Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5FudrqoDQlXqMxFPWLiMHD48fK8.cer
File:                     5FudrqoDQlXqMxFPWLiMHD48fK8.cer (raw, json)
Hash identifier:          3ZJVILWedFG7iK7xwsd24nj3+RIkKbUbh2PX/pq3T10=
Subject key identifier:   E4:5B:9D:AE:AA:03:42:55:EA:33:11:4F:58:B8:8C:1C:3E:3C:7C:AF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194258F284CE643E209F5386EEDA881F922
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/5FudrqoDQlXqMxFPWLiMHD48fK8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 05:48:46 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 41632
                          IP: 195.138.215.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:8f:28:4c:e6:43:e2:09:f5:38:6e:ed:a8:81:f9:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 05:48:46 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e45b9daeaa034255ea33114f58b88c1c3e3c7caf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:2c:e5:7d:d8:51:c9:50:63:6d:52:b9:3d:4c:
                    da:c9:54:80:30:4b:4a:90:f9:c8:0e:9d:97:00:e7:
                    8a:bd:b4:e7:34:19:f4:21:c8:5b:23:75:41:41:de:
                    79:9d:78:6b:53:1c:e0:a6:4e:f9:a6:9a:65:b0:c8:
                    dd:5e:ee:d3:9f:78:2f:9f:11:17:58:a8:dc:22:08:
                    61:ee:86:1b:d9:ba:ad:7f:99:c5:b5:39:3f:ab:df:
                    44:61:a3:1b:4c:cd:b4:f8:8f:88:16:7e:d7:de:cc:
                    14:87:18:a1:8d:a4:db:22:d9:36:45:a8:d4:79:03:
                    48:1d:b4:ec:8e:dc:a6:67:7f:b8:0e:2d:ec:58:d2:
                    5f:81:38:7c:bd:ca:ce:19:9c:7d:2c:6e:22:1a:03:
                    5d:f4:09:f8:af:a3:4e:25:23:6d:d9:20:1e:89:f6:
                    05:11:94:9a:ce:42:ff:2a:77:4c:2f:b8:62:94:c9:
                    92:81:2b:6f:f0:c2:ff:f3:60:de:f3:5b:98:a0:b5:
                    9e:dc:36:34:0f:00:75:4c:9f:3b:88:36:ec:3a:b1:
                    cd:03:b2:5d:14:f1:93:98:f5:1b:a7:1e:8b:a3:5f:
                    ce:bf:d2:38:42:d7:c4:05:89:7d:9e:c0:05:c3:98:
                    88:cd:23:1a:fe:8b:84:72:5a:0f:25:7e:62:6f:15:
                    de:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:5B:9D:AE:AA:03:42:55:EA:33:11:4F:58:B8:8C:1C:3E:3C:7C:AF
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/5FudrqoDQlXqMxFPWLiMHD48fK8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.138.215.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41632

    Signature Algorithm: sha256WithRSAEncryption
         58:71:bf:5b:21:60:1b:c8:cd:43:f0:be:8c:12:8d:25:e7:05:
         e5:a7:8d:28:4a:4e:ac:f3:f3:45:3b:d9:9e:03:92:23:4f:e0:
         20:02:8a:7d:f9:54:70:06:65:ea:d3:5a:01:cc:13:3b:17:3f:
         c3:ce:82:6c:07:c3:04:aa:ed:4f:35:43:4c:fe:e5:1f:09:3f:
         df:79:ed:d8:56:a3:9a:81:9e:41:93:07:cc:66:25:93:e8:e8:
         5c:72:ba:d0:4e:6a:17:40:0b:79:34:5f:f4:2a:13:ed:d3:b4:
         d1:63:37:dc:7f:b7:9b:84:5b:ff:02:a4:06:e9:37:49:ac:9d:
         b6:3e:02:98:71:1c:b9:be:fd:b6:c9:58:2c:6b:15:dd:96:05:
         17:2d:16:94:66:f9:d4:d0:48:5c:7e:64:42:64:25:f0:b2:9f:
         35:5d:35:fc:30:37:40:a4:25:2f:ce:09:75:ad:02:a4:f4:f8:
         60:e0:ea:f9:29:7d:4a:8d:8f:e2:1a:9c:57:71:6f:a5:61:72:
         28:8c:33:8e:23:e3:20:df:ee:42:75:95:c8:b5:d6:c3:f8:34:
         8e:c2:db:be:01:fd:6a:5a:55:f3:fd:85:5e:5c:7c:28:a4:06:
         a4:f2:48:28:14:6c:70:1b:19:7a:81:99:d9:0d:de:8d:fc:0c:
         9b:1e:a4:f5
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQljyhM5kPiCfU4bu2ogfkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDViOWRhZWFhMDM0MjU1ZWEzMzExNGY1OGI4OGMxYzNlM2M3Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSzlfdhRyVBjbVK5PUzayVSAMEtK
kPnIDp2XAOeKvbTnNBn0IchbI3VBQd55nXhrUxzgpk75ppplsMjdXu7Tn3gvnxEX
WKjcIghh7oYb2bqtf5nFtTk/q99EYaMbTM20+I+IFn7X3swUhxihjaTbItk2RajU
eQNIHbTsjtymZ3+4Di3sWNJfgTh8vcrOGZx9LG4iGgNd9An4r6NOJSNt2SAeifYF
EZSazkL/KndML7hilMmSgStv8ML/82De81uYoLWe3DY0DwB1TJ87iDbsOrHNA7Jd
FPGTmPUbpx6Lo1/Ov9I4QtfEBYl9nsAFw5iIzSMa/ouEcloPJX5ibxXe9QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFORbna6qA0JV6jMRT1i4jBw+PHyvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjLzRkNmI4
OC0yMGM2LTRjNDItODc5OS00YjkxNzU5MjM1N2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvNGQ2Yjg4
LTIwYzYtNGM0Mi04Nzk5LTRiOTE3NTkyMzU3Yy8xLzVGdWRycW9EUWxYcU14RlBX
TGlNSEQ0OGZLOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw4rXMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCioDANBgkqhkiG9w0BAQsFAAOCAQEAWHG/WyFgG8jNQ/C+jBKNJecF5aeNKEpO
rPPzRTvZngOSI0/gIAKKfflUcAZl6tNaAcwTOxc/w86CbAfDBKrtTzVDTP7lHwk/
33nt2FajmoGeQZMHzGYlk+joXHK60E5qF0ALeTRf9CoT7dO00WM33H+3m4Rb/wKk
Buk3Saydtj4CmHEcub79tslYLGsV3ZYFFy0WlGb51NBIXH5kQmQl8LKfNV01/DA3
QKQlL84Jda0CpPT4YODq+Sl9So2P4hqcV3FvpWFyKIwzjiPjIN/uQnWVyLXWw/g0
jsLbvgH9alpV8/2FXlx8KKQGpPJIKBRscBsZeoGZ2Q3ejfwMmx6k9Q==
-----END CERTIFICATE-----