Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
File:                     w3i8O9NQ7txPN3wiRVayUNpt3m8.cer (raw, json)
Hash identifier:          9BxxMtfmEN9k/GsvBo/gbbXk5YcUXcD30EmfwIKprpg=
Subject key identifier:   C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC4249D7EDA4E0EA552A6E3D7E1013F2B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 08:29:43 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 5.28.192.0/18
                          IP: 77.37.0.0/17
                          IP: 91.108.64.0/18
                          IP: 93.127.128.0/17
                          IP: 185.171.76.0/22
                          IP: 2a01:4d0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:9d:7e:da:4e:0e:a5:52:a6:e3:d7:e1:01:3f:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:29:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:92:22:7c:cf:9f:b4:99:a7:a7:2c:60:b6:11:
                    2c:63:c4:e1:e8:7f:7a:62:f7:d9:c5:d4:e4:0a:5d:
                    c4:29:a4:f6:0b:5c:0d:aa:3a:51:ce:95:87:90:bc:
                    80:5f:b1:66:d8:07:de:94:d2:f2:24:96:32:39:84:
                    8a:3a:1c:8a:23:d8:ef:a6:be:ca:23:e8:fd:fb:db:
                    59:42:cd:68:d6:62:87:0c:ff:77:69:bd:71:1f:2e:
                    82:61:c7:7c:48:7e:93:80:1c:33:fb:97:b9:54:63:
                    f5:68:61:e8:c6:b4:1c:a0:54:a3:3c:58:69:d2:f7:
                    98:95:69:b1:b7:c8:1b:87:fa:bd:de:bc:01:7b:76:
                    3d:e0:2a:b6:72:98:af:c5:d5:b5:1b:41:b0:48:7f:
                    09:7e:b8:fa:7e:af:2f:5b:3d:8f:e6:64:93:6e:60:
                    c6:c9:07:46:6e:f4:48:13:5f:0b:43:e8:a1:fb:14:
                    17:cc:d0:1d:7d:b9:6c:44:2e:bf:7a:5f:b1:82:3c:
                    0c:6a:98:58:69:b1:cd:34:18:da:da:de:5b:f4:6f:
                    c6:6a:90:94:a2:8c:e2:dc:09:a7:a6:40:40:f2:45:
                    15:e2:1d:69:eb:7f:1a:20:48:a4:91:a9:91:b7:76:
                    53:1e:5f:62:15:75:f8:5e:0f:63:6e:2d:ff:42:4e:
                    74:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.28.192.0/18
                  77.37.0.0/17
                  91.108.64.0/18
                  93.127.128.0/17
                  185.171.76.0/22
                IPv6:
                  2a01:4d0::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:f7:a1:e2:64:4b:3c:7b:a6:16:87:bf:09:e8:ee:ae:10:e8:
         87:68:ba:7e:a3:aa:2b:45:07:c4:8c:a3:5c:9e:8e:f1:df:55:
         8d:9d:99:b1:f8:22:08:c0:d8:33:22:21:11:d7:a3:04:a6:52:
         62:50:ba:8d:b9:1a:32:8e:a8:ab:25:3b:3e:9a:9a:98:f5:da:
         e8:77:8d:88:4f:11:f9:38:30:ab:30:a3:d5:68:57:6a:3c:2e:
         4b:cf:ce:a1:9a:af:83:ba:39:e0:4e:e9:ab:9e:88:e8:35:db:
         1c:b5:15:31:28:10:72:6c:5f:cd:03:0a:be:85:d6:84:06:a8:
         3f:0d:2a:95:45:6a:2e:55:dc:8a:88:1e:ac:c0:fd:20:68:e6:
         9d:b0:8b:08:3e:ff:d0:d5:f9:c4:04:c5:cb:f5:84:3f:4a:ca:
         8e:e8:a8:7e:36:d5:80:fc:63:5e:ed:74:95:3e:dc:ed:da:3e:
         02:f8:46:95:ac:73:c6:6c:96:08:d1:e0:79:6e:e4:9f:92:42:
         16:f8:13:6f:c5:6a:6e:22:3c:2d:53:a6:59:3c:c8:42:74:98:
         e5:92:0a:45:8d:0b:8f:86:3a:1c:bd:3d:95:25:ec:51:38:e7:
         b8:2b:9f:77:bd:58:ba:44:a7:1e:d7:3c:64:12:ad:65:62:02:
         90:86:8b:fe
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYzEJJ1+2k4OpVKm49fhAT8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc4YmMzYmQzNTBlZWRjNGYzNzdjMjI0NTU2YjI1MGRhNmRkZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25IifM+ftJmnpyxgthEsY8Th6H96
YvfZxdTkCl3EKaT2C1wNqjpRzpWHkLyAX7Fm2AfelNLyJJYyOYSKOhyKI9jvpr7K
I+j9+9tZQs1o1mKHDP93ab1xHy6CYcd8SH6TgBwz+5e5VGP1aGHoxrQcoFSjPFhp
0veYlWmxt8gbh/q93rwBe3Y94Cq2cpivxdW1G0GwSH8Jfrj6fq8vWz2P5mSTbmDG
yQdGbvRIE18LQ+ih+xQXzNAdfblsRC6/el+xgjwMaphYabHNNBja2t5b9G/GapCU
oozi3AmnpkBA8kUV4h1p638aIEikkamRt3ZTHl9iFXX4Xg9jbi3/Qk50RQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFMN4vDvTUO7cTzd8IkVWslDabd5vMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2L2JlNjZl
NC1mMTRiLTRiMzEtYmRhZi00NDE0NTU4ZmRjYmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvYmU2NmU0
LWYxNGItNGIzMS1iZGFmLTQ0MTQ1NThmZGNiYi8xL3czaThPOU5RN3R4UE4zd2lS
VmF5VU5wdDNtOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQGBRzAAwQHTSUAAwQGW2xAAwQHXX+AAwQCuatM
MA0EAgACMAcDBQAqAQTQMA0GCSqGSIb3DQEBCwUAA4IBAQBj96HiZEs8e6YWh78J
6O6uEOiHaLp+o6orRQfEjKNcno7x31WNnZmx+CIIwNgzIiER16MEplJiULqNuRoy
jqirJTs+mpqY9drod42ITxH5ODCrMKPVaFdqPC5Lz86hmq+DujngTumrnojoNdsc
tRUxKBBybF/NAwq+hdaEBqg/DSqVRWouVdyKiB6swP0gaOadsIsIPv/Q1fnEBMXL
9YQ/SsqO6Kh+NtWA/GNe7XSVPtzt2j4C+EaVrHPGbJYI0eB5buSfkkIW+BNvxWpu
IjwtU6ZZPMhCdJjlkgpFjQuPhjocvT2VJexROOe4K593vVi6RKce1zxkEq1lYgKQ
hov+
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:20 2024 by rpki-client on console-ams.rpki-client.org