Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
File:                     xYigeeTOtrskwjxSceRYPhzy-ak.cer (raw, json)
Hash identifier:          k9HkcuEhHvZyrBY2Zj8sGIVNRSxXNk0nYdcQ8q69mSA=
Subject key identifier:   C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC492A36C1C488383E7DDA9E9DC372918
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:29:53 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 42083
                          IP: 185.208.100.0/22
                          IP: 2a0b:2240::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:a3:6c:1c:48:83:83:e7:dd:a9:e9:dc:37:29:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:29:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9b:63:8e:0c:5c:e3:d7:8e:44:3f:02:36:7b:
                    b2:6a:d3:99:8c:f4:17:32:48:b0:11:58:de:07:74:
                    bf:ba:4d:86:ed:bd:51:04:bc:9a:fa:42:05:f6:9c:
                    a5:2b:ba:7a:e5:26:a6:9c:0e:fa:ea:20:8b:6e:6d:
                    6b:ff:7b:12:18:00:e0:40:27:35:4e:c2:aa:b2:3c:
                    9f:07:b2:31:04:7d:00:cb:7d:ec:0d:5b:8a:82:b6:
                    ad:85:b7:d1:38:7f:f3:03:1c:b5:c0:c1:c7:63:33:
                    07:ac:13:01:d4:96:0b:0b:dd:92:76:87:e8:01:84:
                    61:b9:5c:80:9e:5b:0b:73:cd:35:15:94:4f:00:fa:
                    a1:43:50:5c:f2:cb:ea:e8:dd:5c:b9:ee:1d:0a:30:
                    f0:a1:15:94:3c:de:0a:94:9d:6f:5e:1b:f3:e3:01:
                    a8:c8:74:9c:3b:9f:61:87:e2:b4:75:07:7f:4d:f1:
                    a2:5d:c1:5d:ec:92:e2:58:3b:e0:fd:05:10:fb:55:
                    0c:c6:e8:74:ad:81:a3:e8:fd:2c:d7:c4:8e:48:6d:
                    36:a9:66:7b:eb:8c:7f:8a:d3:db:6b:0f:91:10:39:
                    25:7f:4e:3b:a0:f3:77:31:62:ca:05:aa:f7:cf:e7:
                    92:e2:1b:92:90:31:91:61:10:7c:6e:32:36:0f:0f:
                    93:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.208.100.0/22
                IPv6:
                  2a0b:2240::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  42083

    Signature Algorithm: sha256WithRSAEncryption
         03:4f:a4:b9:16:e1:22:ec:19:e8:f0:30:75:75:84:d2:6d:8d:
         54:6c:dc:7a:3e:11:31:3b:68:eb:36:14:dd:4e:a2:74:a2:ad:
         31:a5:3f:8f:a2:9f:6f:d1:fb:29:7d:0d:df:f6:22:f5:b5:be:
         b4:7f:bf:41:51:b8:a2:fd:a0:b3:88:37:cc:d6:a1:6f:08:bf:
         67:88:c1:5e:81:1b:1b:b9:4f:79:14:4a:ec:f3:df:86:9b:7c:
         f4:b6:04:6a:2c:7b:8a:52:08:68:fd:2f:a6:65:9a:a1:16:eb:
         dd:8e:f9:28:73:18:af:5b:a6:07:51:f9:15:94:de:75:3d:cf:
         cb:67:a7:2c:14:a5:46:16:3c:f0:5f:0a:a2:91:eb:ac:07:b6:
         f1:10:dc:44:7f:fc:7a:fe:6e:66:5f:13:0a:f5:aa:12:b7:98:
         57:86:c3:a5:e9:e2:38:6d:f4:1e:f7:68:0a:b4:39:1e:13:7e:
         5b:10:63:b4:54:63:f6:90:c8:ca:9b:82:28:a2:cd:fa:be:a5:
         8c:4b:d7:6c:f4:48:40:e3:57:26:75:13:df:dd:13:ca:27:78:
         5f:87:01:a8:fa:50:d1:ee:b5:de:ac:31:a6:0e:df:3d:35:5c:
         08:fe:c3:15:75:61:d6:26:d5:c6:0b:26:a1:7d:80:0b:35:9e:
         75:b0:13:59
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzEkqNsHEiDg+fdqencNykYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg4YTA3OWU0Y2ViNmJiMjRjMjNjNTI3MWU0NTgzZTFjZjJmOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJtjjgxc49eORD8CNnuyatOZjPQX
MkiwEVjeB3S/uk2G7b1RBLya+kIF9pylK7p65SamnA766iCLbm1r/3sSGADgQCc1
TsKqsjyfB7IxBH0Ay33sDVuKgrathbfROH/zAxy1wMHHYzMHrBMB1JYLC92Sdofo
AYRhuVyAnlsLc801FZRPAPqhQ1Bc8svq6N1cue4dCjDwoRWUPN4KlJ1vXhvz4wGo
yHScO59hh+K0dQd/TfGiXcFd7JLiWDvg/QUQ+1UMxuh0rYGj6P0s18SOSG02qWZ7
64x/itPbaw+REDklf047oPN3MWLKBar3z+eS4huSkDGRYRB8bjI2Dw+T4wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMWIoHnkzra7JMI8UnHkWD4c8vmpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2JiNGI4
Zi1iNmEyLTRkMDAtOTYxMi0xN2VkYjk4YmJiMDgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvYmI0Yjhm
LWI2YTItNGQwMC05NjEyLTE3ZWRiOThiYmIwOC8xL3hZaWdlZVRPdHJza3dqeFNj
ZVJZUGh6eS1hay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCudBkMA0EAgACMAcDBQMqCyJAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCkYzANBgkqhkiG9w0BAQsFAAOCAQEAA0+kuRbhIuwZ
6PAwdXWE0m2NVGzcej4RMTto6zYU3U6idKKtMaU/j6Kfb9H7KX0N3/Yi9bW+tH+/
QVG4ov2gs4g3zNahbwi/Z4jBXoEbG7lPeRRK7PPfhpt89LYEaix7ilIIaP0vpmWa
oRbr3Y75KHMYr1umB1H5FZTedT3Py2enLBSlRhY88F8KopHrrAe28RDcRH/8ev5u
Zl8TCvWqEreYV4bDpeniOG30HvdoCrQ5HhN+WxBjtFRj9pDIypuCKKLN+r6ljEvX
bPRIQONXJnUT390Tyid4X4cBqPpQ0e613qwxpg7fPTVcCP7DFXVh1ibVxgsmoX2A
CzWedbATWQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:05:08 2024 by rpki-client on console-ams.rpki-client.org