:
                    57:3b:8c:d0:a7:66:8f:68:51:18:c5:14:26:22:fd:
                    47:65:99:a5:f1:12:1e:a2:50:4e:ab:3f:ac:5f:4e:
                    a2:0e:ba:a0:7a:95:da:13:ec:fa:90:6d:a2:76:f1:
                    45:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:25:AE:32:34:A2:C9:7C:27:F7:5E:F5:1D:3F:F3:26:BE:06:0E:2C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.197.54.0/23
                  185.117.128.0/22
                IPv6:
                  2a06:8480::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203378

    Signature Algorithm: sha256WithRSAEncryption
         55:8f:2a:1e:a7:81:21:f4:cc:0d:45:a4:be:2a:92:b0:e4:c3:
         74:a7:2a:71:9d:81:e2:24:34:17:76:50:38:2c:c0:0c:ac:17:
         ec:4f:55:96:80:cf:94:85:82:31:3c:d4:76:b8:27:50:64:ff:
         d0:6c:08:a1:79:e3:62:f7:b9:f6:3f:16:a3:18:6f:de:d8:7c:
         75:61:26:ad:93:20:bd:6e:22:81:44:86:e6:18:dd:16:61:cc:
         32:38:4a:5b:5b:c5:8c:4a:34:a3:dc:f9:c2:c3:ed:90:e6:a4:
         d4:8d:07:10:32:b7:42:1c:00:ad:7f:85:03:15:e2:bc:4b:18:
         2e:2b:70:ce:bd:61:a8:e1:7a:2f:60:96:fa:6c:3a:3b:88:4f:
         77:76:1f:b5:0e:6e:ba:05:13:5f:55:e9:f9:a3:be:c9:64:04:
         d8:71:62:b5:8b:48:78:b5:c7:01:76:bf:89:1e:28:49:7a:df:
         cb:fc:c9:49:b6:90:7c:6e:92:d7:c3:dd:ff:6a:48:c0:69:68:
         0c:96:c8:cc:f8:32:92:4f:74:0b:d5:83:91:4d:a3:98:b3:d3:
         d2:cd:cd:ab:03:78:cb:e1:b0:ab:7a:1a:d5:bc:fb:1d:09:96:
         76:15:97:8a:f4:94:f0:cc:1f:03:40:5a:f2:1f:ac:c8:5b:73:
         64:a8:dc:76
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZ8ns52rXEHkHLVHcU1WOOlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNzAzMTExODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI1YWUzMjM0YTJjOTdjMjdmNzVlZjUxZDNmZjMyNmJlMDYwZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmgEWwuZgJhFltG33Eg6Qq5Uw9DK
mQRVQ0vg6ylVQlw65OsWQYnPO5UylPCuGugYIL9G2NYDzaYi+r47KFDK+mvSfxsg
mzmbODQFs2WC31q0AGdbhEPP3YBET3hS6PUV8fzJNkuK9muD6u5mAjkloGVHdbQ2
iCu6qWLWHoexb3hOriAHnXhXf7r8Pjw7OdJPJzg0ZGIxJoWhEI8pLF/Zi2G2bIUj
gs20B56chBVzIC6+LtlK+DhiEo1DkNq/4JZQpHDajE84iow3w8wVXgk4VqpXO4zQ
p2aPaFEYxRQmIv1HZZml8RIeolBOqz+sX06iDrqgepXaE+z6kG2idvFFswIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFIklrjI0osl8J/de9R0/8ya+Bg4sMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJiL2ZiNjI3
MC0wMzUzLTQ2ZmMtYjlmNS03ZThlNmU4ODhkYWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZmI2Mjcw
LTAzNTMtNDZmYy1iOWY1LTdlOGU2ZTg4OGRhYy8xL2lTV3VNalNpeVh3bjkxNzFI
VF96SnI0R0Rpdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBUsU2AwQCuXWAMA0EAgACMAcDBQMqBoSAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMacjANBgkqhkiG9w0BAQsFAAOCAQEAVY8q
HqeBIfTMDUWkviqSsOTDdKcqcZ2B4iQ0F3ZQOCzADKwX7E9VloDPlIWCMTzUdrgn
UGT/0GwIoXnjYve59j8Woxhv3th8dWEmrZMgvW4igUSG5hjdFmHMMjhKW1vFjEo0
o9z5wsPtkOak1I0HEDK3QhwArX+FAxXivEsYLitwzr1hqOF6L2CW+mw6O4hPd3Yf
tQ5uugUTX1Xp+aO+yWQE2HFitYtIeLXHAXa/iR4oSXrfy/zJSbaQfG6S18Pd/2pI
wGloDJbIzPgykk90C9WDkU2jmLPT0s3NqwN4y+Gwq3oa1bz7HQmWdhWXivSU8Mwf
A0Ba8h+syFtzZKjcdg==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:54:56 2026 by rpki-client