Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer
File:                     dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer (raw, json)
Hash identifier:          owp8ozWBlDLOprm9B4eh9qKKL8E0ctdcosuUkOatcfM=
Subject key identifier:   75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427487D81F9DA3E196472BAF1E54ED208
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 13:50:49 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 205913
                          IP: 185.202.76.0/22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:48:7d:81:f9:da:3e:19:64:72:ba:f1:e5:4e:d2:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 13:50:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=752b0d72bf0743bf2cdc78ba1f53e9a988f9af1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:69:4f:35:31:8b:96:ab:99:e4:c7:b0:31:5c:
                    49:9a:d8:5c:96:da:a6:98:3b:03:d7:68:a9:08:1d:
                    a3:b3:f7:90:10:cd:44:b6:dd:3d:78:7f:2d:34:01:
                    c4:e8:58:69:89:97:1e:0b:71:a3:a5:dc:77:10:ee:
                    5c:92:90:bf:56:5f:29:b5:47:6b:78:98:5f:90:71:
                    1a:94:e8:3e:66:e6:8b:a9:c9:39:cf:c2:2d:5f:50:
                    df:69:c3:1c:1a:1f:3e:a2:be:f6:c4:df:c5:e5:e6:
                    af:55:27:f8:f1:88:c1:97:25:60:61:f7:e0:13:65:
                    6c:77:9f:56:25:3e:77:b5:41:ce:3b:c1:fa:db:e9:
                    3a:04:0b:a9:34:8a:50:8e:1e:6b:10:ce:8f:83:0a:
                    19:d8:72:60:f7:a2:2e:3c:8f:5d:0a:17:29:3c:df:
                    ba:2b:41:a3:ef:79:5b:1e:5b:bf:7b:61:3d:95:c5:
                    15:ca:7f:29:43:db:e2:0c:23:26:27:74:c6:79:43:
                    1c:e5:13:90:7b:77:13:df:0f:90:9b:9f:be:83:49:
                    24:9a:d0:01:6b:8c:ca:bb:d5:f9:8d:06:66:be:2f:
                    15:f4:f9:61:43:22:fa:3b:0b:6f:e0:00:b2:17:5e:
                    47:7a:04:bd:d0:81:e7:e3:23:ca:5f:ad:d3:82:b7:
                    4a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.202.76.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205913

    Signature Algorithm: sha256WithRSAEncryption
         05:44:d7:a5:cc:38:d2:00:63:9a:1b:91:21:6d:34:4c:b7:ae:
         b1:e9:cd:e9:d3:c4:b0:dd:f0:e6:65:02:6e:eb:94:ea:9e:ef:
         a9:c4:3f:3d:3a:72:26:f8:f2:e8:53:15:4a:c8:2f:79:f6:35:
         d8:a7:b7:6a:bb:d9:12:cb:5b:e7:a5:61:80:08:8b:1f:b7:23:
         89:67:50:5f:e9:78:ea:cb:3b:83:05:64:7b:9f:4c:fd:64:11:
         ce:77:fa:77:5e:7c:b9:86:78:e6:90:6e:ee:62:b7:88:84:f1:
         80:bd:50:ed:62:66:b1:4d:44:89:79:4f:13:6f:cd:af:22:f6:
         01:f5:d7:8b:77:68:7d:5c:07:d2:b7:64:a2:a4:ff:71:99:e2:
         f0:bf:00:63:bf:3b:0a:a5:ee:e2:18:c6:62:b9:b0:68:b9:41:
         7d:5b:d3:73:7e:f6:a3:b4:79:52:01:e4:fe:1f:e2:2b:08:9e:
         bb:cf:6e:d7:46:40:5a:25:e7:2a:7d:8e:a7:94:c8:84:8d:31:
         47:ff:04:59:b5:c3:72:7d:22:53:65:bf:8f:0e:bf:5b:37:e5:
         8e:ec:d6:98:ca:a2:5a:41:2c:9d:64:75:36:73:32:e6:21:f9:
         c9:7f:3b:83:0a:2f:6d:4d:ab:a2:09:b5:4b:71:16:ce:75:81:
         99:94:a2:5f
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQnSH2B+do+GWRyuvHlTtIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJiMGQ3MmJmMDc0M2JmMmNkYzc4YmExZjUzZTlhOTg4ZjlhZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22lPNTGLlquZ5MewMVxJmthcltqm
mDsD12ipCB2js/eQEM1Ett09eH8tNAHE6FhpiZceC3Gjpdx3EO5ckpC/Vl8ptUdr
eJhfkHEalOg+ZuaLqck5z8ItX1DfacMcGh8+or72xN/F5eavVSf48YjBlyVgYffg
E2Vsd59WJT53tUHOO8H62+k6BAupNIpQjh5rEM6PgwoZ2HJg96IuPI9dChcpPN+6
K0Gj73lbHlu/e2E9lcUVyn8pQ9viDCMmJ3TGeUMc5ROQe3cT3w+Qm5++g0kkmtAB
a4zKu9X5jQZmvi8V9PlhQyL6Owtv4ACyF15HegS90IHn4yPKX63TgrdKWwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFHUrDXK/B0O/LNx4uh9T6amI+a8eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwLzNhYmE3
ZS0xZDUwLTQ3MmYtOGRiNy02OTEyMTkyMTM0ZTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvM2FiYTdl
LTFkNTAtNDcyZi04ZGI3LTY5MTIxOTIxMzRlOS8xL2RTc05jcjhIUTc4czNIaTZI
MVBwcVlqNXJ4NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCucpMMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMkWTANBgkqhkiG9w0BAQsFAAOCAQEABUTXpcw40gBjmhuRIW00TLeusenN6dPE
sN3w5mUCbuuU6p7vqcQ/PTpyJvjy6FMVSsgvefY12Ke3arvZEstb56VhgAiLH7cj
iWdQX+l46ss7gwVke59M/WQRznf6d158uYZ45pBu7mK3iITxgL1Q7WJmsU1EiXlP
E2/NryL2AfXXi3dofVwH0rdkoqT/cZni8L8AY787CqXu4hjGYrmwaLlBfVvTc372
o7R5UgHk/h/iKwieu89u10ZAWiXnKn2Op5TIhI0xR/8EWbXDcn0iU2W/jw6/Wzfl
juzWmMqiWkEsnWR1NnMy5iH5yX87gwovbU2rogm1S3EWznWBmZSiXw==
-----END CERTIFICATE-----