Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mCpUHVrI_3uwQIx0NKwQEu_3PLU.cer
File:                     mCpUHVrI_3uwQIx0NKwQEu_3PLU.cer (raw, json)
Hash identifier:          di2XUNADpYnRMla4/jq9HgsydoqF/RcQcwG8+bhGo0k=
Subject key identifier:   98:2A:54:1D:5A:C8:FF:7B:B0:40:8C:74:34:AC:10:12:EF:F7:3C:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DEB424D04C68540C3F24433A305F94
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/08/b9cf3b-9572-4992-b247-01208d86ddcc/1/mCpUHVrI_3uwQIx0NKwQEu_3PLU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/08/b9cf3b-9572-4992-b247-01208d86ddcc/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 134.28.0.0/16

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:b4:24:d0:4c:68:54:0c:3f:24:43:3a:30:5f:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=982a541d5ac8ff7bb0408c7434ac1012eff73cb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:71:a5:80:64:5f:e1:60:ea:47:38:f9:72:fa:
                    48:52:44:c7:82:74:aa:08:4c:b6:c0:12:7e:61:b7:
                    c0:95:39:e3:0d:0e:7b:29:e2:60:eb:b7:7f:4b:3b:
                    fb:6b:99:9b:96:b6:01:2f:03:8d:c3:cc:96:d3:ae:
                    db:ab:a7:b2:a3:13:78:8e:b4:02:32:80:e2:e1:20:
                    fc:26:75:32:2f:e8:d9:07:ff:79:a9:52:63:4a:3e:
                    5b:35:98:63:29:96:71:7f:f8:f7:61:1b:c7:01:88:
                    42:62:4e:7e:b1:3d:58:36:f2:47:84:8e:35:f0:54:
                    fe:e9:56:3b:bc:fb:1c:df:14:8d:b5:cc:46:1e:b5:
                    d2:9b:96:5d:81:7b:04:69:09:49:10:8b:c9:c4:0e:
                    75:39:2c:6e:78:34:26:75:e0:d7:78:4c:cc:6c:51:
                    a9:a4:04:36:e4:a0:b2:04:a7:dc:9a:9a:01:58:6e:
                    af:6d:10:84:c1:e9:1d:91:fe:43:6b:9d:7c:12:ee:
                    94:2b:e5:75:c0:90:2b:92:b1:d8:a8:cd:de:fa:d2:
                    94:f9:7a:43:dd:10:32:db:9d:09:a5:b8:13:63:39:
                    55:3f:04:c2:6a:71:4e:de:21:1a:15:94:87:61:79:
                    f7:3e:32:03:04:44:a7:e8:b5:35:05:aa:ca:a7:12:
                    da:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:2A:54:1D:5A:C8:FF:7B:B0:40:8C:74:34:AC:10:12:EF:F7:3C:B5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b9cf3b-9572-4992-b247-01208d86ddcc/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b9cf3b-9572-4992-b247-01208d86ddcc/1/mCpUHVrI_3uwQIx0NKwQEu_3PLU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.28.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0a:fd:f5:1e:b9:02:5b:ed:60:1b:39:c2:39:ec:d1:a6:fc:b2:
         ca:34:74:e2:cb:2c:b4:16:52:e3:5b:46:88:59:b5:cc:f2:ee:
         ca:dd:80:3a:c5:f3:2a:8a:fb:93:a9:11:bd:ea:a3:d9:71:de:
         9b:3b:aa:1e:e9:c7:d2:05:49:60:23:7e:80:df:82:d5:2b:42:
         18:4c:85:de:1c:6d:25:59:95:03:78:a9:59:e8:41:44:ae:c0:
         84:6c:b8:fd:c3:c5:49:a6:e6:ce:f8:09:24:2b:1d:57:e2:a5:
         a2:e7:ae:c2:f3:37:88:5c:63:e9:e8:c4:5a:a9:77:86:b7:fd:
         54:e2:8f:7b:49:25:48:55:dd:13:61:74:ee:78:90:68:fe:d2:
         89:27:09:8d:35:6a:ec:57:a9:e1:b6:6b:4a:39:4a:cd:c1:41:
         75:c9:d4:06:6e:2a:e8:da:11:6b:da:74:48:b6:aa:68:13:d6:
         4b:34:bd:6e:aa:42:9d:d9:bd:cb:84:27:df:e1:38:99:6f:b6:
         b0:a2:6c:a5:81:ff:6e:55:e3:0e:9b:7c:f7:8e:e5:ea:42:0d:
         e4:ec:3f:d5:97:6c:97:b7:d0:a5:05:81:41:4a:2c:2f:3b:e9:
         50:47:0a:12:83:2f:06:c4:33:20:ff:ec:83:e3:1e:4d:5f:06:
         81:95:6f:c2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzI3rQk0ExoVAw/JEM6MF+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJhNTQxZDVhYzhmZjdiYjA0MDhjNzQzNGFjMTAxMmVmZjczY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHGlgGRf4WDqRzj5cvpIUkTHgnSq
CEy2wBJ+YbfAlTnjDQ57KeJg67d/Szv7a5mblrYBLwONw8yW067bq6eyoxN4jrQC
MoDi4SD8JnUyL+jZB/95qVJjSj5bNZhjKZZxf/j3YRvHAYhCYk5+sT1YNvJHhI41
8FT+6VY7vPsc3xSNtcxGHrXSm5ZdgXsEaQlJEIvJxA51OSxueDQmdeDXeEzMbFGp
pAQ25KCyBKfcmpoBWG6vbRCEwekdkf5Da518Eu6UK+V1wJArkrHYqM3e+tKU+XpD
3RAy250JpbgTYzlVPwTCanFO3iEaFZSHYXn3PjIDBESn6LU1BarKpxLaxwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFJgqVB1ayP97sECMdDSsEBLv9zy1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA4L2I5Y2Yz
Yi05NTcyLTQ5OTItYjI0Ny0wMTIwOGQ4NmRkY2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgvYjljZjNi
LTk1NzItNDk5Mi1iMjQ3LTAxMjA4ZDg2ZGRjYy8xL21DcFVIVnJJXzN1d1FJeDBO
S3dRRXVfM1BMVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUF
BwEHAQH/BA8wDTALBAIAATAFAwMAhhwwDQYJKoZIhvcNAQELBQADggEBAAr99R65
AlvtYBs5wjns0ab8sso0dOLLLLQWUuNbRohZtczy7srdgDrF8yqK+5OpEb3qo9lx
3ps7qh7px9IFSWAjfoDfgtUrQhhMhd4cbSVZlQN4qVnoQUSuwIRsuP3DxUmm5s74
CSQrHVfipaLnrsLzN4hcY+noxFqpd4a3/VTij3tJJUhV3RNhdO54kGj+0oknCY01
auxXqeG2a0o5Ss3BQXXJ1AZuKujaEWvadEi2qmgT1ks0vW6qQp3ZvcuEJ9/hOJlv
trCibKWB/25V4w6bfPeO5epCDeTsP9WXbJe30KUFgUFKLC876VBHChKDLwbEMyD/
7IPjHk1fBoGVb8I=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:29:52 2024 by rpki-client on console-ams.rpki-client.org