Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.cer
File:                     2AFACA7F316DBE0CFF394F9D5952E52992F185F1.cer (raw, json)
Hash identifier:          TzD6pGlBEMmZI/OlLFvK4Q5nKNXovDA7wOkDjfwohQo=
Subject key identifier:   2A:FA:CA:7F:31:6D:BE:0C:FF:39:4F:9D:59:52:E5:29:92:F1:85:F1
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Certificate issuer:       /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial:       4587588D8B89C3C1707F9505A8E19D1E9C7DBBC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 15 Mar 2024 18:51:44 +0000
Certificate not after:    Fri 14 Mar 2025 18:56:44 +0000
Subordinate resources:    IP: 2a14:1ec7:fe00::/40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:87:58:8d:8b:89:c3:c1:70:7f:95:05:a8:e1:9d:1e:9c:7d:bb:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
        Validity
            Not Before: Mar 15 18:51:44 2024 GMT
            Not After : Mar 14 18:56:44 2025 GMT
        Subject: CN=2AFACA7F316DBE0CFF394F9D5952E52992F185F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:dd:a7:3e:6c:a3:e0:fa:6b:92:f4:be:3f:df:
                    9d:32:84:a5:79:6f:a8:a1:a8:16:ea:7a:c1:59:6c:
                    c3:ba:2b:74:04:e7:85:ac:86:e7:d0:29:62:eb:4b:
                    a2:ce:6f:96:43:dc:47:3e:a0:a6:60:e8:9b:f6:90:
                    13:8f:b7:fc:df:cd:fc:13:43:0a:e7:f2:d9:b7:a7:
                    96:80:29:40:f0:a9:42:51:64:cf:e1:72:38:20:22:
                    45:31:75:33:cc:70:a8:fd:b1:39:d5:be:66:c2:df:
                    bc:88:4c:0a:61:98:56:e4:59:b7:f1:d1:f3:5e:9e:
                    a7:61:3f:fb:4f:7e:5b:ca:97:9c:88:80:68:3b:94:
                    9b:ec:a6:2c:c2:45:ad:74:59:ff:b0:43:03:c7:31:
                    3b:05:88:2d:ab:32:f3:e5:8c:10:97:5e:7e:17:83:
                    73:7e:ec:65:13:39:38:92:4e:f2:28:27:b6:a3:6c:
                    f5:8a:f7:c5:af:2d:78:72:b4:5e:10:67:be:78:28:
                    f1:a0:dd:3d:9c:26:d6:fa:6e:f0:85:34:d2:8f:f0:
                    cb:ea:ba:6c:4c:72:63:e9:be:1a:54:68:c0:6e:55:
                    04:67:09:7c:de:b5:65:00:3a:6b:9e:db:1e:80:3d:
                    45:ac:0c:b5:cf:64:ff:0d:d9:26:b1:1d:29:67:b5:
                    25:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                2A:FA:CA:7F:31:6D:BE:0C:FF:39:4F:9D:59:52:E5:29:92:F1:85:F1
            X509v3 Authority Key Identifier:
                keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:1ec7:fe00::/40

    Signature Algorithm: sha256WithRSAEncryption
         99:33:66:bf:e6:97:86:2e:7a:29:4d:69:e1:d8:e9:fe:0e:9a:
