Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yzvaOHewO7evSs-WD9wvlt6JH_E.cer
File:                     yzvaOHewO7evSs-WD9wvlt6JH_E.cer (raw, json)
Hash identifier:          L5bmPWl4wMI6FRE+GxDPcK3Sh8aZQ41zYxzL+k2BoZc=
Subject key identifier:   CB:3B:DA:38:77:B0:3B:B7:AF:4A:CF:96:0F:DC:2F:96:DE:89:1F:F1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019864CDF32E96E2B1DA89F83F423D964035
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/yzvaOHewO7evSs-WD9wvlt6JH_E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Aug 2025 08:44:35 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 2488
                          IP: 147.125.0.0/16
                          IP: 2001:67c:1b70::/48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:64:cd:f3:2e:96:e2:b1:da:89:f8:3f:42:3d:96:40:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug  1 08:44:35 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=cb3bda3877b03bb7af4acf960fdc2f96de891ff1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:56:0a:61:7d:a1:55:87:77:75:f1:b7:ed:6e:
                    ec:46:3f:00:9b:09:d2:05:f4:4c:d5:19:5f:4f:f3:
                    50:3d:1a:a5:b2:24:5c:e4:1f:c4:4e:ad:ce:d2:67:
                    b8:79:5e:c3:68:43:9d:6f:1d:d8:c7:b7:76:3e:34:
                    0e:87:ed:d0:97:43:e8:66:65:a3:54:cb:2a:88:ee:
                    48:4e:6b:8d:42:96:ba:d5:af:f6:b8:eb:53:ee:92:
                    7e:a1:61:6b:c0:6d:fa:4f:c1:b6:09:20:fe:29:be:
                    f0:78:9c:d1:21:f4:83:45:36:fd:b7:c6:69:50:73:
                    61:f9:6e:e7:2c:2d:d0:e3:28:e4:44:d0:c2:19:e7:
                    99:94:d0:16:a8:74:d3:fe:b0:2d:e9:cd:7d:4f:c6:
                    25:91:2f:04:dc:b5:e5:69:15:73:31:c5:4d:5f:0e:
                    28:b3:6a:eb:6d:39:0b:eb:56:a3:56:99:03:76:0d:
                    3d:61:87:1b:9f:47:70:4e:11:bb:95:1f:07:3b:af:
                    b9:5d:17:ef:bd:c9:1c:ba:86:be:62:8b:ff:ad:a1:
                    0d:43:f9:71:6d:00:ef:c6:4f:81:8b:9a:c1:40:49:
                    2d:ba:ae:1e:42:88:47:e5:2e:56:48:07:d9:66:80:
                    e0:cf:df:ad:ac:6d:1e:ab:ca:a0:9d:21:6f:55:85:
                    6a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:3B:DA:38:77:B0:3B:B7:AF:4A:CF:96:0F:DC:2F:96:DE:89:1F:F1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/yzvaOHewO7evSs-WD9wvlt6JH_E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.125.0.0/16
                IPv6:
                  2001:67c:1b70::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  2488

    Signature Algorithm: sha256WithRSAEncryption
         77:4a:93:b8:96:b4:c2:aa:6f:a2:6e:9f:04:a5:aa:8b:4e:47:
         dc:71:b4:7b:9e:28:90:3a:16:64:e2:0d:66:0b:48:97:6c:7c:
         23:44:69:79:61:3d:3f:97:0c:50:27:dc:da:fb:38:69:04:08:
         b2:40:db:87:3c:3c:b0:9c:e6:67:bd:d1:a1:11:d1:99:c5:83:
         83:80:5a:27:1d:d8:ed:7f:a7:c1:3a:e7:c9:5f:5a:2c:a0:36:
         42:f2:78:7d:75:ea:71:55:12:8a:6c:a8:87:0a:56:07:a3:82:
         66:5a:4e:18:1a:50:19:7b:40:72:41:c7:94:fc:58:7c:30:9b:
         5b:39:7a:1d:a6:b9:e1:bc:99:a8:02:88:de:5e:7f:63:40:09:
         c9:43:db:fb:33:e7:91:32:90:c6:78:2f:f8:94:f5:c8:9e:57:
         ab:4e:a8:8b:0d:e0:05:16:ee:66:de:64:3b:62:16:be:b9:b9:
         18:23:50:2a:01:b4:74:21:8a:75:63:a7:29:77:0b:72:90:2f:
         c3:9b:e7:ef:18:61:93:bc:1f:93:74:a8:47:4a:fa:ea:10:f1:
         d6:d6:5c:35:86:48:42:7f:56:2a:f8:e0:bb:e7:da:36:bb:2e:
         5f:5f:58:91:13:5d:6f:8d:df:fa:7e:7d:b8:fc:3f:f0:e1:11:
         29:4f:63:8d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZhkzfMuluKx2on4P0I9lkA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODAxMDg0NDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNiZGEzODc3YjAzYmI3YWY0YWNmOTYwZmRjMmY5NmRlODkxZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFYKYX2hVYd3dfG37W7sRj8AmwnS
BfRM1RlfT/NQPRqlsiRc5B/ETq3O0me4eV7DaEOdbx3Yx7d2PjQOh+3Ql0PoZmWj
VMsqiO5ITmuNQpa61a/2uOtT7pJ+oWFrwG36T8G2CSD+Kb7weJzRIfSDRTb9t8Zp
UHNh+W7nLC3Q4yjkRNDCGeeZlNAWqHTT/rAt6c19T8YlkS8E3LXlaRVzMcVNXw4o
s2rrbTkL61ajVpkDdg09YYcbn0dwThG7lR8HO6+5XRfvvckcuoa+Yov/raENQ/lx
bQDvxk+Bi5rBQEktuq4eQohH5S5WSAfZZoDgz9+trG0eq8qgnSFvVYVqpwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMs72jh3sDu3r0rPlg/cL5beiR/xMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyL2ViYTBi
OS02Mjc1LTQyNmMtOGIxMC05NWRiOWJmNjM3NjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvZWJhMGI5
LTYyNzUtNDI2Yy04YjEwLTk1ZGI5YmY2Mzc2My8xL3l6dmFPSGV3TzdldlNzLVdE
OXd2bHQ2SkhfRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC8GCCsGAQUF
BwEHAQH/BCAwHjALBAIAATAFAwMAk30wDwQCAAIwCQMHACABBnwbcDAZBggrBgEF
BQcBCAEB/wQKMAigBjAEAgIJuDANBgkqhkiG9w0BAQsFAAOCAQEAd0qTuJa0wqpv
om6fBKWqi05H3HG0e54okDoWZOINZgtIl2x8I0RpeWE9P5cMUCfc2vs4aQQIskDb
hzw8sJzmZ73RoRHRmcWDg4BaJx3Y7X+nwTrnyV9aLKA2QvJ4fXXqcVUSimyohwpW
B6OCZlpOGBpQGXtAckHHlPxYfDCbWzl6Haa54byZqAKI3l5/Y0AJyUPb+zPnkTKQ
xngv+JT1yJ5Xq06oiw3gBRbuZt5kO2IWvrm5GCNQKgG0dCGKdWOnKXcLcpAvw5vn
7xhhk7wfk3SoR0r66hDx1tZcNYZIQn9WKvjgu+faNrsuX19YkRNdb43f+n59uPw/
8OERKU9jjQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:41:22 2025 by rpki-client