Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lIlI8N1eL7CpArl5ypxcGkT5j6E.cer
File:                     lIlI8N1eL7CpArl5ypxcGkT5j6E.cer (raw, json)
Hash identifier:          ciqI9mrynTZxrfBXEsd4t2HfEGkw6XiEqyD5gw1kAgI=
Subject key identifier:   94:89:48:F0:DD:5E:2F:B0:A9:02:B9:79:CA:9C:5C:1A:44:F9:8F:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2A4215CF953A836DA9860883AADF62
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/lIlI8N1eL7CpArl5ypxcGkT5j6E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 212977
                          IP: 2001:67c:1298::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:42:15:cf:95:3a:83:6d:a9:86:08:83:aa:df:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=948948f0dd5e2fb0a902b979ca9c5c1a44f98fa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ee:75:51:07:10:ed:92:7e:9f:8a:31:2e:cd:
                    78:05:58:84:56:ee:d8:9b:7c:2f:62:97:c7:3a:24:
                    56:67:81:a8:5c:61:e7:6b:c6:fe:f7:df:1e:e5:ae:
                    2b:2d:08:c9:5f:6a:e4:55:1c:22:d8:b4:ff:bf:31:
                    44:db:d1:41:7b:9f:64:35:d2:fa:90:f0:3b:56:ba:
                    d7:8a:5b:9f:3a:aa:0e:22:06:07:23:18:84:02:02:
                    82:ae:60:5e:9e:ab:c0:c1:a6:4e:ca:d0:87:e6:8b:
                    29:73:09:7d:ad:4c:d1:ec:22:c3:f9:fb:d0:46:9c:
                    a3:6f:78:00:82:e2:87:3e:91:c5:53:f5:d3:18:51:
                    f1:de:b6:6c:74:f5:64:51:7d:da:e7:a7:e5:98:75:
                    db:bd:52:18:65:66:65:86:4b:dd:eb:a8:d3:fd:4c:
                    8d:2b:fa:93:51:49:28:75:53:94:2f:9c:6a:7f:ff:
                    e2:88:57:25:0b:5b:24:2c:eb:18:4a:6e:f4:01:41:
                    2d:c8:ca:0d:57:3e:6c:d9:f4:84:23:46:cc:92:c6:
                    56:a3:03:4a:17:8c:6e:62:6b:14:05:56:1c:1c:15:
                    f1:f9:77:82:fb:64:0d:42:b4:a2:f9:2d:a3:45:bd:
                    d5:93:c0:c7:5e:88:b2:8a:c6:3b:ce:95:b5:f8:42:
                    93:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:89:48:F0:DD:5E:2F:B0:A9:02:B9:79:CA:9C:5C:1A:44:F9:8F:A1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/lIlI8N1eL7CpArl5ypxcGkT5j6E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1298::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212977

    Signature Algorithm: sha256WithRSAEncryption
         3f:e5:e4:b2:73:eb:74:98:4d:a8:2c:94:97:ac:bc:fd:49:68:
         0f:36:0f:01:74:91:20:13:de:08:cd:61:23:7f:9a:4c:87:8e:
         25:0f:ed:81:22:5c:c2:8e:ec:9d:2d:a4:03:d2:58:4c:a5:c3:
         a9:f5:ee:05:96:84:3c:b6:61:5f:f1:9a:07:6d:bb:28:a2:ab:
         90:ab:c3:b8:56:3f:81:b6:41:5c:b3:c3:1d:41:54:00:fd:99:
         b5:82:3e:37:81:80:9e:e7:f7:b3:99:c0:16:b2:4b:39:df:ac:
         96:8e:a2:04:53:04:14:37:d6:8a:8e:e0:09:58:1f:aa:dc:f2:
         22:37:54:b6:17:c7:53:53:1c:96:68:6b:b4:55:4e:3a:cb:bd:
         e5:b8:dc:39:70:0a:2d:4d:b6:52:00:aa:fb:f4:dc:48:69:0a:
         37:7f:43:21:cc:30:6a:00:94:65:52:23:e6:7e:74:6d:49:ca:
         ed:83:72:86:58:9a:f9:d4:e5:78:b1:34:2d:a2:f7:eb:55:dd:
         57:b2:22:93:36:e8:25:fc:8c:76:27:6d:0b:15:44:e5:68:33:
         e4:a4:2b:35:64:b5:3e:6d:5e:eb:11:3d:5f:81:01:fe:ba:18:
         e8:21:3a:88:d0:be:fe:45:9b:65:64:6e:32:66:ae:ce:3b:50:
         be:73:08:9c
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzKKkIVz5U6g22phgiDqt9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg5NDhmMGRkNWUyZmIwYTkwMmI5NzljYTljNWMxYTQ0Zjk4ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO51UQcQ7ZJ+n4oxLs14BViEVu7Y
m3wvYpfHOiRWZ4GoXGHna8b+998e5a4rLQjJX2rkVRwi2LT/vzFE29FBe59kNdL6
kPA7VrrXilufOqoOIgYHIxiEAgKCrmBenqvAwaZOytCH5ospcwl9rUzR7CLD+fvQ
Rpyjb3gAguKHPpHFU/XTGFHx3rZsdPVkUX3a56flmHXbvVIYZWZlhkvd66jT/UyN
K/qTUUkodVOUL5xqf//iiFclC1skLOsYSm70AUEtyMoNVz5s2fSEI0bMksZWowNK
F4xuYmsUBVYcHBXx+XeC+2QNQrSi+S2jRb3Vk8DHXoiyisY7zpW1+EKTGQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFJSJSPDdXi+wqQK5ecqcXBpE+Y+hMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkL2FiYjg4
NS1hNzk0LTRiZDUtODYxZS04OTYxYzdhM2JiYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvYWJiODg1
LWE3OTQtNGJkNS04NjFlLTg5NjFjN2EzYmJhYi8xL2xJbEk4TjFlTDdDcEFybDV5
cHhjR2tUNWo2RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBKYMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwM/8TANBgkqhkiG9w0BAQsFAAOCAQEAP+XksnPrdJhNqCyUl6y8/UloDzYP
AXSRIBPeCM1hI3+aTIeOJQ/tgSJcwo7snS2kA9JYTKXDqfXuBZaEPLZhX/GaB227
KKKrkKvDuFY/gbZBXLPDHUFUAP2ZtYI+N4GAnuf3s5nAFrJLOd+slo6iBFMEFDfW
io7gCVgfqtzyIjdUthfHU1MclmhrtFVOOsu95bjcOXAKLU22UgCq+/TcSGkKN39D
IcwwagCUZVIj5n50bUnK7YNyhlia+dTleLE0LaL361XdV7IikzboJfyMdidtCxVE
5Wgz5KQrNWS1Pm1e6xE9X4EB/roY6CE6iNC+/kWbZWRuMmauzjtQvnMInA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:20:53 2024 by rpki-client on console-fra.rpki-client.org