Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lELO0S17sEnNHN-N97palXZVOGw.cer
File:                     lELO0S17sEnNHN-N97palXZVOGw.cer (raw, json)
Hash identifier:          oVKEpCbKiw3xtYtI+raXLAiFRbwd8wOBdySlKtgklzI=
Subject key identifier:   94:42:CE:D1:2D:7B:B0:49:CD:1C:DF:8D:F7:BA:5A:95:76:55:38:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D13EFD86B79C308351D68013FF28B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/lELO0S17sEnNHN-N97palXZVOGw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:37 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.164.180.0/22
                          IP: 2a0b:4c00::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:13:ef:d8:6b:79:c3:08:35:1d:68:01:3f:f2:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9442ced12d7bb049cd1cdf8df7ba5a957655386c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f6:07:40:f0:df:89:6d:94:f1:a6:00:4d:7d:
                    2e:03:00:71:57:d2:b6:c7:03:82:c2:76:98:7e:6e:
                    ff:19:35:19:31:cf:99:76:24:8d:a1:b5:91:bf:6b:
                    0d:58:bd:fb:ff:22:0c:0e:6f:01:c4:c5:26:7e:46:
                    ed:37:4e:dc:7e:98:2b:a8:15:dd:96:8b:58:9a:dd:
                    ff:c7:e7:46:89:c3:7e:f8:ec:16:ec:ed:0b:ef:c7:
                    89:c2:2a:19:95:88:28:ab:b4:a8:a3:e3:92:8e:d9:
                    d5:c5:a2:eb:ee:16:7e:ca:e0:bd:19:d8:24:d6:db:
                    60:b7:fe:00:50:9f:b0:c5:ff:9c:c6:5c:c0:f9:4a:
                    7b:e1:c4:1b:02:ac:01:8a:7f:cf:bd:76:7a:ba:5a:
                    ac:04:08:aa:4b:22:3d:c1:ec:a0:63:40:b5:17:5f:
                    4a:2c:82:80:b8:10:f5:ec:2d:8f:da:7a:cb:e2:b8:
                    65:27:e5:c3:02:52:95:01:91:03:85:43:18:4c:dd:
                    ff:9f:bd:cf:16:0f:b2:f7:69:9c:ed:c0:f0:dc:33:
                    fa:7e:b3:ce:c2:8c:ac:b4:60:78:75:07:a8:65:26:
                    03:47:b5:ea:df:01:9a:8d:40:d6:b4:57:7f:a9:08:
                    b2:c5:64:ca:c9:a0:85:41:b7:84:50:bd:54:ba:7f:
                    3a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:42:CE:D1:2D:7B:B0:49:CD:1C:DF:8D:F7:BA:5A:95:76:55:38:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/lELO0S17sEnNHN-N97palXZVOGw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.164.180.0/22
                IPv6:
                  2a0b:4c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         a8:26:8d:0d:bb:e3:e3:4d:c6:f5:29:ba:d3:93:a5:b8:08:ed:
         ad:fc:0c:86:5d:1e:b0:6a:6d:a8:6a:0e:45:55:1e:42:78:8f:
         f5:46:d7:3e:c4:aa:90:56:a3:4a:84:03:1d:c4:0a:72:7f:94:
         4b:21:3e:53:22:34:fa:6a:3c:f5:72:bb:94:90:f0:9c:bb:ad:
         d7:05:86:6d:17:b3:0d:e7:79:a3:0b:f8:51:2b:af:fc:ca:a2:
         06:77:9f:d3:36:f0:96:aa:76:e5:79:7c:62:d1:22:94:bc:6e:
         26:0b:1d:6d:df:b9:6b:62:80:af:23:4b:c5:57:b0:fa:93:14:
         d6:c7:90:ed:6f:16:b8:a3:c9:09:14:a2:f6:9d:75:ce:37:f2:
         77:98:9d:a6:7b:eb:b8:88:c1:08:91:c7:34:63:2c:52:45:45:
         fe:e0:84:b3:1a:de:12:53:14:7c:c8:c9:ef:41:50:e0:69:f7:
         5e:91:ed:3f:80:68:0e:a9:78:60:f7:08:30:eb:2d:6f:1f:2e:
         65:bb:b4:71:05:a6:33:99:05:d3:0f:45:bd:68:b2:74:a2:02:
         ae:76:3d:92:6f:71:91:f9:ba:80:4e:9c:5f:4e:2a:73:3d:f0:
         23:b3:02:e1:a7:c9:01:24:89:fe:37:7e:d0:78:d5:92:96:29:
         54:06:63:4b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzCbRPv2Gt5wwg1HWgBP/KLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQyY2VkMTJkN2JiMDQ5Y2QxY2RmOGRmN2JhNWE5NTc2NTUzODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPYHQPDfiW2U8aYATX0uAwBxV9K2
xwOCwnaYfm7/GTUZMc+ZdiSNobWRv2sNWL37/yIMDm8BxMUmfkbtN07cfpgrqBXd
lotYmt3/x+dGicN++OwW7O0L78eJwioZlYgoq7Soo+OSjtnVxaLr7hZ+yuC9Gdgk
1ttgt/4AUJ+wxf+cxlzA+Up74cQbAqwBin/PvXZ6ulqsBAiqSyI9weygY0C1F19K
LIKAuBD17C2P2nrL4rhlJ+XDAlKVAZEDhUMYTN3/n73PFg+y92mc7cDw3DP6frPO
woystGB4dQeoZSYDR7Xq3wGajUDWtFd/qQiyxWTKyaCFQbeEUL1Uun86AwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJRCztEte7BJzRzfjfe6WpV2VThsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmLzlmMmZm
YS0yMzdiLTQ3NGItODg4MC00NmZkNDZkNmI1NDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvOWYyZmZh
LTIzN2ItNDc0Yi04ODgwLTQ2ZmQ0NmQ2YjU0Ny8xL2xFTE8wUzE3c0VuTkhOLU45
N3BhbFhaVk9Hdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuaS0MA0EAgACMAcDBQMqC0wAMA0GCSqGSIb3
DQEBCwUAA4IBAQCoJo0Nu+PjTcb1KbrTk6W4CO2t/AyGXR6wam2oag5FVR5CeI/1
Rtc+xKqQVqNKhAMdxApyf5RLIT5TIjT6ajz1cruUkPCcu63XBYZtF7MN53mjC/hR
K6/8yqIGd5/TNvCWqnbleXxi0SKUvG4mCx1t37lrYoCvI0vFV7D6kxTWx5Dtbxa4
o8kJFKL2nXXON/J3mJ2me+u4iMEIkcc0YyxSRUX+4ISzGt4SUxR8yMnvQVDgafde
ke0/gGgOqXhg9wgw6y1vHy5lu7RxBaYzmQXTD0W9aLJ0ogKudj2Sb3GR+bqATpxf
TipzPfAjswLhp8kBJIn+N37QeNWSlilUBmNL
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:03:29 2024 by rpki-client on console-ams.rpki-client.org