Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qR_iZyyPHBKyetoPzLqnwhLL1xw.cer
File:                     qR_iZyyPHBKyetoPzLqnwhLL1xw.cer (raw, json)
Hash identifier:          fazsqyyku0vSIayBAslITEhVcvpAVBrnBp+gFCXSsRQ=
Subject key identifier:   A9:1F:E2:67:2C:8F:1C:12:B2:7A:DA:0F:CC:BA:A7:C2:12:CB:D7:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B681D5EC6115420D72219EF17A1662
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/qR_iZyyPHBKyetoPzLqnwhLL1xw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50133
                          IP: 109.71.128.0/21
                          IP: 185.182.40.0/22
                          IP: 2a0a:e380::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:81:d5:ec:61:15:42:0d:72:21:9e:f1:7a:16:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a91fe2672c8f1c12b27ada0fccbaa7c212cbd71c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e3:8c:46:ca:07:95:b5:dd:22:d9:a6:f1:c7:
                    ec:51:8f:fa:4e:8e:47:25:72:78:d7:40:cd:dc:aa:
                    31:92:cd:20:7f:c0:3b:0a:f6:4c:b5:f0:fc:c4:c3:
                    9a:ff:ee:7c:25:9e:f5:3e:26:af:c2:21:01:b6:3a:
                    60:aa:ff:56:fa:28:f2:38:28:4c:06:bc:95:57:5c:
                    d2:3f:ab:a1:08:57:cf:52:be:a0:63:56:32:d6:7a:
                    09:e6:41:d5:98:df:70:d3:ae:fc:0b:22:57:d8:4c:
                    90:86:57:64:70:19:aa:1c:8a:f6:93:6c:3e:a4:b4:
                    31:b0:f1:bb:86:82:4a:a6:fc:d2:02:58:5c:b8:df:
                    51:0c:6b:bb:07:32:5f:95:43:dc:e7:8e:f7:27:bc:
                    2c:fa:ea:d2:3b:03:6a:d4:ce:56:68:fc:a0:72:80:
                    41:7f:64:b8:43:7b:43:62:b1:33:b5:7b:09:27:7f:
                    b4:bf:57:ea:2b:dc:55:00:a2:87:9e:b0:82:bf:91:
                    4d:3a:f9:be:d1:0b:37:15:70:d5:cb:aa:18:ba:02:
                    d7:3e:7f:a4:39:4d:1f:d0:95:1b:b1:95:90:3d:d3:
                    15:56:ff:56:28:01:c3:19:8d:39:ff:aa:9a:49:b0:
                    57:f8:64:6b:3a:d4:24:74:02:35:da:62:b7:b1:a4:
                    4a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:1F:E2:67:2C:8F:1C:12:B2:7A:DA:0F:CC:BA:A7:C2:12:CB:D7:1C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/qR_iZyyPHBKyetoPzLqnwhLL1xw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.71.128.0/21
                  185.182.40.0/22
                IPv6:
                  2a0a:e380::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50133

    Signature Algorithm: sha256WithRSAEncryption
         13:7e:59:fd:7a:56:b1:ab:3e:5d:de:8d:92:e4:43:b1:d7:92:
         dd:a5:1a:82:54:0d:47:66:7b:3d:60:ab:7b:5a:d6:da:c1:ca:
         d3:c0:87:0d:bb:06:58:a2:a3:dc:fd:f1:98:57:b8:56:1d:b9:
         cf:dd:58:fa:f1:ce:e4:98:2b:2c:06:9b:0d:4e:2f:f2:68:b2:
         11:d1:df:74:b1:ec:ff:35:78:81:8e:d8:a1:83:21:49:64:f8:
         1a:ae:dd:f9:b8:df:ef:65:ad:e4:05:9c:2a:3e:c3:b4:c5:08:
         70:b1:eb:19:9b:1d:b2:f1:89:a5:95:0c:0e:90:6a:99:a2:de:
         1a:44:3c:5e:c5:84:91:42:b1:82:f2:65:51:23:22:62:43:df:
         d0:fa:91:c0:1d:c0:8a:3c:e0:55:4e:f9:c9:e3:49:b0:c4:90:
         6e:b2:15:91:84:58:ce:8f:fc:d0:6c:21:ac:c9:c6:92:ee:a3:
         d8:ee:9b:9a:11:bd:82:96:7d:2e:39:db:a0:c0:de:18:69:45:
         3e:a1:0b:50:a6:b4:d1:c5:52:e0:ea:32:ba:b3:86:3b:8c:6c:
         28:63:ce:18:98:c1:61:7b:ae:7a:a3:10:97:f6:ea:49:50:89:
         9e:0f:93:9e:39:46:2c:bb:b2:bc:23:09:b7:59:76:e5:d5:7e:
         21:b5:4f:58
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzDtoHV7GEVQg1yIZ7xehZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTFmZTI2NzJjOGYxYzEyYjI3YWRhMGZjY2JhYTdjMjEyY2JkNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouOMRsoHlbXdItmm8cfsUY/6To5H
JXJ410DN3Koxks0gf8A7CvZMtfD8xMOa/+58JZ71PiavwiEBtjpgqv9W+ijyOChM
BryVV1zSP6uhCFfPUr6gY1Yy1noJ5kHVmN9w0678CyJX2EyQhldkcBmqHIr2k2w+
pLQxsPG7hoJKpvzSAlhcuN9RDGu7BzJflUPc5473J7ws+urSOwNq1M5WaPygcoBB
f2S4Q3tDYrEztXsJJ3+0v1fqK9xVAKKHnrCCv5FNOvm+0Qs3FXDVy6oYugLXPn+k
OU0f0JUbsZWQPdMVVv9WKAHDGY05/6qaSbBX+GRrOtQkdAI12mK3saRKEwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFKkf4mcsjxwSsnraD8y6p8ISy9ccMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFhLzZjMDZj
OS0zZjQ2LTQ2NTgtYWU4OS05YmYyMjY0MDJmZDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEvNmMwNmM5
LTNmNDYtNDY1OC1hZTg5LTliZjIyNjQwMmZkNC8xL3FSX2laeXlQSEJLeWV0b1B6
THFud2hMTDF4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDbUeAAwQCubYoMA0EAgACMAcDBQMqCuOAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDD1TANBgkqhkiG9w0BAQsFAAOCAQEAE35Z
/XpWsas+Xd6NkuRDsdeS3aUaglQNR2Z7PWCre1rW2sHK08CHDbsGWKKj3P3xmFe4
Vh25z91Y+vHO5JgrLAabDU4v8miyEdHfdLHs/zV4gY7YoYMhSWT4Gq7d+bjf72Wt
5AWcKj7DtMUIcLHrGZsdsvGJpZUMDpBqmaLeGkQ8XsWEkUKxgvJlUSMiYkPf0PqR
wB3AijzgVU75yeNJsMSQbrIVkYRYzo/80GwhrMnGku6j2O6bmhG9gpZ9LjnboMDe
GGlFPqELUKa00cVS4OoyurOGO4xsKGPOGJjBYXuueqMQl/bqSVCJng+TnjlGLLuy
vCMJt1l25dV+IbVPWA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:30:53 2024 by rpki-client on console-ams.rpki-client.org