Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jYzDMwiBzYyjntYJ_-GENySyqaw.cer
File:                     jYzDMwiBzYyjntYJ_-GENySyqaw.cer (raw, json)
Hash identifier:          VpUC5MCjhIxJCvR9QBY709wtGiLJvB35/yNIgUxVMnQ=
Subject key identifier:   8D:8C:C3:33:08:81:CD:8C:A3:9E:D6:09:FF:E1:84:37:24:B2:A9:AC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B68A790BE4A7B6C58217CEE56B932E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c3/8b9066-2ea7-4204-a84a-e3e8a98c2168/1/jYzDMwiBzYyjntYJ_-GENySyqaw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c3/8b9066-2ea7-4204-a84a-e3e8a98c2168/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 51416
                          IP: 89.31.104.0/21
                          IP: 185.124.164.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:8a:79:0b:e4:a7:b6:c5:82:17:ce:e5:6b:93:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8d8cc3330881cd8ca39ed609ffe1843724b2a9ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:08:0d:d1:27:28:9d:ae:40:eb:17:56:c4:66:
                    02:da:c2:46:8f:77:75:c6:8b:8e:3e:82:81:b2:9e:
                    27:ef:db:ed:da:1e:fb:f2:be:7c:a9:bd:f5:b9:ea:
                    42:ad:9f:9a:a1:d6:c6:05:6e:5a:b5:a7:98:d7:a8:
                    8e:a9:06:f8:7c:7f:2f:53:ad:aa:ff:0a:f2:71:fb:
                    1b:af:3f:d5:26:bf:2e:66:d2:ea:6b:58:19:be:52:
                    94:ed:a0:65:d4:73:03:b4:f6:a0:c7:19:ad:14:f8:
                    75:fc:52:ad:8e:4a:e7:3e:9a:e3:a7:16:bc:45:66:
                    b7:9b:ae:be:b3:49:e1:e6:bb:c8:f4:f1:f1:51:82:
                    67:1a:d1:3b:8c:36:6b:ef:a9:10:9c:57:bf:ce:37:
                    73:c1:cd:be:86:56:b3:47:30:47:d9:96:d8:92:c6:
                    c1:69:9f:0f:d6:fb:73:b1:67:b6:2b:f4:30:c6:fa:
                    e9:67:5d:d0:25:91:c1:9b:30:c5:26:6e:af:f8:17:
                    40:42:a4:5f:c5:c5:bf:92:74:70:7b:eb:d1:24:69:
                    bc:c7:26:85:38:e4:c0:8e:e7:ca:2f:21:92:f2:ce:
                    0b:b9:2e:2e:b4:fe:da:33:e4:e2:4a:2b:1b:32:4e:
                    f1:4b:19:e2:cc:7f:c9:34:14:9c:2f:8f:02:02:d3:
                    6e:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:8C:C3:33:08:81:CD:8C:A3:9E:D6:09:FF:E1:84:37:24:B2:A9:AC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b9066-2ea7-4204-a84a-e3e8a98c2168/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b9066-2ea7-4204-a84a-e3e8a98c2168/1/jYzDMwiBzYyjntYJ_-GENySyqaw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.31.104.0/21
                  185.124.164.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  51416

    Signature Algorithm: sha256WithRSAEncryption
         54:ff:ab:21:75:7a:e9:31:bb:dc:4f:a8:22:63:73:01:15:8f:
         fc:33:09:92:2a:64:1a:ea:b9:41:bc:d9:da:cf:9f:e5:d2:e0:
         aa:78:5b:ed:e0:1e:0a:43:88:a9:dd:6b:62:83:74:57:12:ec:
         c3:0d:bf:9c:95:35:aa:ea:4a:d3:66:78:5e:f9:fc:62:b9:cd:
         3c:ff:46:4a:5c:05:1c:85:66:76:5b:7a:c1:84:eb:2f:44:3e:
         b6:72:74:f0:95:86:b9:4c:0f:5d:86:4c:5d:ef:0b:18:5f:e5:
         4e:5a:e5:8d:94:c9:8d:bc:92:cb:44:9f:75:ec:f4:a8:62:d3:
         c9:fd:04:e5:04:1d:45:7b:6f:d2:ee:cb:c0:6e:d3:02:0c:d0:
         dd:3e:42:0e:b3:bb:fb:1a:8a:de:ff:45:64:7b:8f:91:1d:54:
         94:41:25:09:25:c6:92:35:34:92:80:2c:49:08:5e:31:e5:9a:
         77:81:c3:d1:44:96:c7:bc:1b:c2:63:61:09:6b:f9:f6:37:6a:
         ee:7e:d2:5f:c8:3b:7f:f6:46:8f:d7:e2:41:da:35:d5:4c:0f:
         d6:d9:69:f9:49:45:bb:9a:6e:eb:6e:71:b8:c7:49:07:0a:3c:
         c2:2e:79:b9:f9:b6:7d:00:03:38:eb:43:47:ac:61:dc:a8:fb:
         4c:76:0b:95
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzDtop5C+SntsWCF87la5MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhjYzMzMzA4ODFjZDhjYTM5ZWQ2MDlmZmUxODQzNzI0YjJhOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQgN0Scona5A6xdWxGYC2sJGj3d1
xouOPoKBsp4n79vt2h778r58qb31uepCrZ+aodbGBW5ataeY16iOqQb4fH8vU62q
/wrycfsbrz/VJr8uZtLqa1gZvlKU7aBl1HMDtPagxxmtFPh1/FKtjkrnPprjpxa8
RWa3m66+s0nh5rvI9PHxUYJnGtE7jDZr76kQnFe/zjdzwc2+hlazRzBH2ZbYksbB
aZ8P1vtzsWe2K/QwxvrpZ13QJZHBmzDFJm6v+BdAQqRfxcW/knRwe+vRJGm8xyaF
OOTAjufKLyGS8s4LuS4utP7aM+TiSisbMk7xSxnizH/JNBScL48CAtNu0QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFI2MwzMIgc2Mo57WCf/hhDcksqmsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzLzhiOTA2
Ni0yZWE3LTQyMDQtYTg0YS1lM2U4YTk4YzIxNjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvOGI5MDY2
LTJlYTctNDIwNC1hODRhLWUzZThhOThjMjE2OC8xL2pZekRNd2lCell5am50WUpf
LUdFTnlTeXFhdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDWR9oAwQCuXykMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDI2DANBgkqhkiG9w0BAQsFAAOCAQEAVP+rIXV66TG73E+oImNzARWP
/DMJkipkGuq5QbzZ2s+f5dLgqnhb7eAeCkOIqd1rYoN0VxLsww2/nJU1qupK02Z4
Xvn8YrnNPP9GSlwFHIVmdlt6wYTrL0Q+tnJ08JWGuUwPXYZMXe8LGF/lTlrljZTJ
jbySy0Sfdez0qGLTyf0E5QQdRXtv0u7LwG7TAgzQ3T5CDrO7+xqK3v9FZHuPkR1U
lEElCSXGkjU0koAsSQheMeWad4HD0USWx7wbwmNhCWv59jdq7n7SX8g7f/ZGj9fi
Qdo11UwP1tlp+UlFu5pu625xuMdJBwo8wi55ufm2fQADOOtDR6xh3Kj7THYLlQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:20:25 2024 by rpki-client on console-fra.rpki-client.org