Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/58E92F2C3859C2D0EF322A871688CB22928E2F3E.cer
File:                     58E92F2C3859C2D0EF322A871688CB22928E2F3E.cer (raw, json)
Hash identifier:          gYiT3SS0bbmQQSp3p/LPeJzfbx3ujd90DskZO9GZ0PQ=
Subject key identifier:   58:E9:2F:2C:38:59:C2:D0:EF:32:2A:87:16:88:CB:22:92:8E:2F:3E
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Certificate issuer:       /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial:       5063DA1F10F60E92D117002C87917351C077BFE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/3/58E92F2C3859C2D0EF322A871688CB22928E2F3E.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/3/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 03 May 2024 00:41:48 +0000
Certificate not after:    Fri 02 May 2025 00:46:48 +0000
Subordinate resources:    IP: 2a14:14c1:100::/48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 18:58:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:63:da:1f:10:f6:0e:92:d1:17:00:2c:87:91:73:51:c0:77:bf:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
        Validity
            Not Before: May  3 00:41:48 2024 GMT
            Not After : May  2 00:46:48 2025 GMT
        Subject: CN=58E92F2C3859C2D0EF322A871688CB22928E2F3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:bb:50:d3:8d:4e:ea:b8:3c:5a:1e:c9:d4:33:
                    0a:05:4a:bc:40:d5:1c:10:c9:5d:39:fd:29:5e:9c:
                    b2:80:8a:4a:ab:b5:1d:05:4a:29:f6:df:4b:ef:7e:
                    a4:b2:0c:71:89:20:3f:24:67:fa:88:d0:07:32:0b:
                    20:5b:52:7b:ed:3b:38:ef:4a:d2:a9:44:4a:e1:0c:
                    c0:4e:46:72:a9:10:71:fc:18:e5:93:82:96:5c:78:
                    82:17:19:b9:e3:89:5f:8b:58:21:06:a2:dd:20:8d:
                    fe:eb:aa:cc:72:6b:be:1b:64:95:a9:e9:28:1d:17:
                    82:c3:00:ce:56:2b:b8:3a:33:d1:cd:03:6e:19:17:
                    4c:23:73:28:d5:dc:a0:c4:e5:10:2c:a4:21:e4:74:
                    70:da:58:bc:03:cb:aa:33:ea:08:1a:17:ec:9e:be:
                    b0:f2:25:fb:32:15:ca:65:92:cc:17:50:8b:f4:20:
                    9b:2c:41:57:dc:9a:60:6f:30:3b:3d:c9:a3:be:12:
                    23:ee:fe:8e:a4:ff:69:77:9f:26:bb:ce:16:c5:19:
                    b9:0a:16:bc:9f:cf:d7:ae:f4:b9:58:01:47:12:4b:
                    8f:bc:9f:3a:9b:8a:ce:f1:6e:65:c1:38:90:aa:28:
                    41:68:3b:51:a2:eb:10:78:e7:2a:65:0d:b4:87:65:
                    8c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                58:E9:2F:2C:38:59:C2:D0:EF:32:2A:87:16:88:CB:22:92:8E:2F:3E
            X509v3 Authority Key Identifier:
                keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/3/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/3/58E92F2C3859C2D0EF322A871688CB22928E2F3E.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:14c1:100::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:e3:ad:a0:94:e0:0e:ce:fc:29:fc:94:90:e5:09:3d:9a:e4:
