Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UZxxlGfHXvlxe8YrftrpALovRiU.cer
File:                     UZxxlGfHXvlxe8YrftrpALovRiU.cer (raw, json)
Hash identifier:          zPfLaeeutiBRnaM3Z6eeRtAVe/C2oAjyPngoUauTNeI=
Subject key identifier:   51:9C:71:94:67:C7:5E:F9:71:7B:C6:2B:7E:DA:E9:00:BA:2F:46:25
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0197E12721A6BAB3E4AE115F93E66C883A5F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/65/ed209d-37d6-45e4-9ee1-e67e7759f9a0/1/UZxxlGfHXvlxe8YrftrpALovRiU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/65/ed209d-37d6-45e4-9ee1-e67e7759f9a0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 06 Jul 2025 19:12:07 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 199415
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Jul 2025 13:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:e1:27:21:a6:ba:b3:e4:ae:11:5f:93:e6:6c:88:3a:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul  6 19:12:07 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=519c719467c75ef9717bc62b7edae900ba2f4625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:9f:eb:78:69:ea:1f:25:37:4d:c3:24:97:04:
                    18:be:54:3b:d8:f1:38:59:ce:aa:ff:95:24:91:cf:
                    b9:ed:b8:75:8b:a7:8e:5c:98:f4:f0:c3:bc:f1:c6:
                    aa:fd:67:65:04:67:7e:e6:30:24:d3:66:9f:8d:a7:
                    29:a6:9d:c0:6e:c0:2b:e1:2c:99:67:d7:18:70:30:
                    af:f4:d3:ba:f7:fb:af:b7:d2:87:65:24:ff:f8:9f:
                    be:3f:ac:3a:63:8d:05:c7:c0:f9:12:4a:8d:30:e8:
                    95:f4:f1:7a:97:0c:b1:05:0c:74:d9:fc:44:2c:06:
                    8e:c2:58:cb:76:53:a2:50:b9:b8:34:f0:52:71:5a:
                    91:db:ca:fa:f4:5c:d9:ad:f7:19:78:1a:ae:ae:9d:
                    a0:0a:a2:ec:4c:69:1c:fa:fb:ae:4d:eb:d4:90:6b:
                    59:fc:3e:1c:a9:08:e8:46:7b:bd:f9:fd:bc:14:6a:
                    02:85:07:ac:bd:59:c1:1b:65:70:88:18:11:3a:65:
                    58:cb:b9:b8:73:ce:3d:ea:3b:61:57:85:91:a3:8e:
                    5b:32:b2:20:4a:87:b2:f5:6c:c1:d3:11:de:1d:5b:
                    4e:b0:c0:14:b1:6e:80:e8:4e:e9:47:06:81:f2:59:
                    2e:ce:8e:48:e4:79:9d:95:4d:ee:6b:0e:7d:a2:cd:
                    40:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:9C:71:94:67:C7:5E:F9:71:7B:C6:2B:7E:DA:E9:00:BA:2F:46:25
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ed209d-37d6-45e4-9ee1-e67e7759f9a0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ed209d-37d6-45e4-9ee1-e67e7759f9a0/1/UZxxlGfHXvlxe8YrftrpALovRiU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199415

    Signature Algorithm: sha256WithRSAEncryption
         49:f5:17:97:ef:47:af:c1:8a:a3:73:bb:c8:9a:cf:d6:3c:de:
         4f:a4:58:8f:46:04:e9:de:c4:2c:44:c7:da:58:28:45:e8:f9:
         a0:42:f4:dc:46:3d:f7:e4:07:98:48:99:f3:8b:72:30:2a:00:
         8c:06:90:02:4b:a1:79:3f:69:65:dc:98:94:73:b0:ba:36:f3:
         ac:b3:2c:d4:c6:68:72:de:74:cf:78:ed:be:da:15:5a:3e:44:
         5c:7d:29:62:1c:36:0d:64:5e:ca:39:85:d4:0f:2e:0f:5d:ff:
         3e:b2:59:f8:8f:11:60:7f:7f:3d:0f:7e:3b:60:cb:15:36:6e:
         6f:87:5b:4c:bb:87:be:d2:f3:cb:86:e9:83:7f:26:ec:99:98:
         c9:c1:09:b0:bc:a8:f4:90:86:21:71:74:c6:9f:06:f1:29:0a:
         21:72:b3:2b:50:37:c0:bc:ea:76:a0:25:5a:a2:a5:7b:31:f2:
         9b:b0:3b:5a:b2:49:0d:d1:f1:ae:d3:34:67:16:f3:ed:6c:c3:
         da:8b:0a:b4:30:74:7f:33:5f:2e:39:7a:6c:88:9b:6c:42:8f:
         d8:9d:a6:62:3d:2a:b2:02:7a:c8:00:0a:0a:58:c7:8f:f5:ee:
         8e:0c:7a:ee:df:db:c5:04:42:53:47:2b:8d:90:63:02:98:a1:
         56:c4:a1:ab
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZfhJyGmurPkrhFfk+ZsiDpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzA2MTkxMjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTljNzE5NDY3Yzc1ZWY5NzE3YmM2MmI3ZWRhZTkwMGJhMmY0NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7p/reGnqHyU3TcMklwQYvlQ72PE4
Wc6q/5Ukkc+57bh1i6eOXJj08MO88caq/WdlBGd+5jAk02afjacppp3AbsAr4SyZ
Z9cYcDCv9NO69/uvt9KHZST/+J++P6w6Y40Fx8D5EkqNMOiV9PF6lwyxBQx02fxE
LAaOwljLdlOiULm4NPBScVqR28r69FzZrfcZeBqurp2gCqLsTGkc+vuuTevUkGtZ
/D4cqQjoRnu9+f28FGoChQesvVnBG2VwiBgROmVYy7m4c8496jthV4WRo45bMrIg
Soey9WzB0xHeHVtOsMAUsW6A6E7pRwaB8lkuzo5I5HmdlU3uaw59os1AnQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFGccZRnx175cXvGK37a6QC6L0YlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1L2VkMjA5
ZC0zN2Q2LTQ1ZTQtOWVlMS1lNjdlNzc1OWY5YTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvZWQyMDlk
LTM3ZDYtNDVlNC05ZWUxLWU2N2U3NzU5ZjlhMC8xL1VaeHhsR2ZIWHZseGU4WXJm
dHJwQUxvdlJpVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMK9zANBgkqhkiG9w0BAQsFAAOCAQEASfUXl+9Hr8GK
o3O7yJrP1jzeT6RYj0YE6d7ELETH2lgoRej5oEL03EY99+QHmEiZ84tyMCoAjAaQ
AkuheT9pZdyYlHOwujbzrLMs1MZoct50z3jtvtoVWj5EXH0pYhw2DWReyjmF1A8u
D13/PrJZ+I8RYH9/PQ9+O2DLFTZub4dbTLuHvtLzy4bpg38m7JmYycEJsLyo9JCG
IXF0xp8G8SkKIXKzK1A3wLzqdqAlWqKlezHym7A7WrJJDdHxrtM0Zxbz7WzD2osK
tDB0fzNfLjl6bIibbEKP2J2mYj0qsgJ6yAAKCljHj/Xujgx67t/bxQRCU0crjZBj
ApihVsShqw==
-----END CERTIFICATE-----