Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v8pT8KWH822Jqcq4K_WlA2xhQKI.cer
File:                     v8pT8KWH822Jqcq4K_WlA2xhQKI.cer (raw, json)
Hash identifier:          YehmZbbuBv+1dY2qyFbqsWkkDiltPoqlwGNYhTlQHL0=
Subject key identifier:   BF:CA:53:F0:A5:87:F3:6D:89:A9:CA:B8:2B:F5:A5:03:6C:61:40:A2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B6E4FB9F4D17509F5A0BA28D492B99
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e2/fc12ec-3eac-4455-91c9-f99c4e5c2953/1/v8pT8KWH822Jqcq4K_WlA2xhQKI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e2/fc12ec-3eac-4455-91c9-f99c4e5c2953/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:52 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 197751
                          IP: 195.149.117.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:e4:fb:9f:4d:17:50:9f:5a:0b:a2:8d:49:2b:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bfca53f0a587f36d89a9cab82bf5a5036c6140a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:19:2d:14:6b:a3:3c:f4:1a:51:23:af:92:cc:
                    25:80:97:4f:d4:1f:18:f9:7e:3a:e7:e9:de:cc:d6:
                    a0:9a:f7:95:7c:49:8d:23:96:af:42:a2:6e:18:3f:
                    e6:fe:81:77:4b:fe:59:a9:e8:3f:77:d9:3d:11:bc:
                    31:01:a2:70:24:71:52:09:8b:31:81:6e:2f:f0:b5:
                    14:63:a1:fc:8b:83:d1:1c:a9:ce:ba:8d:32:23:76:
                    87:01:cc:68:2e:1d:75:7a:dd:c5:69:87:cf:85:8d:
                    22:a9:8e:2a:aa:11:c8:8a:39:32:57:e0:98:ee:27:
                    cf:5c:3a:e6:ca:34:57:43:c1:c1:1a:b7:ae:6f:bf:
                    e7:d3:61:4a:79:bc:23:8d:13:7e:fe:08:10:41:70:
                    02:4e:61:2a:f9:1a:4d:8d:f5:60:9c:e1:e9:4e:80:
                    2b:c9:44:41:fc:95:90:9f:f0:33:f7:95:f5:16:9d:
                    3b:c3:1d:c6:d7:ce:7f:b6:45:dc:bc:59:99:e8:18:
                    de:82:b9:80:d4:b4:61:6b:fa:85:f0:95:4b:ad:4f:
                    df:81:f2:06:b5:68:09:1f:25:2a:97:08:ea:aa:e7:
                    d8:83:ba:16:b0:74:e1:77:8c:fd:85:8e:77:35:a3:
                    74:88:1c:7f:6e:f4:5f:8d:55:28:25:13:02:ef:1a:
                    00:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:CA:53:F0:A5:87:F3:6D:89:A9:CA:B8:2B:F5:A5:03:6C:61:40:A2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/fc12ec-3eac-4455-91c9-f99c4e5c2953/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/fc12ec-3eac-4455-91c9-f99c4e5c2953/1/v8pT8KWH822Jqcq4K_WlA2xhQKI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.149.117.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  197751

    Signature Algorithm: sha256WithRSAEncryption
         69:72:35:88:dd:99:b7:71:81:fa:94:46:f6:23:01:1a:fe:84:
         2f:1f:5d:92:ee:26:1a:a5:ca:f6:07:eb:88:57:5f:f4:d2:f0:
         83:8b:7d:4f:0e:49:a4:3a:24:7e:0b:51:8f:5a:6d:9b:ad:f1:
         ec:66:b1:ac:5f:96:46:7e:51:0b:27:c9:82:df:01:d0:8e:a8:
         21:3d:a1:c2:7e:3d:7a:94:60:0f:9f:5e:eb:25:61:5a:bc:88:
         78:67:6f:62:a9:37:15:8d:9b:96:3b:50:25:f6:23:a5:d8:66:
         63:aa:57:cb:85:e8:b2:c9:a1:e3:4b:e0:02:b2:10:45:24:f3:
         4b:99:3c:a9:bb:36:bd:00:f5:56:21:dc:64:a9:50:b5:4b:f9:
         4a:64:47:16:f8:71:ea:74:73:95:e3:9c:b6:53:e0:18:04:68:
         c9:da:b1:d3:9d:76:f4:31:75:59:c5:59:fa:6c:cd:6d:c1:dc:
         2d:24:10:7d:93:23:50:05:4f:e3:3c:f8:12:11:f3:00:96:36:
         ce:46:0f:3f:e1:6f:f8:42:dd:f0:7b:99:b9:a0:02:e5:ff:9d:
         82:46:10:da:34:45:86:0c:63:99:00:4d:6f:79:c4:4a:70:3f:
         6e:6b:2d:6d:19:7c:9e:2b:7e:0c:46:16:ac:2f:bb:f9:90:31:
         ba:b1:01:9b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDtuT7n00XUJ9aC6KNSSuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNhNTNmMGE1ODdmMzZkODlhOWNhYjgyYmY1YTUwMzZjNjE0MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBktFGujPPQaUSOvkswlgJdP1B8Y
+X465+nezNagmveVfEmNI5avQqJuGD/m/oF3S/5Zqeg/d9k9EbwxAaJwJHFSCYsx
gW4v8LUUY6H8i4PRHKnOuo0yI3aHAcxoLh11et3FaYfPhY0iqY4qqhHIijkyV+CY
7ifPXDrmyjRXQ8HBGreub7/n02FKebwjjRN+/ggQQXACTmEq+RpNjfVgnOHpToAr
yURB/JWQn/Az95X1Fp07wx3G185/tkXcvFmZ6BjegrmA1LRha/qF8JVLrU/fgfIG
tWgJHyUqlwjqqufYg7oWsHThd4z9hY53NaN0iBx/bvRfjVUoJRMC7xoATwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFL/KU/Clh/NtianKuCv1pQNsYUCiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyL2ZjMTJl
Yy0zZWFjLTQ0NTUtOTFjOS1mOTljNGU1YzI5NTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvZmMxMmVj
LTNlYWMtNDQ1NS05MWM5LWY5OWM0ZTVjMjk1My8xL3Y4cFQ4S1dIODIySnFjcTRL
X1dsQTJ4aFFLSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw5V1MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMEdzANBgkqhkiG9w0BAQsFAAOCAQEAaXI1iN2Zt3GB+pRG9iMBGv6ELx9dku4m
GqXK9gfriFdf9NLwg4t9Tw5JpDokfgtRj1ptm63x7GaxrF+WRn5RCyfJgt8B0I6o
IT2hwn49epRgD59e6yVhWryIeGdvYqk3FY2bljtQJfYjpdhmY6pXy4Xossmh40vg
ArIQRSTzS5k8qbs2vQD1ViHcZKlQtUv5SmRHFvhx6nRzleOctlPgGARoydqx0512
9DF1WcVZ+mzNbcHcLSQQfZMjUAVP4zz4EhHzAJY2zkYPP+Fv+ELd8HuZuaAC5f+d
gkYQ2jRFhgxjmQBNb3nESnA/bmstbRl8nit+DEYWrC+7+ZAxurEBmw==
-----END CERTIFICATE-----