Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer
File:                     3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer (raw, json)
Hash identifier:          E5O/SJDKu+GlMp+YpYs8UlubqFxWpH2MOIjFi9tzjrI=
Subject key identifier:   3B:86:A4:A4:53:80:C6:D4:55:CD:E5:80:DE:D1:BC:56:12:D0:A5:78
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Certificate issuer:       /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial:       3C1ED3B4A2A746B6990BCB66F98808CEF454BF53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Manifest:                 rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
caRepository:             rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/
Notify URL:               https://rpki.as207960.net/rrdp/notification.xml
Certificate not before:   Sun 07 Jul 2024 17:59:10 +0000
Certificate not after:    Sun 06 Jul 2025 18:04:10 +0000
Subordinate resources:    IP: 2a11:f2c0:ffd0::/44

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:1e:d3:b4:a2:a7:46:b6:99:0b:cb:66:f9:88:08:ce:f4:54:bf:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
        Validity
            Not Before: Jul  7 17:59:10 2024 GMT
            Not After : Jul  6 18:04:10 2025 GMT
        Subject: CN=3B86A4A45380C6D455CDE580DED1BC5612D0A578
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7f:81:19:86:dd:fc:e2:9b:7f:d5:0c:63:45:
                    69:69:8f:71:12:a2:28:2c:ba:7d:4e:69:33:81:65:
                    e6:e5:c9:bb:59:cc:47:8f:c7:1f:b3:38:b2:1d:40:
                    b4:7c:d7:7c:4e:0a:f6:0e:09:5a:44:48:0b:59:2b:
                    99:7d:ab:c0:e9:7d:c2:84:7b:c0:5e:db:bd:05:92:
                    c5:61:2a:dc:24:2f:b0:02:a7:c4:01:fe:a4:52:c1:
                    07:ad:ef:e2:8b:e8:21:e9:71:bb:c3:6e:91:2d:78:
                    ca:0a:8b:c5:1d:15:8b:4c:e9:72:1d:41:90:d8:28:
                    9c:b5:5d:db:db:f1:da:8b:3e:3b:43:f9:40:dd:e1:
                    f7:22:ad:b0:c7:b1:20:8b:f4:4e:ee:65:64:a0:6f:
                    9d:c7:c0:38:db:f9:86:a8:86:39:90:a0:20:0f:20:
                    75:7c:09:3b:eb:4a:26:81:64:c2:f3:d3:2b:7b:83:
                    c8:c6:72:a2:ab:dd:92:9a:30:95:c6:ca:db:35:ad:
                    33:b8:99:84:9d:ff:a5:f4:8d:13:d6:5e:e0:5b:f2:
                    ab:33:09:2f:58:ab:89:a6:77:47:fd:48:c2:71:50:
                    58:ab:48:1a:db:b0:8c:86:79:87:16:56:80:3b:ce:
                    f6:43:e8:92:58:f2:40:cd:59:89:7d:b1:2f:f9:f9:
                    7f:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                3B:86:A4:A4:53:80:C6:D4:55:CD:E5:80:DE:D1:BC:56:12:D0:A5:78
            X509v3 Authority Key Identifier:
                keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/
                RPKI Manifest - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
                RPKI Notify - URI:https://rpki.as207960.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f2c0:ffd0::/44

    Signature Algorithm: sha256WithRSAEncryption
