Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pbIQYaPq10EOBFDbvyFw_gyTi7E.cer
File:                     pbIQYaPq10EOBFDbvyFw_gyTi7E.cer (raw, json)
Hash identifier:          NxARwBnLnQu5mYB6IuZIfk6hHlOm/6WTi/K/Pv2wtdo=
Subject key identifier:   A5:B2:10:61:A3:EA:D7:41:0E:04:50:DB:BF:21:70:FE:0C:93:8B:B1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86FA374317A11CFC249C6B7D4205439
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/pbIQYaPq10EOBFDbvyFw_gyTi7E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:30:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 34946
                          IP: 80.244.192.0/20
                          IP: 92.42.72.0/21
                          IP: 185.16.92.0/22
                          IP: 2a00:f600::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:a3:74:31:7a:11:cf:c2:49:c6:b7:d4:20:54:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:30:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a5b21061a3ead7410e0450dbbf2170fe0c938bb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ad:ab:cc:09:0c:a6:e3:1d:9a:f6:47:8a:d3:
                    63:2c:86:2c:6c:6e:da:5a:6d:84:26:a4:d0:ec:3c:
                    83:8f:19:67:28:fe:88:02:33:dc:d1:ec:40:ea:5d:
                    2d:2b:db:df:bc:ef:25:d5:25:57:d0:40:a9:3b:cb:
                    6f:ba:00:84:4a:53:a6:4c:c3:b1:f5:40:cc:f9:b9:
                    e7:d1:ec:08:8c:de:d4:de:f9:47:b7:47:da:55:fb:
                    63:44:54:21:55:7f:0e:9c:b8:1f:9c:74:f6:c1:64:
                    f7:1e:54:4d:9d:a4:bd:cb:de:95:a0:1b:9f:4a:ce:
                    5e:85:8b:00:24:50:f0:d9:12:bb:b8:76:a9:36:65:
                    e6:a5:08:30:59:7c:68:f1:f5:72:57:1c:df:78:8a:
                    95:90:1c:48:ed:65:2e:0f:95:9e:dc:fc:77:96:82:
                    2b:ec:e1:74:b0:fe:2f:3e:0e:b2:ed:e8:af:29:06:
                    c7:34:17:9b:ff:8a:67:12:56:c3:4e:0f:58:d3:04:
                    71:de:9d:ed:4d:58:dd:bf:0c:16:22:1e:8a:9c:c4:
                    0c:f1:6f:3e:21:8a:1b:ca:7c:d5:80:92:c9:30:1e:
                    de:ef:3f:dd:51:82:78:40:d8:15:fe:d3:08:14:38:
                    d3:cb:8f:cf:a6:2b:a3:da:18:26:b7:22:95:08:b5:
                    34:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B2:10:61:A3:EA:D7:41:0E:04:50:DB:BF:21:70:FE:0C:93:8B:B1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/pbIQYaPq10EOBFDbvyFw_gyTi7E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.244.192.0/20
                  92.42.72.0/21
                  185.16.92.0/22
                IPv6:
                  2a00:f600::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  34946

    Signature Algorithm: sha256WithRSAEncryption
         23:fa:91:89:93:2d:d4:49:ae:75:c1:29:13:20:2c:d8:f0:f5:
         d1:dd:e8:94:22:f2:f2:f9:39:47:f3:d3:ee:2b:ba:20:a0:d8:
         73:a5:89:b3:39:47:a4:86:7a:01:dd:8c:60:aa:1d:c8:97:bd:
         31:e2:eb:7d:88:f6:00:62:b5:71:79:6b:be:56:1b:af:9c:0c:
         82:26:24:a3:8c:64:f5:75:0d:5a:d5:a9:43:b9:95:f2:42:97:
         90:75:fb:35:e8:91:89:40:d8:c9:50:4e:0f:b6:4b:97:d7:23:
         78:e8:c3:8d:39:38:2a:27:ed:7f:1e:ea:72:c5:50:18:9a:6b:
         f5:1e:1b:8b:f3:78:95:19:ad:ae:fa:d4:2f:18:9c:3b:3b:f9:
         7f:0e:52:a6:ee:7b:50:20:b9:1e:0c:42:06:58:9f:c3:db:95:
         fe:0a:48:1d:ba:87:4f:ff:43:12:bc:f2:29:4c:0c:fb:22:ba:
         9b:9c:f4:b3:57:30:9f:4b:9a:70:3d:55:16:58:1d:7f:df:11:
         55:31:0b:17:29:e8:4f:d9:45:44:96:eb:c7:ab:8d:c4:52:bf:
         d0:73:f1:d8:c0:ff:69:f0:95:96:92:2b:b4:1e:ff:dd:bf:54:
         aa:46:20:b2:89:d6:a6:0f:20:5a:43:cf:12:fd:43:e8:af:7f:
         c8:01:00:fb
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzIb6N0MXoRz8JJxrfUIFQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIyMTA2MWEzZWFkNzQxMGUwNDUwZGJiZjIxNzBmZTBjOTM4YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq2rzAkMpuMdmvZHitNjLIYsbG7a
Wm2EJqTQ7DyDjxlnKP6IAjPc0exA6l0tK9vfvO8l1SVX0ECpO8tvugCESlOmTMOx
9UDM+bnn0ewIjN7U3vlHt0faVftjRFQhVX8OnLgfnHT2wWT3HlRNnaS9y96VoBuf
Ss5ehYsAJFDw2RK7uHapNmXmpQgwWXxo8fVyVxzfeIqVkBxI7WUuD5We3Px3loIr
7OF0sP4vPg6y7eivKQbHNBeb/4pnElbDTg9Y0wRx3p3tTVjdvwwWIh6KnMQM8W8+
IYobynzVgJLJMB7e7z/dUYJ4QNgV/tMIFDjTy4/Ppiuj2hgmtyKVCLU0gwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFKWyEGGj6tdBDgRQ278hcP4Mk4uxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4L2ZmYWM0
ZC1hMjcyLTRlNmMtOTQzMS1hMDg4M2MwYjA5NWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgvZmZhYzRk
LWEyNzItNGU2Yy05NDMxLWEwODgzYzBiMDk1Yi8xL3BiSVFZYVBxMTBFT0JGRGJ2
eUZ3X2d5VGk3RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQEUPTAAwQDXCpIAwQCuRBcMA0EAgACMAcDBQAq
APYAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCIgjANBgkqhkiG9w0BAQsFAAOC
AQEAI/qRiZMt1EmudcEpEyAs2PD10d3olCLy8vk5R/PT7iu6IKDYc6WJszlHpIZ6
Ad2MYKodyJe9MeLrfYj2AGK1cXlrvlYbr5wMgiYko4xk9XUNWtWpQ7mV8kKXkHX7
NeiRiUDYyVBOD7ZLl9cjeOjDjTk4Kiftfx7qcsVQGJpr9R4bi/N4lRmtrvrULxic
Ozv5fw5Spu57UCC5HgxCBlifw9uV/gpIHbqHT/9DErzyKUwM+yK6m5z0s1cwn0ua
cD1VFlgdf98RVTELFynoT9lFRJbrx6uNxFK/0HPx2MD/afCVlpIrtB7/3b9UqkYg
sonWpg8gWkPPEv1D6K9/yAEA+w==
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:06:53 2024 by rpki-client on console-fra.rpki-client.org