Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/r06GL461X0-CVOLIWLcvQzl_4_o.cer
File:                     r06GL461X0-CVOLIWLcvQzl_4_o.cer (raw, json)
Hash identifier:          0OQG3M/CeAgN9DohqjXVjgixMq1p6I1JGiImWTZ/XaU=
Subject key identifier:   AF:4E:86:2F:8E:B5:5F:4F:82:54:E2:C8:58:B7:2F:43:39:7F:E3:FA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B6AFE095B4857ACF42B0A62780BA1B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/67/9e37ce-2c77-450b-94c7-50d2f7a10962/1/r06GL461X0-CVOLIWLcvQzl_4_o.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/67/9e37ce-2c77-450b-94c7-50d2f7a10962/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50287
                          IP: 109.232.176.0/21
                          IP: 2a03:2c20::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:af:e0:95:b4:85:7a:cf:42:b0:a6:27:80:ba:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=af4e862f8eb55f4f8254e2c858b72f43397fe3fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:0c:68:2b:7a:72:28:e4:49:37:be:9b:6c:dd:
                    ba:a6:41:19:cd:16:3d:c3:32:fe:60:03:c7:bc:cf:
                    bd:01:b0:c1:3b:15:95:f5:0e:1d:1d:83:16:b7:45:
                    55:31:2d:cc:69:7d:6e:59:d0:9e:e4:37:a3:95:20:
                    aa:5c:28:f5:17:5d:a9:79:48:6f:25:f6:4e:1d:e2:
                    ff:b4:78:77:8f:fc:27:ee:5b:0e:1c:3b:6c:5c:af:
                    e5:49:c2:b6:0f:d3:c8:70:ad:57:7a:81:9f:ab:69:
                    08:b9:d3:7f:d9:3a:85:db:0f:e8:3d:b0:7f:c4:65:
                    59:cd:13:69:5a:1c:89:de:04:09:d8:0e:4e:35:1d:
                    f2:93:51:5e:8d:5b:8f:4d:16:2e:ee:57:9e:38:fd:
                    c0:3c:a8:20:76:35:e0:3c:25:0a:6e:ae:5c:00:4f:
                    4f:ce:1a:1d:c1:19:08:26:f4:83:c0:26:ac:6e:f3:
                    53:ca:c7:9d:b2:90:49:e7:45:4b:b7:61:82:c5:61:
                    2e:63:19:7c:58:81:6a:32:b1:66:12:61:c2:7f:d7:
                    1c:62:60:34:6a:d5:a7:32:23:cf:e6:dd:16:e1:6b:
                    0d:31:26:09:a1:dd:27:1e:36:d0:8f:57:67:89:d4:
                    49:39:ad:50:20:09:83:2e:9e:f2:58:17:da:09:7b:
                    50:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:4E:86:2F:8E:B5:5F:4F:82:54:E2:C8:58:B7:2F:43:39:7F:E3:FA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9e37ce-2c77-450b-94c7-50d2f7a10962/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9e37ce-2c77-450b-94c7-50d2f7a10962/1/r06GL461X0-CVOLIWLcvQzl_4_o.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.232.176.0/21
                IPv6:
                  2a03:2c20::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50287

    Signature Algorithm: sha256WithRSAEncryption
         3a:60:5b:c2:4a:8c:3b:60:97:5a:e9:66:83:23:7f:bb:8c:c8:
         81:e9:5e:1d:33:f0:4c:91:f0:e2:69:f9:72:e8:13:8e:44:54:
         e1:e3:96:3b:ac:3f:70:31:9b:4b:5c:86:6e:5e:fb:0a:9b:ce:
         3a:38:9b:49:55:1b:ea:66:da:c2:ca:78:ea:9d:d2:1f:8d:ae:
         ea:5e:d0:bb:32:7d:ba:3f:52:a2:86:1e:cc:73:52:6e:c8:86:
         40:d2:ff:26:1e:3c:62:93:cc:c8:a1:8d:45:5f:cc:76:80:3b:
         0a:ee:29:d2:26:ad:7a:e9:1e:cc:f6:4b:19:be:f6:46:7d:23:
         5a:e9:47:20:bc:ca:de:38:d0:8a:8c:23:bc:17:8a:0a:0a:5d:
         74:52:02:fe:7c:2b:1d:f7:9d:26:4f:35:d8:1b:3c:b9:9e:dd:
         dc:57:b2:b6:d2:5b:4d:a6:c6:e4:0d:aa:07:f7:80:67:1c:f3:
         1b:28:92:a0:d3:b8:ee:b1:bd:83:26:2c:b5:3e:ff:cd:4d:a3:
         95:d3:e5:e5:36:98:03:f8:88:34:2d:15:86:8f:cf:6e:fc:e3:
         66:25:5c:43:5d:84:29:59:8f:09:58:e1:37:46:32:b3:60:c9:
         73:65:d5:49:af:3c:d1:db:73:36:92:da:de:2b:9d:93:7c:20:
         58:9a:90:1a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzDtq/glbSFes9CsKYngLobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRlODYyZjhlYjU1ZjRmODI1NGUyYzg1OGI3MmY0MzM5N2ZlM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QxoK3pyKORJN76bbN26pkEZzRY9
wzL+YAPHvM+9AbDBOxWV9Q4dHYMWt0VVMS3MaX1uWdCe5DejlSCqXCj1F12peUhv
JfZOHeL/tHh3j/wn7lsOHDtsXK/lScK2D9PIcK1XeoGfq2kIudN/2TqF2w/oPbB/
xGVZzRNpWhyJ3gQJ2A5ONR3yk1FejVuPTRYu7leeOP3APKggdjXgPCUKbq5cAE9P
zhodwRkIJvSDwCasbvNTysedspBJ50VLt2GCxWEuYxl8WIFqMrFmEmHCf9ccYmA0
atWnMiPP5t0W4WsNMSYJod0nHjbQj1dnidRJOa1QIAmDLp7yWBfaCXtQ8QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFK9Ohi+OtV9PglTiyFi3L0M5f+P6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY3LzllMzdj
ZS0yYzc3LTQ1MGItOTRjNy01MGQyZjdhMTA5NjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcvOWUzN2Nl
LTJjNzctNDUwYi05NGM3LTUwZDJmN2ExMDk2Mi8xL3IwNkdMNDYxWDAtQ1ZPTElX
TGN2UXpsXzRfby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDbeiwMA0EAgACMAcDBQAqAywgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDEbzANBgkqhkiG9w0BAQsFAAOCAQEAOmBbwkqMO2CX
WulmgyN/u4zIgeleHTPwTJHw4mn5cugTjkRU4eOWO6w/cDGbS1yGbl77CpvOOjib
SVUb6mbawsp46p3SH42u6l7QuzJ9uj9SooYezHNSbsiGQNL/Jh48YpPMyKGNRV/M
doA7Cu4p0iateukezPZLGb72Rn0jWulHILzK3jjQiowjvBeKCgpddFIC/nwrHfed
Jk812Bs8uZ7d3FeyttJbTabG5A2qB/eAZxzzGyiSoNO47rG9gyYstT7/zU2jldPl
5TaYA/iINC0Vho/PbvzjZiVcQ12EKVmPCVjhN0Yys2DJc2XVSa880dtzNpLa3iud
k3wgWJqQGg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:04:18 2024 by rpki-client on console-ams.rpki-client.org