         86:ee:09:28:07:99:6e:6b:5a:54:5f:82:42:7a:af:4d:96:b2:
         40:ec:6a:cf:7a:88:40:4c:0c:e3:14:8a:17:60:c9:f1:5b:af:
         38:89:e3:20:57:06:5a:22:40:0a:02:a0:a4:e6:6e:ad:3a:2e:
         84:52:19:86:fc:be:c7:91:9a:61:86:d7:8a:e2:80:7a:59:82:
         25:35:62:ab:5b:07:36:cc:93:2b:26:ec:2c:47:47:16:0e:c4:
         38:07:82:4d:99:3d:51:fd:2c:d6:c3:d6:6e:e5:bb:4d:30:56:
         94:bc:d8:e9:0b:37:6f:d8:ff:8a:33:bd:7d:05:3e:bc:0a:c7:
         71:24:79:5b:c1:e3:61:7a:48:84:70:3a:05:2e:af:a0:f2:3f:
         fd:c6:f6:a2:9c:ad:e2:25:17:79:3c:8a:46:ab:c1:35:64:55:
         89:de:8a:48:4f:08:40:eb:08:4b:76:7f:0a:a9:c1:a5:0a:f0:
         a7:28:70:8c:36:db:a1:a2:32:51:b3:dd:c6:3d:94:ee:5c:5b:
         df:cb:f4:60:ae:5b:f4:6f:e4:79:f1:53:a8:b7:92:e1:93:0c:
         12:4c:e4:e1:21:39:63:10:44:1b:18:e6:d4:a3:42:d5:f0:47:
         13:a6:25:a2
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIURYdYjYuJw8Fwf5UFqOGdHpx9u8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDAzMTUxODUxNDRaFw0yNTAzMTQxODU2NDRaMDMxMTAvBgNV
BAMTKDJBRkFDQTdGMzE2REJFMENGRjM5NEY5RDU5NTJFNTI5OTJGMTg1RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY3ac+bKPg+muS9L4/350yhKV5
b6ihqBbqesFZbMO6K3QE54WshufQKWLrS6LOb5ZD3Ec+oKZg6Jv2kBOPt/zfzfwT
Qwrn8tm3p5aAKUDwqUJRZM/hcjggIkUxdTPMcKj9sTnVvmbC37yITAphmFbkWbfx
0fNenqdhP/tPflvKl5yIgGg7lJvspizCRa10Wf+wQwPHMTsFiC2rMvPljBCXXn4X
g3N+7GUTOTiSTvIoJ7ajbPWK98WvLXhytF4QZ754KPGg3T2cJtb6bvCFNNKP8Mvq
umxMcmPpvhpUaMBuVQRnCXzetWUAOmue2x6APUWsDLXPZP8N2SaxHSlntSX3AgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQq+sp/MW2+DP85
T51ZUuUpkvGF8TAfBgNVHSMEGDAWgBQxNO6YfgjYtVg/7vYhoDFQxPNUNDAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8zMTM0RUU5ODdFMDhEOEI1NTgzRkVFRjYy
MUEwMzE1MEM0RjM1NDM0LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvTVRUdW1I
NEkyTFZZUC03MklhQXhVTVR6VkRRLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcxNjhmLzMv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS82Y2E4MTFmOC1kMDc1LTRlNTAtOWJiZi03YjJkMDkwNzE2OGYv
My8yQUZBQ0E3RjMxNkRCRTBDRkYzOTRGOUQ1OTUyRTUyOTkyRjE4NUYxLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqFB7H/jANBgkqhkiG9w0BAQsFAAOCAQEAmTNm
v+aXhi56KU1p4djp/g6ahu4JKAeZbmtaVF+CQnqvTZayQOxqz3qIQEwM4xSKF2DJ
8VuvOInjIFcGWiJACgKgpOZurTouhFIZhvy+x5GaYYbXiuKAelmCJTViq1sHNsyT
KybsLEdHFg7EOAeCTZk9Uf0s1sPWbuW7TTBWlLzY6Qs3b9j/ijO9fQU+vArHcSR5
W8HjYXpIhHA6BS6voPI//cb2opyt4iUXeTyKRqvBNWRVid6KSE8IQOsIS3Z/CqnB
pQrwpyhwjDbboaIyUbPdxj2U7lxb38v0YK5b9G/kefFTqLeS4ZMMEkzk4SE5YxBE
Gxjm1KNC1fBHE6Ylog==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:14:42 2024 by rpki-client on console-fra.rpki-client.org