Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
File:                     D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer (raw, json)
Hash identifier:          J14RTmYMzwenBicjUfmrjyMu93QKXFK8qxck8woMFpU=
Subject key identifier:   D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Certificate issuer:       /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial:       1952D91D521904B841FFF65AF14017B0003CE6AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Tue 23 Jul 2024 04:44:07 +0000
Certificate not after:    Tue 22 Jul 2025 04:49:07 +0000
Subordinate resources:    IP: 2a0b:4e07::/32

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 18:58:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:52:d9:1d:52:19:04:b8:41:ff:f6:5a:f1:40:17:b0:00:3c:e6:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
        Validity
            Not Before: Jul 23 04:44:07 2024 GMT
            Not After : Jul 22 04:49:07 2025 GMT
        Subject: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a3:14:3c:26:8b:63:d6:0a:57:8d:be:9f:ad:
                    9a:4c:b0:46:38:bb:c6:ab:65:55:34:ce:e7:6f:3b:
                    e5:b9:6f:54:aa:ae:92:10:8c:80:e7:39:e5:52:9d:
                    74:dd:a6:54:ae:0e:1a:ae:94:ec:79:36:73:7b:94:
                    4b:09:8f:60:3d:aa:66:d7:17:6a:c3:5c:7f:79:cb:
                    e5:8d:35:16:0c:e1:aa:b6:20:56:65:e1:a7:ef:d9:
                    4a:06:e8:2a:87:0d:ea:69:87:d8:01:46:86:f4:ca:
                    b7:50:11:54:70:09:91:ff:86:a9:bf:3d:a3:6a:1c:
                    0c:aa:04:4f:b4:e1:1c:13:d5:f6:8e:98:5f:91:24:
                    ee:a4:76:6b:e7:fe:6a:39:9d:5c:12:c0:18:6b:92:
                    5f:cb:33:e5:d0:33:ef:e0:ef:47:db:3c:68:0a:f3:
                    3a:b9:61:3b:98:ff:0c:4a:cd:25:2b:ed:c7:a6:02:
                    21:03:94:d8:b7:e8:2d:5f:4d:38:fe:d4:45:13:6e:
                    de:cf:25:4d:2e:93:b4:b0:98:93:ce:67:3d:ca:b6:
                    1a:c2:ae:d9:9e:ee:8f:14:18:59:63:83:06:78:79:
                    61:39:9c:2e:3e:8f:d8:6e:b3:1e:1e:ee:c3:f8:e9:
                    b2:9f:ae:d4:bc:dd:cc:8d:b2:93:1c:7e:b6:9f:20:
                    9e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
            X509v3 Authority Key Identifier:
                keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07::/32

    Signature Algorithm: sha256WithRSAEncryption
         12:cc:c3:58:59:46:48:b7:07:a0:b8:16:7f:4f:21:95:bc:c4:
         98:15:6a:96:9b:f4:20:6e:05:97:1b:b5:fc:fc:26:5e:8b:4f:
         55:3b:29:99:f8:f9:74:5c:37:09:39:6f:c3:d9:f1:69:f5:d6:
         1c:b9:19:42:28:29:c4:2b:38:17:f4:d3:5f:42:0c:34:4a:f8:
         14:01:39:66:c3:18:df:2c:45:7f:3f:96:55:39:36:2a:89:18:
         06:c2:de:26:68:7b:93:6d:3d:0b:f1:70:2b:43:78:03:7d:af:
         e1:b6:b0:e1:13:ac:d5:d8:92:e5:0e:4e:5a:eb:b4:1c:f1:f2:
         1e:a9:ff:82:90:44:23:ad:7c:ed:98:2b:c6:b4:64:b4:49:39:
         1f:7e:59:40:f5:4c:96:d7:36:ab:7c:c5:1f:9b:bf:a7:4d:12:
         a1:ae:a4:5c:bd:ef:44:7b:e7:6e:30:25:ca:8c:58:db:23:23:
         9f:99:ed:34:44:40:81:1c:4d:f6:20:14:17:eb:df:ff:6b:6d:
         df:6e:cf:9e:4c:3d:f4:39:bf:95:bd:1a:fb:14:5c:29:3a:67:
         35:90:4a:e9:72:46:0b:12:2f:99:5d:86:49:6c:fc:e8:86:17:
         20:3c:b6:59:0f:cf:8f:80:4e:b1:47:37:14:56:2b:4e:16:be:
         a2:6b:1c:e7
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgIUGVLZHVIZBLhB//Za8UAXsAA85q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNDA3MjMwNDQ0MDdaFw0yNTA3MjIwNDQ5MDdaMDMxMTAvBgNV
BAMTKEQxODIwNzQ2NkFCMEE3RDdEMUVGM0M3Q0QwMkU4MEJFRDU4MzQwQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1oxQ8Jotj1gpXjb6frZpMsEY4
u8arZVU0zudvO+W5b1SqrpIQjIDnOeVSnXTdplSuDhqulOx5NnN7lEsJj2A9qmbX
F2rDXH95y+WNNRYM4aq2IFZl4afv2UoG6CqHDepph9gBRob0yrdQEVRwCZH/hqm/
PaNqHAyqBE+04RwT1faOmF+RJO6kdmvn/mo5nVwSwBhrkl/LM+XQM+/g70fbPGgK
8zq5YTuY/wxKzSUr7cemAiEDlNi36C1fTTj+1EUTbt7PJU0uk7SwmJPOZz3KthrC
rtme7o8UGFljgwZ4eWE5nC4+j9husx4e7sP46bKfrtS83cyNspMcfrafIJ6fAgMB
AAGjggLiMIIC3jAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTRggdGarCn19Hv
PHzQLoC+1YNAvDAfBgNVHSMEGDAWgBRC5Qj7qJYPSAcbEZrMv1e9vzqAVzAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC80MkU1MDhGQkE4OTYwRjQ4MDcxQjExOUFD
Q0JGNTdCREJGM0E4MDU3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUXVVSS02
aVdEMGdIR3hHYXpMOVh2Yjg2Z0ZjLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5M2U2LzIv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYv
Mi9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NEMDJFODBCRUQ1ODM0MEJDLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUH
AQcBAf8EETAPMA0EAgACMAcDBQAqC04HMA0GCSqGSIb3DQEBCwUAA4IBAQASzMNY
WUZItweguBZ/TyGVvMSYFWqWm/QgbgWXG7X8/CZei09VOymZ+Pl0XDcJOW/D2fFp
9dYcuRlCKCnEKzgX9NNfQgw0SvgUATlmwxjfLEV/P5ZVOTYqiRgGwt4maHuTbT0L
8XArQ3gDfa/htrDhE6zV2JLlDk5a67Qc8fIeqf+CkEQjrXztmCvGtGS0STkffllA
9UyW1zarfMUfm7+nTRKhrqRcve9Ee+duMCXKjFjbIyOfme00RECBHE32IBQX69//
a23fbs+eTD30Ob+VvRr7FFwpOmc1kErpckYLEi+ZXYZJbPzohhcgPLZZD8+PgE6x
RzcUVitOFr6iaxzn
-----END CERTIFICATE-----
Generated at Thu Nov 21 04:08:11 2024 by rpki-client on console-ams.rpki-client.org