Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/B88A94DCA09E3A653C06F478434DC7C8F21E0518.cer
File:                     B88A94DCA09E3A653C06F478434DC7C8F21E0518.cer (raw, json)
Hash identifier:          BAdDRxijs+bYyh40aCZaqu/kI4DejrH5sz2R+YtwsW4=
Subject key identifier:   B8:8A:94:DC:A0:9E:3A:65:3C:06:F4:78:43:4D:C7:C8:F2:1E:05:18
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Certificate issuer:       /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial:       1DAF0F0FA5C46DC598C8235BE160D9FA75D8D54E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Manifest:                 rsync://rpki-repo.as207960.net/repo/rpki_ca_0a4637df5ba743fea1b482be8235818f/0/B88A94DCA09E3A653C06F478434DC7C8F21E0518.mft
caRepository:             rsync://rpki-repo.as207960.net/repo/rpki_ca_0a4637df5ba743fea1b482be8235818f/0/
Notify URL:               https://rpki.as207960.net/rrdp/notification.xml
Certificate not before:   Sun 07 Jul 2024 18:01:56 +0000
Certificate not after:    Sun 06 Jul 2025 18:06:56 +0000
Subordinate resources:    IP: 2a11:f2c0:b00b::/48
                          IP: 2a11:f2c0:fffd::/48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:af:0f:0f:a5:c4:6d:c5:98:c8:23:5b:e1:60:d9:fa:75:d8:d5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
        Validity
            Not Before: Jul  7 18:01:56 2024 GMT
            Not After : Jul  6 18:06:56 2025 GMT
        Subject: CN=B88A94DCA09E3A653C06F478434DC7C8F21E0518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:42:2a:4e:7e:26:9a:ca:f8:db:2c:49:41:60:
                    56:37:a5:63:36:92:77:0d:8c:11:b7:da:c1:74:71:
                    20:6a:f7:0a:f6:1b:1d:21:d9:43:2e:9d:4c:43:d2:
                    87:a1:4f:72:99:91:7e:a3:7c:7a:3e:68:21:02:d3:
                    3b:a2:b5:15:9c:5e:fb:b7:74:a0:ec:b5:40:66:34:
                    91:d1:f8:e6:5f:d7:89:7e:13:53:fe:4a:78:d9:73:
                    80:4a:ee:87:f5:ba:3f:b2:81:42:32:a5:32:5d:1d:
                    ed:35:91:0d:75:29:e6:ba:e8:8a:ab:22:f7:86:d6:
                    71:a9:ae:23:92:53:c7:c0:a0:01:a0:8f:29:4d:79:
                    36:2e:72:b3:b7:94:bb:57:24:62:bb:f1:b9:ae:83:
                    dc:aa:0e:ad:72:25:5d:b1:10:e3:83:1a:1c:13:9a:
                    a4:bf:8d:36:58:bf:9f:d9:a0:1c:9a:56:48:eb:32:
                    91:6a:66:c2:d5:3b:68:b2:10:f2:56:35:70:c0:c5:
                    0a:e7:58:0f:f6:fb:16:e9:90:ac:2d:19:16:35:96:
                    1c:17:0d:9b:a6:bd:a7:e5:cd:b0:e1:fc:66:eb:cc:
                    d5:00:a2:ee:c2:05:83:d4:ce:16:fb:25:7f:6f:c4:
                    0d:43:3b:00:85:eb:4d:c1:f4:2b:43:0d:f9:d8:d2:
                    45:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                B8:8A:94:DC:A0:9E:3A:65:3C:06:F4:78:43:4D:C7:C8:F2:1E:05:18
            X509v3 Authority Key Identifier:
                keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_0a4637df5ba743fea1b482be8235818f/0/
                RPKI Manifest - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_0a4637df5ba743fea1b482be8235818f/0/B88A94DCA09E3A653C06F478434DC7C8F21E0518.mft
