Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0dI-JBGcupM36DRmSFv7EGsuJLY.cer
File:                     0dI-JBGcupM36DRmSFv7EGsuJLY.cer (raw, json)
Hash identifier:          ESIhGVBeC5OWciIPHLK74IpP5JxiyXXSUR8qrvHXBCQ=
Subject key identifier:   D1:D2:3E:24:11:9C:BA:93:37:E8:34:66:48:5B:FB:10:6B:2E:24:B6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0197C0F190D45710B7D081F1C23F884BDE90
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 30 Jun 2025 13:05:46 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 194.50.167.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Jul 2025 04:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:f1:90:d4:57:10:b7:d0:81:f1:c2:3f:88:4b:de:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 30 13:05:46 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d1d23e24119cba9337e83466485bfb106b2e24b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:96:5e:09:58:30:db:d3:32:bd:d7:1a:27:f3:
                    48:0d:57:39:dc:b8:27:48:c9:98:bd:18:fb:f0:af:
                    f7:e6:fa:da:87:1c:82:19:3e:3a:9b:dc:1d:6b:c9:
                    d5:6d:7a:cd:60:39:0e:f0:43:ce:5b:8e:1b:5c:13:
                    7b:78:80:c5:db:ab:f5:fa:09:4a:cb:25:3b:40:31:
                    b5:5e:ee:47:40:51:a1:16:11:f2:ab:7a:84:59:e0:
                    82:f4:f5:14:fe:2d:b7:e0:a8:2f:e8:a7:84:d2:6d:
                    f5:0d:2c:8b:51:eb:55:85:3f:bd:8e:d2:d6:dc:c1:
                    1e:7c:c4:04:c3:be:1a:a6:cc:d1:a3:43:b3:2c:5e:
                    64:c3:60:d7:6d:64:b9:66:e0:47:24:8d:c2:82:99:
                    f2:e6:7c:6f:f8:77:89:cf:af:81:4d:62:78:bd:f6:
                    66:47:8f:48:85:90:f0:af:4e:95:1a:55:97:f1:5d:
                    bf:e6:7e:d5:2f:c3:d1:25:84:7c:7c:a3:8e:24:4a:
                    00:52:4c:64:e1:0e:b4:5e:e6:2b:dd:3a:2a:c8:31:
                    94:6c:bf:06:98:2b:6c:08:81:35:c6:59:90:47:e7:
                    18:c5:1a:65:86:fe:1d:2d:c2:08:b0:80:1f:2e:b2:
                    47:e0:91:0b:78:41:81:af:ad:20:e0:2f:2b:47:d5:
                    a8:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:D2:3E:24:11:9C:BA:93:37:E8:34:66:48:5B:FB:10:6B:2E:24:B6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:bc:4b:b0:68:c9:3f:3f:a1:69:3f:d4:f3:21:af:22:c3:18:
         d4:c5:a3:83:78:9a:33:48:39:1e:a9:a1:aa:8f:3c:cc:cd:16:
         b2:0f:9d:09:51:7e:fd:74:18:3e:01:d0:2b:7e:4f:02:a7:a7:
         63:6d:b3:bc:b6:3c:03:5e:98:08:b2:e4:cd:45:af:2a:74:a0:
         56:c7:5d:9b:47:3e:c8:3f:c6:21:13:b6:2e:2d:e0:69:15:15:
         8c:83:db:f6:43:2a:87:cd:fd:db:1b:4e:71:8e:db:81:97:d9:
         36:61:1e:04:d2:25:86:ff:e8:dc:35:1a:ec:c3:4e:c0:42:77:
         e8:3e:81:dd:5d:8a:a2:91:ff:0c:81:4d:33:47:19:06:a4:45:
         8e:76:7e:62:ec:76:c2:02:62:6e:8b:a1:9e:cd:d9:d0:b3:8c:
         76:72:b0:ac:66:42:bd:7b:18:bd:b0:dd:ef:04:4f:33:63:8a:
         56:41:b4:96:82:92:21:ee:e9:9c:48:66:d5:97:52:a1:94:2f:
         8d:1f:e4:55:8d:97:f2:b8:a0:fa:66:21:bf:ab:a3:ba:56:44:
         83:64:6d:e8:fb:d4:f8:03:3d:57:c0:be:7a:23:a2:6e:1d:dc:
         0e:2d:59:7c:45:a7:0f:5b:79:a7:fa:f4:87:9c:69:16:87:b9:
         f6:2f:e4:55
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZfA8ZDUVxC30IHxwj+IS96QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjMwMTMwNTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQyM2UyNDExOWNiYTkzMzdlODM0NjY0ODViZmIxMDZiMmUyNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5ZeCVgw29MyvdcaJ/NIDVc53Lgn
SMmYvRj78K/35vrahxyCGT46m9wda8nVbXrNYDkO8EPOW44bXBN7eIDF26v1+glK
yyU7QDG1Xu5HQFGhFhHyq3qEWeCC9PUU/i234Kgv6KeE0m31DSyLUetVhT+9jtLW
3MEefMQEw74apszRo0OzLF5kw2DXbWS5ZuBHJI3Cgpny5nxv+HeJz6+BTWJ4vfZm
R49IhZDwr06VGlWX8V2/5n7VL8PRJYR8fKOOJEoAUkxk4Q60XuYr3ToqyDGUbL8G
mCtsCIE1xlmQR+cYxRplhv4dLcIIsIAfLrJH4JELeEGBr60g4C8rR9WoUQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNHSPiQRnLqTN+g0Zkhb+xBrLiS2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM3LzZjNDA2
NC04NTAzLTRkMTYtOTM1NC03NGQ0ZTViMDFjMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcvNmM0MDY0
LTg1MDMtNGQxNi05MzU0LTc0ZDRlNWIwMWMzNS8xLzBkSS1KQkdjdXBNMzZEUm1T
RnY3RUdzdUpMWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwjKnMA0GCSqGSIb3DQEBCwUAA4IBAQBEvEuw
aMk/P6FpP9TzIa8iwxjUxaODeJozSDkeqaGqjzzMzRayD50JUX79dBg+AdArfk8C
p6djbbO8tjwDXpgIsuTNRa8qdKBWx12bRz7IP8YhE7YuLeBpFRWMg9v2QyqHzf3b
G05xjtuBl9k2YR4E0iWG/+jcNRrsw07AQnfoPoHdXYqikf8MgU0zRxkGpEWOdn5i
7HbCAmJui6GezdnQs4x2crCsZkK9exi9sN3vBE8zY4pWQbSWgpIh7umcSGbVl1Kh
lC+NH+RVjZfyuKD6ZiG/q6O6VkSDZG3o+9T4Az1XwL56I6JuHdwOLVl8RacPW3mn
+vSHnGkWh7n2L+RV
-----END CERTIFICATE-----