Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
File:                     jAx_Lrq3yWERyuaHzt0c0um81Wo.cer (raw, json)
Hash identifier:          5kY+GM1dDEUAnGnK4BvdieTgFZvXp98hVgpXDVSWdcQ=
Subject key identifier:   8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC795342B3C660DD57571A5A251A0CAAE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:31:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 39039
                          IP: 5.134.64.0/20
                          IP: 46.31.32.0/21
                          IP: 77.95.48.0/21
                          IP: 83.243.32.0/21
                          IP: 185.170.32.0/22
                          IP: 2a03:9ac0::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:34:2b:3c:66:0d:d5:75:71:a5:a2:51:a0:ca:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a8:95:da:e8:db:4e:72:4a:d9:c5:76:54:52:
                    f6:c1:45:0f:1f:33:b0:35:a0:bd:e6:33:15:f3:25:
                    cf:44:9e:8e:ba:41:7c:1a:26:e9:c3:dd:4b:6a:7a:
                    90:1d:f1:5f:27:fa:59:17:38:bc:84:f5:ea:b0:6f:
                    44:66:cb:39:a4:3b:4f:a9:94:48:6d:b7:6d:8a:25:
                    24:a7:58:41:28:3c:6b:58:ba:71:9d:89:e3:28:ea:
                    a6:60:49:fa:df:c4:01:b1:17:51:2f:71:af:5b:99:
                    e5:b7:d2:57:60:7a:90:99:da:15:12:d5:4e:15:5b:
                    90:19:ce:6f:b3:cb:98:f8:cc:71:a9:ff:5f:40:73:
                    c9:a2:63:04:49:49:33:e3:6b:21:e9:73:9b:d1:b0:
                    f1:0b:a6:03:a0:4d:fc:46:20:3b:c7:60:cb:b9:fa:
                    ff:e8:a9:e0:6d:63:71:68:0c:24:1c:39:a3:f9:4f:
                    7f:84:aa:ff:3d:54:20:70:d3:ca:70:cc:63:17:d5:
                    cd:fd:f9:72:65:74:51:f6:dd:bd:af:17:ee:5b:37:
                    a3:92:3f:8c:27:66:87:58:d5:a1:d4:ce:64:8b:23:
                    15:79:3f:d5:c7:36:d5:23:e6:3b:70:52:64:57:1b:
                    55:2e:c5:54:64:57:d1:0b:32:31:9f:55:1b:9d:98:
                    4e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.134.64.0/20
                  46.31.32.0/21
                  77.95.48.0/21
                  83.243.32.0/21
                  185.170.32.0/22
                IPv6:
                  2a03:9ac0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  39039

    Signature Algorithm: sha256WithRSAEncryption
         15:97:2c:5d:34:e2:3b:89:9e:f8:79:78:d4:51:e4:74:ac:a3:
         88:a5:ca:64:ed:e9:42:e4:2f:10:8c:27:6b:b7:38:ad:59:fa:
         0d:c5:35:56:77:eb:a3:69:5d:24:4c:04:03:36:9d:5c:7c:36:
         89:53:bb:42:ef:2a:09:88:43:96:36:1c:39:61:f6:45:60:f5:
         9c:f5:e3:6e:05:70:5b:e6:dd:51:4d:2b:86:a0:9f:a9:ea:a3:
         ad:e8:26:c3:9e:df:7a:9f:e9:cc:20:69:c1:2e:af:4b:9f:d5:
         75:d8:c1:c7:8c:09:94:5f:9d:d5:92:78:c3:d1:12:b8:1e:df:
         7f:57:7c:56:3c:32:35:1f:a3:dd:f2:2b:ad:25:ae:30:58:bf:
         b8:c8:29:72:ec:8f:c6:2b:74:15:92:7f:93:f5:9e:04:3e:86:
         d3:98:b0:88:15:e2:01:cd:80:12:eb:96:c0:da:9a:be:82:a9:
         d9:b4:da:8b:23:fe:6b:be:ec:7a:c4:41:f7:00:37:84:ff:57:
         30:cb:cb:33:5a:ab:22:40:d4:c3:13:c3:10:a6:75:e7:02:80:
         35:0c:9f:e5:79:11:66:25:fb:cc:6d:2d:d6:47:ce:25:7b:45:
         6e:61:c2:b7:d6:14:60:9d:67:a3:d6:78:25:8e:0c:b4:03:28:
         6f:55:01:cb
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYzHlTQrPGYN1XVxpaJRoMquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBjN2YyZWJhYjdjOTYxMTFjYWU2ODdjZWRkMWNkMmU5YmNkNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaiV2ujbTnJK2cV2VFL2wUUPHzOw
NaC95jMV8yXPRJ6OukF8Gibpw91LanqQHfFfJ/pZFzi8hPXqsG9EZss5pDtPqZRI
bbdtiiUkp1hBKDxrWLpxnYnjKOqmYEn638QBsRdRL3GvW5nlt9JXYHqQmdoVEtVO
FVuQGc5vs8uY+Mxxqf9fQHPJomMESUkz42sh6XOb0bDxC6YDoE38RiA7x2DLufr/
6KngbWNxaAwkHDmj+U9/hKr/PVQgcNPKcMxjF9XN/flyZXRR9t29rxfuWzejkj+M
J2aHWNWh1M5kiyMVeT/VxzbVI+Y7cFJkVxtVLsVUZFfRCzIxn1UbnZhOBwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFIwMfy66t8lhEcrmh87dHNLpvNVqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2L2M3NjM4
My01OTFjLTRjZGUtYjJjZi0yNTFkNzRlZDc3NTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYvYzc2Mzgz
LTU5MWMtNGNkZS1iMmNmLTI1MWQ3NGVkNzc1NC8xL2pBeF9McnEzeVdFUnl1YUh6
dDBjMHVtODFXby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQEBYZAAwQDLh8gAwQDTV8wAwQDU/MgAwQCuaog
MA0EAgACMAcDBQMqA5rAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCYfzANBgkq
hkiG9w0BAQsFAAOCAQEAFZcsXTTiO4me+Hl41FHkdKyjiKXKZO3pQuQvEIwna7c4
rVn6DcU1Vnfro2ldJEwEAzadXHw2iVO7Qu8qCYhDljYcOWH2RWD1nPXjbgVwW+bd
UU0rhqCfqeqjregmw57fep/pzCBpwS6vS5/VddjBx4wJlF+d1ZJ4w9ESuB7ff1d8
VjwyNR+j3fIrrSWuMFi/uMgpcuyPxit0FZJ/k/WeBD6G05iwiBXiAc2AEuuWwNqa
voKp2bTaiyP+a77sesRB9wA3hP9XMMvLM1qrIkDUwxPDEKZ15wKANQyf5XkRZiX7
zG0t1kfOJXtFbmHCt9YUYJ1no9Z4JY4MtAMob1UByw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:29:04 2024 by rpki-client on console-ams.rpki-client.org