Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
File:                     069FAF47FF48AEF4C98F5097074530A74C111AB9.cer (raw, json)
Hash identifier:          2+h1amcAu102UZF5surMwDhLAz2zyyoGyRbbH1j3K40=
Subject key identifier:   06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       463DDE3EA0F57111D01A536992C3859119F18BF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 29 Apr 2024 19:32:42 +0000
Certificate not after:    Mon 28 Apr 2025 19:37:42 +0000
Subordinate resources:    IP: 2a0f:85c1:351::/48
                          IP: 2a0f:85c1:357::/48
                          IP: 2a0f:85c1:363::/48
                          IP: 2a0f:85c1:600::/40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jul 2024 13:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:3d:de:3e:a0:f5:71:11:d0:1a:53:69:92:c3:85:91:19:f1:8b:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Apr 29 19:32:42 2024 GMT
            Not After : Apr 28 19:37:42 2025 GMT
        Subject: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9e:91:87:ed:aa:54:fd:56:d0:e6:22:93:12:
                    0a:0c:3e:91:81:80:a3:0d:4a:75:d5:54:62:9d:66:
                    e2:7e:67:18:92:bc:dc:ea:7e:da:1d:5f:6d:32:b4:
                    95:ce:ae:9a:bf:89:c6:57:a3:df:7f:5b:92:e3:72:
                    29:c2:77:8c:78:c2:79:9e:0b:b8:18:d6:de:32:cf:
                    1f:d8:37:d2:87:50:2c:db:e3:b5:75:7f:30:33:44:
                    03:48:45:99:14:11:f0:b8:53:7e:f5:92:16:32:cb:
                    1f:34:a5:8c:2f:3b:a3:5e:8e:f6:12:d7:15:23:a5:
                    50:d7:7f:26:08:80:09:4c:55:e3:e0:04:77:9e:25:
                    a6:8b:58:90:e5:39:ef:97:d3:fc:d7:3e:75:73:f2:
                    1d:92:d1:bc:e1:8a:c7:f1:ca:6a:68:e9:db:fb:ba:
                    f2:6e:02:a8:30:a7:e6:4b:f2:8c:6c:23:72:0a:da:
                    90:04:23:b2:66:9c:b3:04:e9:a1:30:95:b7:3e:53:
                    d6:fb:92:98:f4:ec:29:fa:b8:37:b1:6a:bb:f8:db:
                    3e:d9:69:dc:63:4c:92:5f:96:d8:11:92:8b:5d:c8:
                    9a:6c:38:1c:bc:e6:15:79:92:94:77:58:57:eb:bd:
                    86:aa:fb:61:73:13:f7:f0:d4:4f:fa:8f:20:90:b0:
                    31:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:351::/48
                  2a0f:85c1:357::/48
                  2a0f:85c1:363::/48
                  2a0f:85c1:600::/40

    Signature Algorithm: sha256WithRSAEncryption
         7b:68:b1:84:98:28:b0:d2:6b:51:4b:2c:b6:7a:48:37:2c:1d:
         73:cc:b2:5a:3f:7f:25:f6:2f:3f:98:bd:ff:65:9b:6e:5f:d2:
         00:61:50:cb:dc:94:67:bc:2f:96:1a:b2:97:6b:5e:97:84:65:
         d7:9b:a4:e0:9e:f2:f2:84:96:9b:ce:3e:52:7c:e9:9d:b7:71:
         14:59:67:22:2a:19:cf:e7:c9:2a:3c:b2:b8:46:db:e3:f2:b3:
         07:88:0d:05:72:63:74:81:94:31:77:58:49:77:2b:91:05:64:
         a3:c3:01:18:10:b1:ef:3c:53:b6:7f:b5:f0:3b:2e:1a:3c:7d:
         ff:b4:f1:7a:a0:84:a6:76:bf:15:dc:ba:b6:98:f8:93:c7:fe:
         fb:74:e9:31:94:cc:03:42:88:1c:df:2e:70:09:0a:a8:4f:cb:
         ea:ad:77:fd:d0:9a:27:18:25:17:e5:38:7b:8d:f1:29:60:9c:
         83:d3:f5:87:a6:96:de:00:5e:01:a7:42:10:12:5f:1a:ba:2a:
         5d:61:35:6b:a4:ec:28:13:10:3d:0e:db:bf:99:cf:b4:a5:9b:
         50:5f:27:0d:c5:a0:a9:7a:51:e3:10:ba:f7:54:d2:4c:5f:81:
         68:35:63:79:a6:57:5d:de:90:38:ea:ec:87:f7:2d:6b:d2:5f:
         3d:7c:bd:a8
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgIURj3ePqD1cRHQGlNpksOFkRnxi/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA0MjkxOTMyNDJaFw0yNTA0MjgxOTM3NDJaMDMxMTAvBgNV
BAMTKDA2OUZBRjQ3RkY0OEFFRjRDOThGNTA5NzA3NDUzMEE3NEMxMTFBQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKnpGH7apU/VbQ5iKTEgoMPpGB
gKMNSnXVVGKdZuJ+ZxiSvNzqftodX20ytJXOrpq/icZXo99/W5LjcinCd4x4wnme
C7gY1t4yzx/YN9KHUCzb47V1fzAzRANIRZkUEfC4U371khYyyx80pYwvO6NejvYS
1xUjpVDXfyYIgAlMVePgBHeeJaaLWJDlOe+X0/zXPnVz8h2S0bzhisfxympo6dv7
uvJuAqgwp+ZL8oxsI3IK2pAEI7JmnLME6aEwlbc+U9b7kpj07Cn6uDexarv42z7Z
adxjTJJfltgRkotdyJpsOBy85hV5kpR3WFfrvYaq+2FzE/fw1E/6jyCQsDHRAgMB
AAGjggL+MIIC+jAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQGn69H/0iu9MmP
UJcHRTCnTBEauTAfBgNVHSMEGDAWgBRa5ENwKWWVOfVPkAs15DvgapSzezAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC81QUU0NDM3MDI5NjU5NTM5RjU0RjkwMEIz
NUU0M0JFMDZBOTRCMzdCLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvV3VSRGND
bGxsVG4xVDVBTE5lUTc0R3FVczNzLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4NjgzNzQ4LzIv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgv
Mi8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcwNzQ1MzBBNzRDMTExQUI5Lm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwPAYIKwYBBQUH
AQcBAf8ELTArMCkEAgACMCMDBwAqD4XBA1EDBwAqD4XBA1cDBwAqD4XBA2MDBgAq
D4XBBjANBgkqhkiG9w0BAQsFAAOCAQEAe2ixhJgosNJrUUsstnpINywdc8yyWj9/
JfYvP5i9/2Wbbl/SAGFQy9yUZ7wvlhqyl2tel4Rl15uk4J7y8oSWm84+Unzpnbdx
FFlnIioZz+fJKjyyuEbb4/KzB4gNBXJjdIGUMXdYSXcrkQVko8MBGBCx7zxTtn+1
8DsuGjx9/7TxeqCEpna/Fdy6tpj4k8f++3TpMZTMA0KIHN8ucAkKqE/L6q13/dCa
JxglF+U4e43xKWCcg9P1h6aW3gBeAadCEBJfGroqXWE1a6TsKBMQPQ7bv5nPtKWb
UF8nDcWgqXpR4xC691TSTF+BaDVjeaZXXd6QOOrsh/cta9JfPXy9qA==
-----END CERTIFICATE-----
Generated at Wed Jul 17 20:57:13 2024 by rpki-client on console-fra.rpki-client.org