Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yCnhDha8eb_FbFNVflsapVnMdDU.cer
File:                     yCnhDha8eb_FbFNVflsapVnMdDU.cer (raw, json)
Hash identifier:          Ocuge7Y3hKHBjS7nwpg1oHqY5AwOtsEOSf+2TjzyO1Q=
Subject key identifier:   C8:29:E1:0E:16:BC:79:BF:C5:6C:53:55:7E:5B:1A:A5:59:CC:74:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC7137A38FA84E726138D9048073C1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/91/667a4d-4a3a-48f5-a26a-b8453eebb267/1/yCnhDha8eb_FbFNVflsapVnMdDU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/91/667a4d-4a3a-48f5-a26a-b8453eebb267/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:30:07 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 206081
                          IP: 2001:67c:c64::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:71:37:a3:8f:a8:4e:72:61:38:d9:04:80:73:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:30:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c829e10e16bc79bfc56c53557e5b1aa559cc7435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:28:06:6c:d4:1e:88:9e:04:c0:b9:de:60:fc:
                    71:50:6f:5a:af:cc:68:7f:35:6c:8b:d2:a6:6c:6e:
                    ca:62:16:d6:39:4b:bb:21:bc:a3:18:cb:e4:88:7e:
                    16:9a:8c:8d:84:da:61:ad:40:03:1f:10:e2:c6:75:
                    a0:83:88:9e:60:8a:8f:bc:3e:c3:93:3a:2c:52:bb:
                    81:96:47:a0:4e:d4:96:1c:73:0f:9a:e1:27:43:d6:
                    07:0d:8c:51:6e:5a:c7:a4:2e:20:9e:1e:e0:b5:ce:
                    ea:05:76:f8:a7:11:bd:a1:cd:6c:61:56:bd:48:21:
                    d4:90:43:6d:30:ef:4e:6f:ba:c4:af:79:bf:9a:14:
                    cd:c7:bc:3f:8a:c7:8c:90:2a:39:4d:94:84:1f:1f:
                    1b:56:3b:8a:dc:d2:fd:39:31:28:e3:de:c2:70:25:
                    c7:6f:0c:78:7f:24:0b:30:ab:3b:3c:5a:e9:48:da:
                    c1:af:26:17:bb:c4:5a:1d:44:4f:d9:a4:4e:55:e3:
                    32:ed:33:fe:73:cf:66:f7:8f:1f:0e:9a:63:65:fe:
                    3d:f5:1d:46:30:4c:70:c2:7c:f7:d0:2d:50:14:60:
                    18:e6:72:06:6c:ed:d6:fc:09:57:7f:2c:76:ad:14:
                    76:82:40:d0:90:fe:11:ff:39:2a:03:56:ff:b7:c7:
                    fe:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:29:E1:0E:16:BC:79:BF:C5:6C:53:55:7E:5B:1A:A5:59:CC:74:35
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/667a4d-4a3a-48f5-a26a-b8453eebb267/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/667a4d-4a3a-48f5-a26a-b8453eebb267/1/yCnhDha8eb_FbFNVflsapVnMdDU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:c64::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206081

    Signature Algorithm: sha256WithRSAEncryption
         6f:90:d8:cb:ae:fc:33:c7:c7:07:bc:15:72:ce:5a:af:a0:90:
         1c:65:ba:57:33:36:b5:a7:81:12:34:a7:63:84:df:cb:b5:7d:
         9f:ff:6b:2f:40:f8:9f:8d:0c:e0:e0:a2:47:cc:a1:de:49:d4:
         90:48:fb:53:54:c2:01:18:8b:5c:81:b0:6d:71:b1:57:e8:32:
         8c:8f:c2:14:0f:6f:f2:1a:16:32:24:3d:7c:56:38:d8:f5:98:
         b2:61:ce:62:2f:70:9c:64:2f:dd:da:17:7a:16:78:e4:42:4d:
         7e:70:57:42:da:b4:89:4c:7e:ed:c5:ff:cb:bf:f9:3d:cf:f8:
         3c:98:85:2a:f9:99:02:e3:d7:25:ef:56:67:8e:e8:35:23:4b:
         c6:cd:cd:e2:9f:0e:b4:d4:da:80:f9:60:39:15:fd:d1:2b:22:
         68:42:b6:11:4d:68:40:09:ba:bf:27:a0:32:4f:f9:73:f7:59:
         4d:da:97:b2:53:63:2c:58:cf:eb:75:3e:d2:53:8f:18:39:71:
         2e:b1:5f:34:d9:cd:80:8d:d0:2d:f2:f6:29:21:fa:9a:42:02:
         66:a0:5a:f9:d4:d7:8a:02:c2:ab:45:64:fb:78:42:88:ec:3b:
         ed:79:f2:f7:96:e7:e2:fb:d8:51:b6:fc:e0:2a:5a:9e:6a:df:
         c4:6a:15:6f
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzF3HE3o4+oTnJhONkEgHPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI5ZTEwZTE2YmM3OWJmYzU2YzUzNTU3ZTViMWFhNTU5Y2M3NDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSgGbNQeiJ4EwLneYPxxUG9ar8xo
fzVsi9KmbG7KYhbWOUu7IbyjGMvkiH4WmoyNhNphrUADHxDixnWgg4ieYIqPvD7D
kzosUruBlkegTtSWHHMPmuEnQ9YHDYxRblrHpC4gnh7gtc7qBXb4pxG9oc1sYVa9
SCHUkENtMO9Ob7rEr3m/mhTNx7w/iseMkCo5TZSEHx8bVjuK3NL9OTEo497CcCXH
bwx4fyQLMKs7PFrpSNrBryYXu8RaHURP2aROVeMy7TP+c89m948fDppjZf499R1G
MExwwnz30C1QFGAY5nIGbO3W/AlXfyx2rRR2gkDQkP4R/zkqA1b/t8f+FQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFMgp4Q4WvHm/xWxTVX5bGqVZzHQ1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxLzY2N2E0
ZC00YTNhLTQ4ZjUtYTI2YS1iODQ1M2VlYmIyNjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEvNjY3YTRk
LTRhM2EtNDhmNS1hMjZhLWI4NDUzZWViYjI2Ny8xL3lDbmhEaGE4ZWJfRmJGTlZm
bHNhcFZuTWREVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAxkMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMlATANBgkqhkiG9w0BAQsFAAOCAQEAb5DYy678M8fHB7wVcs5ar6CQHGW6
VzM2taeBEjSnY4Tfy7V9n/9rL0D4n40M4OCiR8yh3knUkEj7U1TCARiLXIGwbXGx
V+gyjI/CFA9v8hoWMiQ9fFY42PWYsmHOYi9wnGQv3doXehZ45EJNfnBXQtq0iUx+
7cX/y7/5Pc/4PJiFKvmZAuPXJe9WZ47oNSNLxs3N4p8OtNTagPlgORX90SsiaEK2
EU1oQAm6vyegMk/5c/dZTdqXslNjLFjP63U+0lOPGDlxLrFfNNnNgI3QLfL2KSH6
mkICZqBa+dTXigLCq0Vk+3hCiOw77Xny95bn4vvYUbb84CpanmrfxGoVbw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:05:13 2024 by rpki-client on console-ams.rpki-client.org