Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/t_OeNnC0P1fxURt43eIIWWQBdFU.cer
File:                     t_OeNnC0P1fxURt43eIIWWQBdFU.cer (raw, json)
Hash identifier:          MS1U633KKEmaJXBuwDt7EpWNlYjEogfNVhL++fI5Q7I=
Subject key identifier:   B7:F3:9E:36:70:B4:3F:57:F1:51:1B:78:DD:E2:08:59:64:01:74:55
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC801D4FD77677B1237141B4D139557C6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/t_OeNnC0P1fxURt43eIIWWQBdFU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:30:12 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 43326
                          IP: 185.124.242.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:d4:fd:77:67:7b:12:37:14:1b:4d:13:95:57:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b7f39e3670b43f57f1511b78dde2085964017455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:01:4e:9b:f3:36:71:dc:eb:6a:6f:c0:05:67:
                    9c:09:58:c5:96:02:2f:83:47:69:93:b1:a9:d1:dc:
                    fa:31:00:a3:c8:5f:fd:58:e6:f2:ad:76:97:7c:aa:
                    49:9d:96:6b:42:34:a7:25:5c:ef:bd:60:cb:d7:1d:
                    e2:cf:9d:81:f8:a6:c7:9a:fc:b6:b6:04:b4:c6:dd:
                    f1:2b:f7:24:60:69:a0:27:29:d3:a2:13:e0:bf:ba:
                    0a:6b:7b:ec:75:8f:af:eb:c7:9b:de:03:ec:c1:b1:
                    47:3f:9a:af:8f:a9:04:0b:3b:d7:a9:40:58:75:be:
                    78:13:55:a4:cd:5b:0b:b1:26:a6:c2:4e:04:bd:d7:
                    84:05:65:db:40:82:7d:c3:f9:21:17:5c:75:ca:23:
                    8b:0c:70:53:89:8b:94:0c:46:9a:de:8d:74:98:e3:
                    13:1c:31:61:bf:45:ef:50:5a:a7:8a:05:85:f0:ea:
                    a8:10:6a:ed:bc:5d:44:4d:82:2b:74:23:1e:93:cf:
                    b4:fb:7e:ee:ba:c2:f1:dd:1d:79:5d:e7:c9:0f:b1:
                    44:42:5e:3f:2e:fa:3a:db:5a:75:be:a5:80:cd:4e:
                    44:98:8c:b5:73:6f:b0:5a:cb:59:45:50:ee:b8:3a:
                    a0:da:04:2b:2c:8e:e4:95:63:8e:17:24:9b:68:47:
                    b3:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:F3:9E:36:70:B4:3F:57:F1:51:1B:78:DD:E2:08:59:64:01:74:55
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/t_OeNnC0P1fxURt43eIIWWQBdFU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.242.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43326

    Signature Algorithm: sha256WithRSAEncryption
         51:3b:67:27:3e:77:2e:3e:fb:2b:4b:33:84:77:5f:02:2f:21:
         15:88:86:88:2b:72:84:0c:36:ef:04:6c:2a:d3:d4:09:e4:a7:
         20:99:61:60:41:d2:fa:6a:76:f8:89:2a:e2:fb:4c:ac:1d:98:
         90:9b:60:0b:a4:23:32:10:44:d4:b0:a5:8f:f1:1e:f1:81:75:
         11:67:eb:fa:e6:81:72:a1:fd:d2:18:94:6d:ed:06:db:01:d4:
         85:df:28:12:81:3c:be:12:ce:83:5d:6c:9e:62:42:d8:51:13:
         1a:6d:93:94:00:54:26:4d:af:48:bd:5b:83:c3:f6:ca:06:c0:
         94:71:e1:90:25:f3:32:60:c1:f5:40:67:d8:f3:50:48:6d:94:
         21:4d:a1:ff:24:32:ab:5f:52:80:e3:11:a1:4d:44:2f:3d:f6:
         77:22:eb:10:5c:a0:fa:2c:a8:9a:95:1c:a3:17:95:a6:c4:66:
         3a:63:4e:84:d7:4e:d0:60:42:ec:42:8f:53:df:f4:3f:02:a4:
         7a:17:77:35:40:95:6d:5a:f8:db:3d:bb:9f:c0:61:0e:4e:8f:
         d4:c6:c0:91:a6:2f:87:5e:3f:3c:f6:f0:7d:f9:47:cb:3a:79:
         cd:10:e7:87:a5:6e:f0:0c:45:f1:2f:07:0e:ac:14:28:2d:c3:
         19:c0:87:d2
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzIAdT9d2d7EjcUG00TlVfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YzOWUzNjcwYjQzZjU3ZjE1MTFiNzhkZGUyMDg1OTY0MDE3NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQFOm/M2cdzram/ABWecCVjFlgIv
g0dpk7Gp0dz6MQCjyF/9WObyrXaXfKpJnZZrQjSnJVzvvWDL1x3iz52B+KbHmvy2
tgS0xt3xK/ckYGmgJynTohPgv7oKa3vsdY+v68eb3gPswbFHP5qvj6kECzvXqUBY
db54E1WkzVsLsSamwk4EvdeEBWXbQIJ9w/khF1x1yiOLDHBTiYuUDEaa3o10mOMT
HDFhv0XvUFqnigWF8OqoEGrtvF1ETYIrdCMek8+0+37uusLx3R15XefJD7FEQl4/
Lvo621p1vqWAzU5EmIy1c2+wWstZRVDuuDqg2gQrLI7klWOOFySbaEezFwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLfznjZwtD9X8VEbeN3iCFlkAXRVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmLzRhNjRj
Yi1hN2Y1LTQyYjAtYWMxNS1jZTI5ZmQzNTI2YTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvNGE2NGNi
LWE3ZjUtNDJiMC1hYzE1LWNlMjlmZDM1MjZhOC8xL3RfT2VObkMwUDFmeFVSdDQz
ZUlJV1dRQmRGVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuXzyMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCpPjANBgkqhkiG9w0BAQsFAAOCAQEAUTtnJz53Lj77K0szhHdfAi8hFYiGiCty
hAw27wRsKtPUCeSnIJlhYEHS+mp2+Ikq4vtMrB2YkJtgC6QjMhBE1LClj/Ee8YF1
EWfr+uaBcqH90hiUbe0G2wHUhd8oEoE8vhLOg11snmJC2FETGm2TlABUJk2vSL1b
g8P2ygbAlHHhkCXzMmDB9UBn2PNQSG2UIU2h/yQyq19SgOMRoU1ELz32dyLrEFyg
+iyompUcoxeVpsRmOmNOhNdO0GBC7EKPU9/0PwKkehd3NUCVbVr42z27n8BhDk6P
1MbAkaYvh14/PPbwfflHyzp5zRDnh6Vu8AxF8S8HDqwUKC3DGcCH0g==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:43:22 2024 by rpki-client on console-ams.rpki-client.org