Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yCvtvPe1Ng_uJFt6JV9mQLcnaWg.cer
File:                     yCvtvPe1Ng_uJFt6JV9mQLcnaWg.cer (raw, json)
Hash identifier:          KI5Nipzqmr3gtCCp7oKWWCK2VVyaS8WB0j2bCAlMNkE=
Subject key identifier:   C8:2B:ED:BC:F7:B5:36:0F:EE:24:5B:7A:25:5F:66:40:B7:27:69:68
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DABC6E7CAA8829A93174D2600D5130
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/yCvtvPe1Ng_uJFt6JV9mQLcnaWg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:24 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 43756
                          IP: 194.37.252.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:bc:6e:7c:aa:88:29:a9:31:74:d2:60:0d:51:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c82bedbcf7b5360fee245b7a255f6640b7276968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cb:bc:97:6c:69:33:69:5c:e0:94:d1:11:99:
                    50:f2:00:d4:dd:7d:28:3d:9a:ae:13:c0:de:46:d3:
                    58:66:76:3c:24:a5:68:83:58:7a:ef:c3:73:e4:90:
                    3d:9e:e2:f9:fe:fb:f7:52:ad:7a:b9:81:88:cd:30:
                    fc:c2:18:de:1f:06:db:8b:8e:7c:20:e0:f8:84:17:
                    c4:39:e7:d6:8d:30:ae:60:83:8c:03:4f:ca:ee:c6:
                    1d:c1:91:a1:29:4a:31:e0:e8:24:c7:d4:5f:5b:8e:
                    6f:0a:77:ae:e3:94:bb:54:83:48:23:53:36:94:00:
                    d8:f4:94:39:48:90:4c:bd:fb:dc:7c:23:61:28:a4:
                    8e:28:13:43:65:1b:20:26:a4:71:61:67:5b:6e:91:
                    6b:0d:38:a8:32:c0:db:e5:00:2a:6b:05:44:2d:d7:
                    8f:50:ad:0c:77:d7:0c:5d:4b:8c:fe:87:78:e0:09:
                    44:c3:79:f4:fc:6b:94:bd:39:5d:96:6a:a0:4d:7c:
                    ac:9a:d5:0d:13:73:20:5b:3d:96:31:c3:d7:4d:28:
                    13:a8:5e:0f:44:fb:bd:b1:cb:51:0a:ba:34:c1:a0:
                    6d:1e:b5:38:02:91:09:bd:61:10:38:ca:63:c3:0e:
                    52:4f:b5:1d:e6:ae:ea:23:81:6a:79:33:2d:51:e7:
                    9a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:2B:ED:BC:F7:B5:36:0F:EE:24:5B:7A:25:5F:66:40:B7:27:69:68
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/yCvtvPe1Ng_uJFt6JV9mQLcnaWg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.37.252.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43756

    Signature Algorithm: sha256WithRSAEncryption
         17:12:7a:8c:f6:d2:4f:22:3c:3d:02:09:22:92:41:74:fe:2b:
         ef:41:63:74:84:dd:b8:64:05:c5:57:84:a8:e7:44:25:82:77:
         4a:3d:6a:a3:3a:7c:1c:40:e7:cb:0e:30:82:56:4e:d3:99:8b:
         53:1a:a5:25:19:9e:3b:71:04:88:22:4b:56:3d:0c:a4:27:8b:
         77:d2:da:5c:0d:47:65:3d:6a:65:70:74:c0:c4:d8:db:ca:a9:
         7b:8b:66:41:30:41:80:5a:72:53:54:da:cc:95:90:3f:c8:6b:
         ad:d9:0e:a5:65:be:91:d2:31:7e:6f:ec:d2:23:a0:01:f1:37:
         c8:37:5a:9b:aa:2d:d4:35:27:4b:33:91:19:eb:5f:52:6f:af:
         75:aa:a1:02:80:06:41:de:d8:bd:67:a6:2f:cb:1b:81:ed:22:
         25:fe:af:83:bc:a9:74:9d:ae:da:5c:b9:61:05:bc:27:90:e1:
         3c:c1:05:82:64:2e:a8:f2:d4:96:4a:d1:36:ce:c3:74:ef:0b:
         58:0c:1a:14:45:42:03:1f:d6:d4:ce:00:b5:b3:98:bb:90:79:
         59:98:1a:24:60:cd:86:fe:58:be:64:e7:4a:ea:44:bb:d8:db:
         d0:8a:ba:8a:22:1c:2f:45:92:c3:8f:61:01:ac:fd:6c:06:55:
         ca:84:e2:ff
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzC2rxufKqIKakxdNJgDVEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODJiZWRiY2Y3YjUzNjBmZWUyNDViN2EyNTVmNjY0MGI3Mjc2OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMu8l2xpM2lc4JTREZlQ8gDU3X0o
PZquE8DeRtNYZnY8JKVog1h678Nz5JA9nuL5/vv3Uq16uYGIzTD8whjeHwbbi458
IOD4hBfEOefWjTCuYIOMA0/K7sYdwZGhKUox4Ogkx9RfW45vCneu45S7VINII1M2
lADY9JQ5SJBMvfvcfCNhKKSOKBNDZRsgJqRxYWdbbpFrDTioMsDb5QAqawVELdeP
UK0Md9cMXUuM/od44AlEw3n0/GuUvTldlmqgTXysmtUNE3MgWz2WMcPXTSgTqF4P
RPu9sctRCro0waBtHrU4ApEJvWEQOMpjww5ST7Ud5q7qI4FqeTMtUeeaOQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFMgr7bz3tTYP7iRbeiVfZkC3J2loMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QxL2RkNTlk
OS1lYWRmLTQ3MTMtODk3Ny00MmZhM2NmYmI1MDMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEvZGQ1OWQ5
LWVhZGYtNDcxMy04OTc3LTQyZmEzY2ZiYjUwMy8xL3lDdnR2UGUxTmdfdUpGdDZK
VjltUUxjbmFXZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwiX8MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCq7DANBgkqhkiG9w0BAQsFAAOCAQEAFxJ6jPbSTyI8PQIJIpJBdP4r70FjdITd
uGQFxVeEqOdEJYJ3Sj1qozp8HEDnyw4wglZO05mLUxqlJRmeO3EEiCJLVj0MpCeL
d9LaXA1HZT1qZXB0wMTY28qpe4tmQTBBgFpyU1TazJWQP8hrrdkOpWW+kdIxfm/s
0iOgAfE3yDdam6ot1DUnSzORGetfUm+vdaqhAoAGQd7YvWemL8sbge0iJf6vg7yp
dJ2u2ly5YQW8J5DhPMEFgmQuqPLUlkrRNs7DdO8LWAwaFEVCAx/W1M4AtbOYu5B5
WZgaJGDNhv5YvmTnSupEu9jb0Iq6iiIcL0WSw49hAaz9bAZVyoTi/w==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:23:45 2024 by rpki-client on console-fra.rpki-client.org