         1d:87:09:c6:36:08:e1:ec:5a:3a:9c:44:6b:5a:e3:94:38:bf:
         fa:1a:9f:d0:fa:89:22:82:47:5a:a5:b4:1b:22:cf:e4:11:1f:
         76:07:c6:38:06:00:bd:98:90:2b:f3:bd:02:d3:0e:6d:18:9d:
         2d:2e:36:cc:b2:b6:0a:c2:0f:dd:35:d9:f7:e4:40:a9:78:40:
         f4:8f:7d:21:7a:43:9b:99:19:35:37:a1:75:3f:55:85:da:f6:
         df:6b:15:ae:32:b4:d5:b4:e2:85:66:35:ee:e7:91:7d:32:78:
         cf:0f:01:31:75:57:c1:30:58:ac:b4:94:e7:a9:a9:2c:6c:8d:
         dd:9a:49:17:d4:85:a5:d9:1a:10:73:2c:53:8c:74:f0:ff:71:
         2e:62:77:b3:7e:82:e5:d0:73:f5:3a:8b:37:c3:77:77:66:e1:
         e1:4b:7f:c3:11:96:e4:73:8a:66:24:bb:f5:74:d3:dd:bc:4d:
         bc:d0:e0:fa:20:f9:b0:24:d1:99:28:e2:24:9f:a0:29:28:b1:
         36:94:18:46:b1:af:99:9c:84:c4:81:8d:c9:54:c6:c8:5e:96:
         09:bd:82:75:ff:5d:e0:57:21:01:17:b5:17:35:02:f1:d9:b7:
         35:ad:b4:92
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIUUGPaHxD2DpLRFwAsh5FzUcB3v+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNDA1MDMwMDQxNDhaFw0yNTA1MDIwMDQ2NDhaMDMxMTAvBgNV
BAMTKDU4RTkyRjJDMzg1OUMyRDBFRjMyMkE4NzE2ODhDQjIyOTI4RTJGM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAu1DTjU7quDxaHsnUMwoFSrxA
1RwQyV05/SlenLKAikqrtR0FSin230vvfqSyDHGJID8kZ/qI0AcyCyBbUnvtOzjv
StKpRErhDMBORnKpEHH8GOWTgpZceIIXGbnjiV+LWCEGot0gjf7rqsxya74bZJWp
6SgdF4LDAM5WK7g6M9HNA24ZF0wjcyjV3KDE5RAspCHkdHDaWLwDy6oz6ggaF+ye
vrDyJfsyFcplkswXUIv0IJssQVfcmmBvMDs9yaO+EiPu/o6k/2l3nya7zhbFGbkK
Fryfz9eu9LlYAUcSS4+8nzqbis7xbmXBOJCqKEFoO1Gi6xB45yplDbSHZYyDAgMB
AAGjggLkMIIC4DAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRY6S8sOFnC0O8y
KocWiMsiko4vPjAfBgNVHSMEGDAWgBQlgn2EBWuERMwqeEJ1kDU1S4QWvDAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS82OWJiZmRjZi0zNWNkLTQ1
MjQtOGZmYS0zMDA1YjBiNjlhMjkvMC8yNTgyN0Q4NDA1NkI4NDQ0Q0MyQTc4NDI3
NTkwMzUzNTRCODQxNkJDLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvSllKOWhB
VnJoRVRNS25oQ2RaQTFOVXVFRnJ3LmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2NhZTNmLzMv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRkYjUtYmJkMy01Y2NhNjMzY2FlM2Yv
My81OEU5MkYyQzM4NTlDMkQwRUYzMjJBODcxNjg4Q0IyMjkyOEUyRjNFLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUH
AQcBAf8EEzARMA8EAgACMAkDBwAqFBTBAQAwDQYJKoZIhvcNAQELBQADggEBAEXj
raCU4A7O/Cn8lJDlCT2a5B2HCcY2COHsWjqcRGta45Q4v/oan9D6iSKCR1qltBsi
z+QRH3YHxjgGAL2YkCvzvQLTDm0YnS0uNsyytgrCD9012ffkQKl4QPSPfSF6Q5uZ
GTU3oXU/VYXa9t9rFa4ytNW04oVmNe7nkX0yeM8PATF1V8EwWKy0lOepqSxsjd2a
SRfUhaXZGhBzLFOMdPD/cS5id7N+guXQc/U6izfDd3dm4eFLf8MRluRzimYku/V0
0928TbzQ4Pog+bAk0Zko4iSfoCkosTaUGEaxr5mchMSBjclUxshelgm9gnX/XeBX
IQEXtRc1AvHZtzWttJI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:01:30 2024 by rpki-client on console-fra.rpki-client.org