Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
File:                     y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer (raw, json)
Hash identifier:          ZCO4LuVUxaCaUep7aawC+cw0VCZu0HVnVbd3kPz5aT8=
Subject key identifier:   CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B7076666C328F3BD9F0D41A8C415B1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:30:01 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198012
                          AS: 203152
                          IP: 178.255.24.0/21
                          IP: 185.127.136.0/22
                          IP: 2a13:4540::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:07:66:66:c3:28:f3:bd:9f:0d:41:a8:c4:15:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:30:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:11:d3:e4:d9:fe:22:a7:df:fb:e8:03:92:d5:
                    d7:e8:6d:9a:1f:58:1e:ae:58:73:2d:8d:be:12:4e:
                    21:a2:2b:36:33:7f:14:33:18:db:72:0e:a2:c9:91:
                    14:10:61:17:33:0c:29:d3:c1:8f:d3:c3:13:ad:b7:
                    81:9a:9f:31:bb:4a:38:59:55:8e:fa:98:b5:44:a6:
                    a0:4b:70:53:92:fe:d2:9e:9b:bd:fd:fc:3d:96:02:
                    67:8e:5a:4e:3b:46:c0:75:d7:a4:71:86:3c:ed:40:
                    64:51:74:bb:be:53:8f:db:02:70:30:ff:f8:61:50:
                    b5:9e:4f:01:95:06:bd:a1:86:2c:49:9d:30:58:de:
                    06:1c:02:91:e0:9d:19:71:f9:d4:ab:db:44:52:be:
                    9a:f4:1b:4f:4d:9e:2c:45:2d:be:af:fe:0c:98:4c:
                    68:82:e1:4d:93:8d:0e:f7:dc:29:a4:b6:b1:d5:8d:
                    27:d3:9f:34:35:13:c1:d6:1f:f4:78:f5:6c:eb:06:
                    1e:16:3f:c2:a9:f4:17:81:f1:a9:62:dd:78:9b:cd:
                    d6:d7:1c:4c:4b:2c:26:ba:26:41:3b:ca:07:f3:a0:
                    07:cd:d0:39:81:3c:04:17:85:84:c1:37:1b:c5:af:
                    c4:a7:3c:75:1e:0c:1c:e4:72:f6:a1:6a:be:bc:4d:
                    67:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.24.0/21
                  185.127.136.0/22
                IPv6:
                  2a13:4540::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198012
                  203152

    Signature Algorithm: sha256WithRSAEncryption
         5a:fb:8d:b9:2e:55:9c:5f:ce:07:9d:59:1f:3c:cc:a3:20:ac:
         35:2d:d8:7e:fb:7a:f0:17:e0:b1:ba:fd:0f:07:d1:7b:c5:60:
         82:fa:6c:70:95:c1:1e:64:35:a3:fa:06:dd:b9:3d:44:e9:65:
         5a:74:cb:c3:9a:9a:a8:2b:67:4b:61:71:6a:94:ff:43:91:30:
         5d:9d:d5:f9:05:f7:18:ae:08:f7:f1:43:9c:60:1b:3c:9d:e1:
         79:bd:8a:de:ef:48:73:4f:ea:8a:f1:3f:f3:7a:d9:96:a5:4a:
         16:0d:51:74:5e:6d:c2:12:5c:cc:f4:68:98:b2:00:4a:58:6b:
         55:88:e3:45:7a:11:12:72:1b:03:a4:f7:c6:1d:31:bf:8c:d3:
         6b:14:8e:12:b1:68:3b:9f:f4:a2:1a:6a:74:03:a5:a6:14:2a:
         20:ca:1a:11:c3:19:64:b3:e7:a2:73:1a:75:36:54:55:4c:7d:
         37:75:01:48:d1:d8:43:62:a2:20:82:1d:c5:f9:1a:27:bd:95:
         50:2b:ff:0e:7d:f6:f7:9e:67:f3:bc:c8:7d:2b:ca:13:b8:4a:
         25:03:cf:57:b7:24:91:2b:38:9e:2e:36:48:5b:de:62:7b:fc:
         82:e5:13:3b:2f:c8:3a:2b:c7:8e:0f:d5:67:6e:7c:3d:e3:39:
         b3:73:d1:39
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYzDtwdmZsMo872fDUGoxBWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZiZjJiODk1ODRlYzk2MDgwMDQ4ZGMzZmRjMmUzOTgzYzI3N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxHT5Nn+Iqff++gDktXX6G2aH1ge
rlhzLY2+Ek4hois2M38UMxjbcg6iyZEUEGEXMwwp08GP08MTrbeBmp8xu0o4WVWO
+pi1RKagS3BTkv7Snpu9/fw9lgJnjlpOO0bAddekcYY87UBkUXS7vlOP2wJwMP/4
YVC1nk8BlQa9oYYsSZ0wWN4GHAKR4J0ZcfnUq9tEUr6a9BtPTZ4sRS2+r/4MmExo
guFNk40O99wppLax1Y0n0580NRPB1h/0ePVs6wYeFj/CqfQXgfGpYt14m83W1xxM
SywmuiZBO8oH86AHzdA5gTwEF4WEwTcbxa/Epzx1Hgwc5HL2oWq+vE1nBwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFMtr8riVhOyWCABI3D/cLjmDwnfzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0LzZhODdm
MS1lMTk3LTRhMjMtOTUzZC0xMGZkZmNlOTQ1MTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQvNmE4N2Yx
LWUxOTctNGEyMy05NTNkLTEwZmRmY2U5NDUxMy8xL3kydnl1SldFN0pZSUFFamNQ
OXd1T1lQQ2RfTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDsv8YAwQCuX+IMA0EAgACMAcDBQMqE0VAMB8G
CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwMFfAIDAxmQMA0GCSqGSIb3DQEBCwUAA4IB
AQBa+425LlWcX84HnVkfPMyjIKw1Ldh++3rwF+Cxuv0PB9F7xWCC+mxwlcEeZDWj
+gbduT1E6WVadMvDmpqoK2dLYXFqlP9DkTBdndX5BfcYrgj38UOcYBs8neF5vYre
70hzT+qK8T/zetmWpUoWDVF0Xm3CElzM9GiYsgBKWGtViONFehESchsDpPfGHTG/
jNNrFI4SsWg7n/SiGmp0A6WmFCogyhoRwxlks+eicxp1NlRVTH03dQFI0dhDYqIg
gh3F+RonvZVQK/8Offb3nmfzvMh9K8oTuEolA89XtySRKzieLjZIW95ie/yC5RM7
L8g6K8eOD9Vnbnw94zmzc9E5
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:23:44 2024 by rpki-client on console-fra.rpki-client.org