Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer
File:                     wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer (raw, json)
Hash identifier:          bUMP0aSZwCw63FeOlef37p4hPSjdk7rBedzrxr8JkS8=
Subject key identifier:   C0:D0:49:5A:CF:9C:78:B9:18:3B:BA:0C:05:B8:A2:99:74:38:2B:14
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DB3B30375B08283DF8117BFA33CB40
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:56 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201971
                          IP: 185.57.188.0/22
                          IP: 2a04:de40::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:3b:30:37:5b:08:28:3d:f8:11:7b:fa:33:cb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0d0495acf9c78b9183bba0c05b8a29974382b14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fb:82:ac:bf:e0:4b:8f:00:2a:75:17:1d:d0:
                    d2:b9:41:84:c8:d1:e0:a8:f0:68:80:99:5f:be:5d:
                    b6:d7:80:ea:ef:63:8c:33:ce:95:5c:84:a7:3e:c2:
                    b0:b1:ce:93:4c:35:08:11:ae:e7:1f:4f:72:b6:fd:
                    74:71:9e:f9:fc:b4:71:8b:89:1d:77:78:32:73:10:
                    b9:08:8f:9a:d7:30:f2:a1:f7:f7:7a:83:72:f6:2d:
                    4f:83:b2:70:11:b0:69:88:87:ab:b1:1b:be:3b:09:
                    cf:b4:2d:9f:ad:a9:c8:52:c4:81:78:2e:ba:13:fb:
                    a6:91:7a:db:4b:6e:47:8e:98:d2:63:d0:f3:97:3d:
                    69:8f:46:40:82:e3:5b:4f:0f:19:0e:08:df:6f:87:
                    20:f0:b3:08:44:2c:50:99:c8:5b:75:bb:64:2e:c1:
                    6a:98:e7:21:cc:3a:fe:67:36:39:14:46:d6:00:23:
                    f7:b6:32:2c:53:8c:a0:c9:3f:fe:0f:aa:1c:34:14:
                    b6:49:61:f8:e1:f7:37:66:a8:b0:c8:59:3b:0f:17:
                    f2:5c:f2:8e:1a:aa:ab:6f:5d:cf:19:41:77:b7:f6:
                    bf:03:4a:40:bb:42:34:e4:28:20:17:11:ca:63:eb:
                    60:d5:24:9f:ea:9d:ac:c7:0e:a8:14:b6:f4:ef:f4:
                    08:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:D0:49:5A:CF:9C:78:B9:18:3B:BA:0C:05:B8:A2:99:74:38:2B:14
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.57.188.0/22
                IPv6:
                  2a04:de40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201971

    Signature Algorithm: sha256WithRSAEncryption
         23:5b:b5:b9:58:1a:e0:71:36:16:ab:4d:79:7c:a5:88:8c:4f:
         d9:4c:1e:25:5a:7d:04:19:2d:ff:00:89:ae:22:f3:26:a3:2c:
         cd:cf:c5:88:a3:5d:10:22:27:d4:d0:c0:66:99:12:8c:9a:f6:
         8a:32:55:53:6e:07:eb:fc:0c:81:3f:68:81:86:ed:56:f8:21:
         76:3d:9e:91:a6:fd:e8:33:b2:52:b3:54:09:b0:cb:17:6e:8b:
         d4:ba:ef:20:3c:03:45:0d:83:15:f1:ba:89:ce:d8:ef:35:0d:
         77:10:e1:67:06:ab:50:13:c0:1a:45:b7:0f:81:8b:07:30:b9:
         80:74:bf:04:7d:cf:ad:68:cd:c9:5f:b4:69:d2:6e:b6:6c:d6:
         29:ad:b7:92:63:19:df:ab:bd:cf:9f:09:a9:a2:3e:f1:2a:8d:
         98:12:e6:c0:ed:55:46:01:e4:93:4e:28:82:cc:09:d1:15:fd:
         0b:7e:6c:63:b7:4f:84:5f:6c:90:bc:66:3e:67:38:50:b5:a7:
         9d:47:0e:ce:43:ad:8b:c5:d8:ed:d5:de:17:f6:8d:ec:df:9e:
         02:f6:2a:5b:b4:f2:4b:bf:69:d6:18:1b:ca:83:fd:4d:fe:ef:
         a2:6f:cc:31:50:0f:0f:03:02:89:c5:7b:57:a2:88:a9:b1:bf:
         04:1f:07:07
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC2zswN1sIKD34EXv6M8tAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQwNDk1YWNmOWM3OGI5MTgzYmJhMGMwNWI4YTI5OTc0MzgyYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfuCrL/gS48AKnUXHdDSuUGEyNHg
qPBogJlfvl2214Dq72OMM86VXISnPsKwsc6TTDUIEa7nH09ytv10cZ75/LRxi4kd
d3gycxC5CI+a1zDyoff3eoNy9i1Pg7JwEbBpiIersRu+OwnPtC2franIUsSBeC66
E/umkXrbS25HjpjSY9Dzlz1pj0ZAguNbTw8ZDgjfb4cg8LMIRCxQmchbdbtkLsFq
mOchzDr+ZzY5FEbWACP3tjIsU4ygyT/+D6ocNBS2SWH44fc3ZqiwyFk7DxfyXPKO
Gqqrb13PGUF3t/a/A0pAu0I05CggFxHKY+tg1SSf6p2sxw6oFLb07/QIoQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMDQSVrPnHi5GDu6DAW4opl0OCsUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJlL2M2NTM5
OC1hOGViLTRkMTYtOWM0ZS0zNTg0ZTJhYjFmMGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUvYzY1Mzk4
LWE4ZWItNGQxNi05YzRlLTM1ODRlMmFiMWYwZC8xL3dOQkpXcy1jZUxrWU83b01C
YmlpbVhRNEt4US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTm8MA0EAgACMAcDBQMqBN5AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMU8zANBgkqhkiG9w0BAQsFAAOCAQEAI1u1uVga4HE2
FqtNeXyliIxP2UweJVp9BBkt/wCJriLzJqMszc/FiKNdECIn1NDAZpkSjJr2ijJV
U24H6/wMgT9ogYbtVvghdj2ekab96DOyUrNUCbDLF26L1LrvIDwDRQ2DFfG6ic7Y
7zUNdxDhZwarUBPAGkW3D4GLBzC5gHS/BH3PrWjNyV+0adJutmzWKa23kmMZ36u9
z58JqaI+8SqNmBLmwO1VRgHkk04ogswJ0RX9C35sY7dPhF9skLxmPmc4ULWnnUcO
zkOti8XY7dXeF/aN7N+eAvYqW7TyS79p1hgbyoP9Tf7vom/MMVAPDwMCicV7V6KI
qbG/BB8HBw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:58:34 2024 by rpki-client on console-fra.rpki-client.org