Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
File:                     0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer (raw, json)
Hash identifier:          AatJYmEgyX9d7aRFjMuDQzyBkjndw2GH+WHtoCzY9CA=
Subject key identifier:   08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Certificate issuer:       /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial:       21BB67F984DBE7FA61F124BF0B6E119DDD44A98B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 17 May 2024 15:18:41 +0000
Certificate not after:    Fri 16 May 2025 15:23:41 +0000
Subordinate resources:    IP: 2a14:7581:8000::/36

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:bb:67:f9:84:db:e7:fa:61:f1:24:bf:0b:6e:11:9d:dd:44:a9:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
        Validity
            Not Before: May 17 15:18:41 2024 GMT
            Not After : May 16 15:23:41 2025 GMT
        Subject: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:ca:3d:c3:50:7d:eb:1f:54:ae:18:c6:ed:08:
                    66:92:88:24:c2:c7:a7:b7:38:04:71:37:ab:62:9e:
                    8f:f6:4c:c3:34:4c:7e:25:1b:b0:68:42:91:ba:23:
                    65:ac:2a:50:36:fa:11:83:ca:9a:5c:0e:09:a0:98:
                    76:96:d6:5b:0a:47:2e:db:4d:bc:56:8a:f4:4d:53:
                    98:f0:10:c4:51:92:8d:f2:39:81:30:d7:62:69:0b:
                    b4:fa:bd:a3:ff:e4:cf:7c:82:f8:5b:3c:d6:f2:a8:
                    a2:21:25:93:ce:ae:53:fb:77:00:7a:c8:3c:65:a0:
                    5a:24:9f:9c:89:02:47:e4:bc:60:f6:41:96:db:d9:
                    ec:5f:58:43:e9:85:b9:4f:36:c7:c9:1d:47:e1:e0:
                    f1:5e:db:75:bf:ba:91:17:54:cb:3b:b4:3e:72:d7:
                    20:5a:66:61:4f:3e:15:59:69:18:f5:09:25:61:99:
                    f4:f0:4a:6b:20:19:42:94:df:a0:c5:9f:ff:97:26:
                    fc:04:6f:e5:88:aa:49:57:7e:83:ae:92:de:3e:d6:
                    b0:6e:a4:d0:bd:6e:8b:d1:8c:6c:42:75:47:e9:a9:
                    46:32:6a:dc:2b:4c:b2:f2:20:ca:b8:b0:06:d0:42:
                    a5:af:74:b0:a2:02:39:3b:b7:9d:8e:04:9c:26:7e:
                    35:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
            X509v3 Authority Key Identifier:
                keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         16:ef:9c:36:70:81:d5:b6:f3:4f:0a:bb:03:d4:7f:20:de:d5:
         0d:ce:82:34:2b:46:70:ec:e8:e2:3e:d3:fa:b7:8a:0c:c8:12:
         cd:8e:46:86:de:52:c7:93:1a:df:46:8b:e5:d5:e1:77:fa:e6:
         d6:33:9a:1a:6f:cb:c1:44:9f:b6:c5:93:5e:3b:4b:c3:30:c8:
         a7:c9:50:0e:6e:a5:72:0c:e7:d5:69:66:31:8d:4e:83:43:b2:
         fb:be:04:b3:7a:31:85:56:f2:66:1b:38:03:1a:9a:95:50:f2:
         e6:11:6a:36:21:c0:a2:fc:db:7f:43:8b:4d:b4:24:b1:d5:42:
         bf:f7:05:d5:03:57:8b:ab:a7:79:5b:5c:dd:4a:20:66:76:2b:
         ac:4c:e7:57:cc:e2:98:1f:58:f0:aa:67:9e:10:4d:ce:96:b4:
         0e:f2:39:d6:73:ed:48:fb:94:3c:5a:54:5a:32:49:8f:97:6d:
         38:5e:36:2e:f8:b6:68:16:79:94:fb:52:3f:3b:d3:5b:b3:48:
         f1:85:bc:5b:78:69:29:c7:74:59:ab:1e:c2:5b:d5:76:09:3d:
         42:29:12:29:a3:f4:79:3f:61:94:39:4e:76:8e:65:58:c5:83:
         b5:bf:e5:94:55:8a:d0:54:b6:66:cd:d8:d0:09:ba:3a:7b:f0:
         2e:62:4b:9b
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUIbtn+YTb5/ph8SS/C24Rnd1EqYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA1MTcxNTE4NDFaFw0yNTA1MTYxNTIzNDFaMDMxMTAvBgNV
BAMTKDA4NzQ4MDExNjREQzk1RjBBQjlDQ0Q0QkQzMDRBM0VGNzhFOUYzOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvyj3DUH3rH1SuGMbtCGaSiCTC
x6e3OARxN6tino/2TMM0TH4lG7BoQpG6I2WsKlA2+hGDyppcDgmgmHaW1lsKRy7b
TbxWivRNU5jwEMRRko3yOYEw12JpC7T6vaP/5M98gvhbPNbyqKIhJZPOrlP7dwB6
yDxloFokn5yJAkfkvGD2QZbb2exfWEPphblPNsfJHUfh4PFe23W/upEXVMs7tD5y
1yBaZmFPPhVZaRj1CSVhmfTwSmsgGUKU36DFn/+XJvwEb+WIqklXfoOukt4+1rBu
pNC9bovRjGxCdUfpqUYyatwrTLLyIMq4sAbQQqWvdLCiAjk7t52OBJwmfjXxAgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIdIARZNyV8Kuc
zUvTBKPveOnzmzAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB
OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT
ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5MTE1LzEv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8zYzhlNGUxMS0zYWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUv
MS8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJEMzA0QTNFRjc4RTlGMzlCLm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgQqFHWBgDANBgkqhkiG9w0BAQsFAAOCAQEAFu+c
NnCB1bbzTwq7A9R/IN7VDc6CNCtGcOzo4j7T+reKDMgSzY5Ght5Sx5Ma30aL5dXh
d/rm1jOaGm/LwUSftsWTXjtLwzDIp8lQDm6lcgzn1WlmMY1Og0Oy+74Es3oxhVby
Zhs4AxqalVDy5hFqNiHAovzbf0OLTbQksdVCv/cF1QNXi6uneVtc3UogZnYrrEzn
V8zimB9Y8KpnnhBNzpa0DvI51nPtSPuUPFpUWjJJj5dtOF42Lvi2aBZ5lPtSPzvT
W7NI8YW8W3hpKcd0WasewlvVdgk9QikSKaP0eT9hlDlOdo5lWMWDtb/llFWK0FS2
Zs3Y0Am6OnvwLmJLmw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org