Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/q-CopGLQ3h9NMBLD455c2mA-j5E.cer
File:                     q-CopGLQ3h9NMBLD455c2mA-j5E.cer (raw, json)
Hash identifier:          AyHShG5I93C//uT1V9hCqU8Blj1PIibwrC+GnZyLW60=
Subject key identifier:   AB:E0:A8:A4:62:D0:DE:1F:4D:30:12:C3:E3:9E:5C:DA:60:3E:8F:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC649AF461F40B78F2D8533A0FE750EF2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/12/dec31c-dcd4-4da7-9dda-c4a07d61689d/1/q-CopGLQ3h9NMBLD455c2mA-j5E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/12/dec31c-dcd4-4da7-9dda-c4a07d61689d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:29:26 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 58125
                          IP: 91.239.14.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:af:46:1f:40:b7:8f:2d:85:33:a0:fe:75:0e:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=abe0a8a462d0de1f4d3012c3e39e5cda603e8f91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:d4:8e:46:8d:37:42:d4:32:a1:a6:a2:68:0f:
                    57:c6:63:03:48:67:e2:8c:0a:f8:ff:6e:a6:3e:22:
                    5a:5e:7f:c9:32:a5:95:f8:09:58:44:f0:8b:ea:a8:
                    65:0d:db:d5:f2:01:ea:27:3d:62:80:f7:26:8e:d8:
                    a3:0b:f8:eb:10:17:a6:55:d1:78:17:17:05:9f:1c:
                    47:46:4f:92:3a:80:86:ad:31:cd:f7:2e:fb:fe:b1:
                    1e:37:b1:82:da:93:cb:fb:33:f4:2a:23:a4:c1:b0:
                    1b:77:a6:9a:e0:9b:be:60:79:7a:1f:b8:6a:f9:e7:
                    d7:c9:02:29:e5:f1:22:b7:2f:f4:2f:b6:3e:85:a6:
                    af:73:97:4e:2b:a4:40:96:6e:1c:ec:b6:5f:d2:eb:
                    df:98:b7:c2:88:2e:e2:b2:d5:c1:e9:51:06:fd:ae:
                    cd:05:c6:c2:d1:89:fa:80:5c:f8:1d:71:a4:f7:cd:
                    f4:d9:03:b3:09:f4:44:e8:99:14:2c:2f:dc:b5:df:
                    54:27:93:8a:e9:e0:b3:80:fa:1e:31:47:c3:00:b4:
                    62:df:10:a6:38:ed:ed:40:62:dd:d4:81:89:82:c1:
                    3f:10:58:cb:f8:15:e1:ba:1b:ab:0c:60:c9:ef:bd:
                    30:b5:e1:b3:7c:f1:22:64:db:70:2d:88:e4:8c:dc:
                    f2:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:E0:A8:A4:62:D0:DE:1F:4D:30:12:C3:E3:9E:5C:DA:60:3E:8F:91
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec31c-dcd4-4da7-9dda-c4a07d61689d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec31c-dcd4-4da7-9dda-c4a07d61689d/1/q-CopGLQ3h9NMBLD455c2mA-j5E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.14.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58125

    Signature Algorithm: sha256WithRSAEncryption
         64:47:cf:66:7d:bd:6e:35:93:79:87:de:a0:76:bb:fd:e0:85:
         e1:2e:08:e6:bf:b0:ea:15:4a:44:87:3d:bc:41:c7:b3:5b:6b:
         c5:cc:7b:2d:58:f3:50:d9:d2:6c:de:e9:8a:7a:6e:ba:2d:be:
         84:35:8b:01:a4:d0:5d:46:9c:04:cb:13:7b:ea:c1:8f:44:5c:
         3a:d6:0a:6f:55:c6:26:cf:af:5e:40:7f:79:88:a4:c4:ad:68:
         82:6b:eb:78:d9:b4:c3:28:b5:9f:8c:26:a7:c3:3a:b4:0b:62:
         34:6e:ec:f4:f7:4b:ca:60:83:68:77:b5:ee:b7:9b:0c:e0:fa:
         b3:83:0e:65:92:83:68:06:c7:9d:ca:91:c2:22:ca:fa:8f:96:
         96:dd:11:75:05:18:cc:41:48:2b:be:72:ae:21:83:21:47:90:
         40:99:27:02:d5:43:79:ef:47:54:c1:37:bc:47:06:a4:4a:66:
         62:2a:2c:14:bb:6a:68:4c:d3:c7:4e:5c:2d:e0:a4:52:a6:bc:
         9e:56:95:53:be:96:93:d3:4d:65:cb:28:50:94:1e:f7:30:68:
         8b:80:a6:64:f5:bd:13:bd:4c:0e:f6:74:51:4a:2d:4c:68:9f:
         a7:43:ae:7f:0e:13:82:f2:a0:8c:4d:cf:81:28:06:6a:ea:49:
         ca:e3:df:08
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzGSa9GH0C3jy2FM6D+dQ7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmUwYThhNDYyZDBkZTFmNGQzMDEyYzNlMzllNWNkYTYwM2U4ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdSORo03QtQyoaaiaA9XxmMDSGfi
jAr4/26mPiJaXn/JMqWV+AlYRPCL6qhlDdvV8gHqJz1igPcmjtijC/jrEBemVdF4
FxcFnxxHRk+SOoCGrTHN9y77/rEeN7GC2pPL+zP0KiOkwbAbd6aa4Ju+YHl6H7hq
+efXyQIp5fEity/0L7Y+haavc5dOK6RAlm4c7LZf0uvfmLfCiC7istXB6VEG/a7N
BcbC0Yn6gFz4HXGk98302QOzCfRE6JkULC/ctd9UJ5OK6eCzgPoeMUfDALRi3xCm
OO3tQGLd1IGJgsE/EFjL+BXhuhurDGDJ770wteGzfPEiZNtwLYjkjNzyeQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFKvgqKRi0N4fTTASw+OeXNpgPo+RMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2RlYzMx
Yy1kY2Q0LTRkYTctOWRkYS1jNGEwN2Q2MTY4OWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvZGVjMzFj
LWRjZDQtNGRhNy05ZGRhLWM0YTA3ZDYxNjg5ZC8xL3EtQ29wR0xRM2g5Tk1CTEQ0
NTVjMm1BLWo1RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW+8OMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDjDTANBgkqhkiG9w0BAQsFAAOCAQEAZEfPZn29bjWTeYfeoHa7/eCF4S4I5r+w
6hVKRIc9vEHHs1trxcx7LVjzUNnSbN7pinpuui2+hDWLAaTQXUacBMsTe+rBj0Rc
OtYKb1XGJs+vXkB/eYikxK1ogmvreNm0wyi1n4wmp8M6tAtiNG7s9PdLymCDaHe1
7rebDOD6s4MOZZKDaAbHncqRwiLK+o+Wlt0RdQUYzEFIK75yriGDIUeQQJknAtVD
ee9HVME3vEcGpEpmYiosFLtqaEzTx05cLeCkUqa8nlaVU76Wk9NNZcsoUJQe9zBo
i4CmZPW9E71MDvZ0UUotTGifp0Oufw4TgvKgjE3PgSgGaupJyuPfCA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:22:07 2024 by rpki-client on console-fra.rpki-client.org