Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y_b4rqvrMWfRGS1ihIDH4r_Zckg.cer
File:                     y_b4rqvrMWfRGS1ihIDH4r_Zckg.cer (raw, json)
Hash identifier:          4ZYqD/aNhy5Db641xdN/bUn/UU6YVW9aAZeWq3DnDE4=
Subject key identifier:   CB:F6:F8:AE:AB:EB:31:67:D1:19:2D:62:84:80:C7:E2:BF:D9:72:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94DA72CE62EF8B166BDB5E5CFE05ABB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b0/84e3f6-6931-4693-9579-1b3235babe27/1/y_b4rqvrMWfRGS1ihIDH4r_Zckg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b0/84e3f6-6931-4693-9579-1b3235babe27/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:32:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 91.103.12.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:a7:2c:e6:2e:f8:b1:66:bd:b5:e5:cf:e0:5a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:32:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cbf6f8aeabeb3167d1192d628480c7e2bfd97248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:37:8f:c7:33:7f:cc:58:93:01:33:18:e2:da:
                    22:dc:ca:8b:d5:bc:df:7d:ac:df:33:46:77:8c:a1:
                    39:8d:f8:80:b4:99:22:61:41:60:28:6d:88:91:fc:
                    ba:78:13:bf:c8:c6:d6:47:33:ec:3f:62:19:24:45:
                    5b:ce:c7:5d:4c:e5:5c:b7:19:f2:dd:ec:ec:83:78:
                    f9:e3:62:92:c2:84:30:d9:4d:0f:eb:82:35:8e:f0:
                    87:db:99:16:63:34:e1:bc:01:73:a7:b2:b3:b2:4f:
                    a0:6d:9f:23:87:49:30:b9:be:81:16:d5:38:3a:85:
                    38:47:8b:7e:b4:96:43:cb:86:14:57:6c:ec:ec:4a:
                    93:98:74:70:12:c1:84:3b:d6:91:af:cb:34:89:79:
                    d1:99:35:68:90:b9:c0:d7:03:91:be:0f:de:4d:d5:
                    0f:64:4e:91:c3:01:b2:e9:2a:19:af:6b:79:9f:25:
                    f3:54:4f:49:21:82:99:1d:b0:93:a2:82:47:8f:08:
                    c0:25:d0:bc:f7:ec:74:12:16:99:60:bf:f5:59:07:
                    97:db:3c:3a:e2:36:d4:8a:b0:06:8e:e2:77:53:1e:
                    20:00:64:d6:26:f4:9e:88:81:1b:df:60:c0:45:be:
                    3d:c8:04:6a:d2:2d:a6:2a:aa:7b:88:4e:09:ef:53:
                    78:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:F6:F8:AE:AB:EB:31:67:D1:19:2D:62:84:80:C7:E2:BF:D9:72:48
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/84e3f6-6931-4693-9579-1b3235babe27/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/84e3f6-6931-4693-9579-1b3235babe27/1/y_b4rqvrMWfRGS1ihIDH4r_Zckg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.103.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:79:bf:30:30:a0:fb:b5:81:7d:ae:12:de:f0:41:85:2f:6f:
         91:6d:8e:6c:6a:df:c6:97:15:77:9d:21:78:78:ce:48:e8:2a:
         1f:ce:b2:2b:e8:b4:67:34:87:3a:6d:6e:4a:f5:ba:b5:7f:b1:
         85:80:e7:1b:4d:b4:71:15:25:4b:f9:38:1e:e8:2e:cb:29:11:
         98:62:3a:17:c3:96:f7:1c:1c:72:a4:17:8e:9e:83:5d:43:c4:
         9a:87:63:b2:49:78:8a:f4:a6:fb:3c:ff:99:be:74:d1:10:5d:
         ad:a5:d6:33:d6:ca:7c:7e:bc:41:f0:e3:f1:40:8f:84:9f:c2:
         0a:e2:c3:f8:38:af:46:ae:9e:52:e0:cf:bb:27:1e:78:f3:10:
         a2:32:9c:34:29:a5:8a:cc:aa:2f:8c:39:19:ee:f0:1e:84:06:
         ac:a6:66:0c:5a:ef:c2:83:cf:9d:f9:65:27:ed:c4:35:9e:61:
         8b:e4:63:72:f0:6f:2b:c5:b0:eb:87:c4:24:3f:0e:0b:55:0d:
         41:4a:16:0e:72:ff:05:a2:f2:be:a6:9a:da:cc:ff:e9:80:48:
         e8:2e:c6:e0:78:35:a0:a6:63:59:b5:20:85:fd:f7:1a:65:17:
         83:31:d6:35:e9:a1:e9:97:20:7b:1e:25:36:d4:0f:dd:09:20:
         b5:fb:c5:32
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzJTacs5i74sWa9teXP4Fq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY2ZjhhZWFiZWIzMTY3ZDExOTJkNjI4NDgwYzdlMmJmZDk3MjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TePxzN/zFiTATMY4toi3MqL1bzf
fazfM0Z3jKE5jfiAtJkiYUFgKG2Ikfy6eBO/yMbWRzPsP2IZJEVbzsddTOVctxny
3ezsg3j542KSwoQw2U0P64I1jvCH25kWYzThvAFzp7Kzsk+gbZ8jh0kwub6BFtU4
OoU4R4t+tJZDy4YUV2zs7EqTmHRwEsGEO9aRr8s0iXnRmTVokLnA1wORvg/eTdUP
ZE6RwwGy6SoZr2t5nyXzVE9JIYKZHbCTooJHjwjAJdC89+x0EhaZYL/1WQeX2zw6
4jbUirAGjuJ3Ux4gAGTWJvSeiIEb32DARb49yARq0i2mKqp7iE4J71N4FwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMv2+K6r6zFn0RktYoSAx+K/2XJIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzg0ZTNm
Ni02OTMxLTQ2OTMtOTU3OS0xYjMyMzViYWJlMjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvODRlM2Y2
LTY5MzEtNDY5My05NTc5LTFiMzIzNWJhYmUyNy8xL3lfYjRycXZyTVdmUkdTMWlo
SURINHJfWmNrZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCW2cMMA0GCSqGSIb3DQEBCwUAA4IBAQBReb8w
MKD7tYF9rhLe8EGFL2+RbY5sat/GlxV3nSF4eM5I6CofzrIr6LRnNIc6bW5K9bq1
f7GFgOcbTbRxFSVL+Tge6C7LKRGYYjoXw5b3HBxypBeOnoNdQ8Sah2OySXiK9Kb7
PP+ZvnTREF2tpdYz1sp8frxB8OPxQI+En8IK4sP4OK9Grp5S4M+7Jx548xCiMpw0
KaWKzKovjDkZ7vAehAaspmYMWu/Cg8+d+WUn7cQ1nmGL5GNy8G8rxbDrh8QkPw4L
VQ1BShYOcv8FovK+pprazP/pgEjoLsbgeDWgpmNZtSCF/fcaZReDMdY16aHplyB7
HiU21A/dCSC1+8Uy
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:05:15 2024 by rpki-client on console-ams.rpki-client.org