                RPKI Notify - URI:https://rpki.as207960.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f2c0:b00b::/48
                  2a11:f2c0:fffd::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:b7:42:79:7f:4c:f9:2c:49:ed:63:fc:73:a6:14:6d:6c:07:
         5e:f6:07:cd:f2:39:6d:e1:b6:a4:7a:7e:31:82:5f:66:1a:65:
         78:28:15:62:5a:a5:ad:0b:02:40:98:c6:e6:f5:17:99:22:ce:
         bb:f1:f9:52:9d:d5:7a:25:3a:c3:d9:85:c1:73:a8:17:9e:4d:
         25:0e:c1:83:05:e5:9a:86:a9:3c:48:e2:f9:98:23:5a:04:b6:
         15:5d:74:f3:17:12:4c:b3:e2:d7:d2:a8:24:07:8c:b0:36:0d:
         c8:69:24:b6:68:ce:10:fe:91:ec:a5:03:00:16:c7:02:3c:7c:
         1f:c2:37:57:a0:b4:9e:f2:66:22:71:01:1d:da:af:52:25:19:
         0d:5c:dd:76:95:23:28:bb:89:66:d1:c0:b9:02:87:cf:03:e3:
         f2:e0:96:e6:8e:cb:70:a5:d1:33:82:8c:e7:8c:1a:c3:09:dc:
         83:cc:3a:34:2f:20:5c:3c:39:8f:f2:87:b5:ca:c8:16:d0:da:
         f7:b8:2f:6b:01:49:69:68:c3:ae:ed:1d:2c:ca:43:a0:51:c4:
         35:ac:13:c0:11:d4:e4:2a:4b:e1:a2:8d:79:b7:42:8d:81:b3:
         14:d0:a3:94:65:b0:f1:28:3d:ad:93:51:56:21:13:1d:db:8b:
         d8:90:17:45
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIUHa8PD6XEbcWYyCNb4WDZ+nXY1U4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNDA3MDcxODAxNTZaFw0yNTA3MDYxODA2NTZaMDMxMTAvBgNV
BAMTKEI4OEE5NERDQTA5RTNBNjUzQzA2RjQ3ODQzNERDN0M4RjIxRTA1MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9QipOfiaayvjbLElBYFY3pWM2
kncNjBG32sF0cSBq9wr2Gx0h2UMunUxD0oehT3KZkX6jfHo+aCEC0zuitRWcXvu3
dKDstUBmNJHR+OZf14l+E1P+SnjZc4BK7of1uj+ygUIypTJdHe01kQ11Kea66Iqr
IveG1nGpriOSU8fAoAGgjylNeTYucrO3lLtXJGK78bmug9yqDq1yJV2xEOODGhwT
mqS/jTZYv5/ZoByaVkjrMpFqZsLVO2iyEPJWNXDAxQrnWA/2+xbpkKwtGRY1lhwX
DZumvaflzbDh/GbrzNUAou7CBYPUzhb7JX9vxA1DOwCF603B9CtDDfnY0kV3AgMB
AAGjggLkMIIC4DAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS4ipTcoJ46ZTwG
9HhDTcfI8h4FGDAfBgNVHSMEGDAWgBQIOak9q1RMKW/6FDRWhEqLKBix0DAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kZGU4MzdmYi02MzkwLTQx
YjUtODJhMC1mMGQwMmMwM2EyYzYvNy8wODM5QTkzREFCNTQ0QzI5NkZGQTE0MzQ1
Njg0NEE4QjI4MThCMUQwLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvQ0RtcFBh
dFVUQ2x2LWhRMFZvUktpeWdZc2RBLmNlcjCCATYGCCsGAQUFBwELBIIBKDCCASQw
WwYIKwYBBQUHMAWGT3JzeW5jOi8vcnBraS1yZXBvLmFzMjA3OTYwLm5ldC9yZXBv
L3Jwa2lfY2FfMGE0NjM3ZGY1YmE3NDNmZWExYjQ4MmJlODIzNTgxOGYvMC8wgYcG
CCsGAQUFBzAKhntyc3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQvcmVwby9y
cGtpX2NhXzBhNDYzN2RmNWJhNzQzZmVhMWI0ODJiZTgyMzU4MThmLzAvQjg4QTk0
RENBMDlFM0E2NTNDMDZGNDc4NDM0REM3QzhGMjFFMDUxOC5tZnQwOwYIKwYBBQUH
MA2GL2h0dHBzOi8vcnBraS5hczIwNzk2MC5uZXQvcnJkcC9ub3RpZmljYXRpb24u
eG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAa
MBgEAgACMBIDBwAqEfLAsAsDBwAqEfLA//0wDQYJKoZIhvcNAQELBQADggEBACC3
Qnl/TPksSe1j/HOmFG1sB172B83yOW3htqR6fjGCX2YaZXgoFWJapa0LAkCYxub1
F5kizrvx+VKd1XolOsPZhcFzqBeeTSUOwYMF5ZqGqTxI4vmYI1oEthVddPMXEkyz
4tfSqCQHjLA2DchpJLZozhD+keylAwAWxwI8fB/CN1egtJ7yZiJxAR3ar1IlGQ1c
3XaVIyi7iWbRwLkCh88D4/LgluaOy3Cl0TOCjOeMGsMJ3IPMOjQvIFw8OY/yh7XK
yBbQ2ve4L2sBSWlow67tHSzKQ6BRxDWsE8AR1OQqS+GijXm3Qo2BsxTQo5RlsPEo
Pa2TUVYhEx3bi9iQF0U=
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:41:47 2024 by rpki-client on console-fra.rpki-client.org