         1c:b0:55:03:48:86:54:75:ad:82:c5:b5:fc:d3:ef:46:9e:e0:
         e9:c0:72:61:87:43:c8:ef:ae:c3:04:32:38:1d:fd:8b:f5:1b:
         fb:2d:39:c6:b3:69:22:77:b6:9e:2d:66:6d:a9:0c:d5:f4:71:
         6a:cf:1e:78:29:0c:29:8f:2e:89:ee:4d:ef:2d:9e:d8:c7:65:
         73:f1:be:c8:c2:f8:00:68:8d:05:11:c4:f0:a7:d2:14:fc:b4:
         71:10:d1:d5:af:12:f3:89:5c:20:d9:db:ea:c4:c6:cf:1c:b2:
         7c:f9:2f:f4:dd:b0:6c:18:08:3c:0a:89:b5:d0:b5:68:47:c4:
         c4:01:33:b8:db:9a:b4:90:d5:84:17:b8:5c:e1:9c:bb:df:e0:
         a6:45:a2:e3:19:29:aa:74:83:ac:e0:cf:c9:d7:d0:25:ea:2c:
         c5:2b:18:da:fd:c9:f2:56:df:79:a8:e2:5c:c1:79:5c:76:ed:
         bb:61:dc:ee:3c:bd:83:53:f0:c5:0e:39:0f:03:13:c0:e8:15:
         4e:57:ac:ed:49:b5:6f:79:53:ab:01:30:27:83:28:51:00:53:
         d9:ea:80:93:d1:82:b8:0c:1e:84:08:b1:da:2a:d7:cc:ed:01:
         02:61:b3:85:1b:27:c0:18:2a:fe:8a:e1:3b:25:c4:69:2c:d2:
         80:17:47:7b
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgIUPB7TtKKnRraZC8tm+YgIzvRUv1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNDA3MDcxNzU5MTBaFw0yNTA3MDYxODA0MTBaMDMxMTAvBgNV
BAMTKDNCODZBNEE0NTM4MEM2RDQ1NUNERTU4MERFRDFCQzU2MTJEMEE1NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2f4EZht384pt/1QxjRWlpj3ES
oigsun1OaTOBZeblybtZzEePxx+zOLIdQLR813xOCvYOCVpESAtZK5l9q8DpfcKE
e8Be270FksVhKtwkL7ACp8QB/qRSwQet7+KL6CHpcbvDbpEteMoKi8UdFYtM6XId
QZDYKJy1Xdvb8dqLPjtD+UDd4fcirbDHsSCL9E7uZWSgb53HwDjb+YaohjmQoCAP
IHV8CTvrSiaBZMLz0yt7g8jGcqKr3ZKaMJXGyts1rTO4mYSd/6X0jRPWXuBb8qsz
CS9Yq4mmd0f9SMJxUFirSBrbsIyGeYcWVoA7zvZD6JJY8kDNWYl9sS/5+X/rAgMB
AAGjggLbMIIC1zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ7hqSkU4DG1FXN
5YDe0bxWEtCleDAfBgNVHSMEGDAWgBQIOak9q1RMKW/6FDRWhEqLKBix0DAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kZGU4MzdmYi02MzkwLTQx
YjUtODJhMC1mMGQwMmMwM2EyYzYvNy8wODM5QTkzREFCNTQ0QzI5NkZGQTE0MzQ1
Njg0NEE4QjI4MThCMUQwLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvQ0RtcFBh
dFVUQ2x2LWhRMFZvUktpeWdZc2RBLmNlcjCCATYGCCsGAQUFBwELBIIBKDCCASQw
WwYIKwYBBQUHMAWGT3JzeW5jOi8vcnBraS1yZXBvLmFzMjA3OTYwLm5ldC9yZXBv
L3Jwa2lfY2FfMjU0MDVjNzZjN2EwNDNjODlhY2UxNjdlOWQyY2Y3OWMvMC8wgYcG
CCsGAQUFBzAKhntyc3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQvcmVwby9y
cGtpX2NhXzI1NDA1Yzc2YzdhMDQzYzg5YWNlMTY3ZTlkMmNmNzljLzAvM0I4NkE0
QTQ1MzgwQzZENDU1Q0RFNTgwREVEMUJDNTYxMkQwQTU3OC5tZnQwOwYIKwYBBQUH
MA2GL2h0dHBzOi8vcnBraS5hczIwNzk2MC5uZXQvcnJkcC9ub3RpZmljYXRpb24u
eG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwQqEfLA/9AwDQYJKoZIhvcNAQELBQADggEBABywVQNIhlR1rYLF
tfzT70ae4OnAcmGHQ8jvrsMEMjgd/Yv1G/stOcazaSJ3tp4tZm2pDNX0cWrPHngp
DCmPLonuTe8tntjHZXPxvsjC+ABojQURxPCn0hT8tHEQ0dWvEvOJXCDZ2+rExs8c
snz5L/TdsGwYCDwKibXQtWhHxMQBM7jbmrSQ1YQXuFzhnLvf4KZFouMZKap0g6zg
z8nX0CXqLMUrGNr9yfJW33mo4lzBeVx27bth3O48vYNT8MUOOQ8DE8DoFU5XrO1J
tW95U6sBMCeDKFEAU9nqgJPRgrgMHoQIsdoq18ztAQJhs4UbJ8AYKv6K4TslxGks
0oAXR3s=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:06:10 2024 by rpki-client on console-fra.rpki-client.org