Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
File:                     wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer (raw, json)
Hash identifier:          VHWYI0Ls0FGDGv3/hd68CE503xusv1j3isCPA25ckTA=
Subject key identifier:   C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DAE09E2DDE3E2979E0D3FF651715F2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 34187
                          IP: 46.33.32.0/19
                          IP: 78.26.128.0/17
                          IP: 185.70.108.0/22
                          IP: 195.245.118.0/23
                          IP: 2a03:1240::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:e0:9e:2d:de:3e:29:79:e0:d3:ff:65:17:15:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:80:c8:33:1c:a7:57:60:62:b3:15:92:16:03:
                    5d:26:e0:52:e5:33:fd:1d:ca:50:0a:27:68:61:5b:
                    78:e3:80:39:8b:09:9a:22:96:6a:15:59:ac:07:e1:
                    a2:65:7c:ea:af:77:2c:6b:90:8b:0e:a2:bf:f6:48:
                    bb:0e:e7:49:5d:d8:29:73:db:62:96:02:65:37:ba:
                    52:b6:94:b7:8a:86:e4:56:0e:77:ea:21:bd:2f:6f:
                    42:2f:dd:eb:7b:81:75:db:5e:17:80:91:6b:3a:6d:
                    3a:3f:aa:d4:09:8a:e4:62:1a:68:e6:50:29:48:06:
                    e2:ec:fc:12:76:d6:0e:fe:40:14:b6:a1:6d:65:5e:
                    42:a3:89:72:13:06:8b:a5:eb:16:5e:1e:23:24:7d:
                    f7:0e:60:d4:d1:9f:fa:60:d3:92:a8:d7:36:24:08:
                    b3:85:b3:ca:85:b4:7b:d5:f8:c3:51:6d:3e:d1:9a:
                    ca:c9:89:6f:3a:fa:0c:6e:c3:b2:ff:80:81:c8:1f:
                    cc:8f:53:88:2c:cd:84:90:51:45:f1:1f:04:35:d9:
                    66:0e:0d:00:57:c1:c3:b7:13:a2:6b:e9:5d:bc:fb:
                    f2:88:a1:e9:96:87:43:01:f7:f3:48:ca:6a:8a:46:
                    d3:b9:1c:cc:9f:b1:3a:70:5b:b1:58:0f:71:43:a5:
                    95:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.33.32.0/19
                  78.26.128.0/17
                  185.70.108.0/22
                  195.245.118.0/23
                IPv6:
                  2a03:1240::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  34187

    Signature Algorithm: sha256WithRSAEncryption
         2a:43:cd:8a:00:bb:af:f1:80:85:bf:98:e1:56:62:98:04:46:
         4b:c3:4f:94:4b:b4:eb:be:c4:e6:6e:cd:96:60:56:9b:b2:58:
         07:31:27:57:72:d1:ea:92:7a:cd:aa:59:d2:d6:fc:78:98:5b:
         5d:11:00:d0:3e:7a:ba:5a:af:d1:cf:3e:91:8b:2f:cb:c1:6e:
         ef:b2:43:7a:09:98:35:ad:a3:f3:80:22:64:f0:f6:30:09:4d:
         ee:d7:f1:34:cc:4a:6c:73:da:02:22:eb:98:c8:6b:88:88:f3:
         5c:ff:d0:c7:4d:82:20:c3:d9:d4:e2:71:66:3f:e3:19:d2:4c:
         8c:d4:76:bf:e4:63:e7:6b:de:73:cf:ac:f6:79:36:84:a9:2e:
         01:b2:38:ea:c3:bb:af:16:7f:91:ec:3c:10:64:fe:fa:1b:74:
         5f:e5:d7:ad:57:e8:e3:c9:dd:2f:3d:3d:9b:d1:e7:92:a9:06:
         4f:65:ce:57:e8:42:d0:f9:9a:3b:df:9c:b1:16:7b:61:82:63:
         69:75:b4:aa:c4:34:7a:fe:11:a5:03:b8:7b:46:21:a3:cf:0b:
         3e:97:e1:94:12:e0:33:34:e2:c1:7e:e2:5a:c2:2f:8e:49:a7:
         21:0e:2e:79:10:bf:92:d2:7a:89:2c:89:28:19:a0:88:52:f1:
         f2:08:8a:01
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYzC2uCeLd4+KXng0/9lFxXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWJmOGYzZTYwOTA3Mjg4OWU3NGRkMGZiNGUyN2Y5YmFjNDdiM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoDIMxynV2BisxWSFgNdJuBS5TP9
HcpQCidoYVt444A5iwmaIpZqFVmsB+GiZXzqr3csa5CLDqK/9ki7DudJXdgpc9ti
lgJlN7pStpS3iobkVg536iG9L29CL93re4F1214XgJFrOm06P6rUCYrkYhpo5lAp
SAbi7PwSdtYO/kAUtqFtZV5Co4lyEwaLpesWXh4jJH33DmDU0Z/6YNOSqNc2JAiz
hbPKhbR71fjDUW0+0ZrKyYlvOvoMbsOy/4CByB/Mj1OILM2EkFFF8R8ENdlmDg0A
V8HDtxOia+ldvPvyiKHplodDAffzSMpqikbTuRzMn7E6cFuxWA9xQ6WVaQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFMG/jz5gkHKInnTdD7Tif5usR7OwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhL2ExYzZj
MC1lNzU0LTQ3OWUtODUxZC0wZDBkYTBkMTA0MzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYTFjNmMw
LWU3NTQtNDc5ZS04NTFkLTBkMGRhMGQxMDQzMi8xL3diLVBQbUNRY29pZWROMFB0
T0pfbTZ4SHM3QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQFLiEgAwQHThqAAwQCuUZsAwQBw/V2MA0EAgAC
MAcDBQMqAxJAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCFizANBgkqhkiG9w0B
AQsFAAOCAQEAKkPNigC7r/GAhb+Y4VZimARGS8NPlEu0677E5m7NlmBWm7JYBzEn
V3LR6pJ6zapZ0tb8eJhbXREA0D56ulqv0c8+kYsvy8Fu77JDegmYNa2j84AiZPD2
MAlN7tfxNMxKbHPaAiLrmMhriIjzXP/Qx02CIMPZ1OJxZj/jGdJMjNR2v+Rj52ve
c8+s9nk2hKkuAbI46sO7rxZ/kew8EGT++ht0X+XXrVfo48ndLz09m9HnkqkGT2XO
V+hC0PmaO9+csRZ7YYJjaXW0qsQ0ev4RpQO4e0Yho88LPpfhlBLgMzTiwX7iWsIv
jkmnIQ4ueRC/ktJ6iSyJKBmgiFLx8giKAQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 10:23:35 2024 by rpki-client on console-ams.rpki-client.org