Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fqb261IgGBAWg9qKQW1Umj4qTlU.cer
File:                     fqb261IgGBAWg9qKQW1Umj4qTlU.cer (raw, json)
Hash identifier:          ZrJMT9YQGUKS+tTEixd9NmvsrljGnMSnl7ZB8+Snhnc=
Subject key identifier:   7E:A6:F6:EB:52:20:18:10:16:83:DA:8A:41:6D:54:9A:3E:2A:4E:55
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018F0DD1833BFE247FDACBBB976B48CC5BCA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fb/4299a2-97e0-46fa-bb9a-7ca636521818/1/fqb261IgGBAWg9qKQW1Umj4qTlU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fb/4299a2-97e0-46fa-bb9a-7ca636521818/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 24 Apr 2024 01:56:25 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201327

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 04 Jun 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:0d:d1:83:3b:fe:24:7f:da:cb:bb:97:6b:48:cc:5b:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Apr 24 01:56:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7ea6f6eb522018101683da8a416d549a3e2a4e55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:95:25:c2:1a:4d:32:c6:e0:d2:6e:79:17:33:
                    48:12:63:8d:d4:3a:1b:ee:c9:e2:86:0a:3b:10:dd:
                    e3:6c:ea:bf:86:5f:54:71:79:96:82:9c:af:96:89:
                    20:b0:89:d3:00:69:e1:db:a7:f9:1d:d2:f9:af:19:
                    07:03:ce:16:82:39:5a:b0:76:b8:e2:87:97:ef:fa:
                    b5:c7:5a:06:40:81:67:75:cf:cf:b2:0f:56:63:d7:
                    5e:fc:b6:af:08:9c:bf:89:6f:30:f8:ef:48:12:ae:
                    3d:05:c4:07:97:ab:a4:db:e2:c8:93:84:12:21:be:
                    58:5d:af:3f:b3:e5:42:31:fa:6b:9a:01:f5:84:f4:
                    45:e5:b7:f7:7e:02:55:98:59:2f:ce:c0:5b:29:80:
                    89:17:b6:69:b2:7a:37:03:c0:a9:3b:14:98:df:e7:
                    e6:f9:06:bc:01:f0:fd:a0:37:42:d9:37:39:e0:61:
                    df:14:5e:9e:06:33:90:41:60:42:b3:5a:89:21:af:
                    60:8e:55:ab:a2:ca:c6:18:84:9a:bc:12:f8:69:43:
                    28:cf:9f:99:17:5b:72:46:be:dc:0e:94:9f:14:9c:
                    d3:6d:1b:f7:31:91:9a:23:cc:14:d9:b0:36:1a:49:
                    97:0b:51:3f:be:d4:6b:6e:53:c1:75:ed:4c:5f:c8:
                    7b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:A6:F6:EB:52:20:18:10:16:83:DA:8A:41:6D:54:9A:3E:2A:4E:55
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4299a2-97e0-46fa-bb9a-7ca636521818/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4299a2-97e0-46fa-bb9a-7ca636521818/1/fqb261IgGBAWg9qKQW1Umj4qTlU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201327

    Signature Algorithm: sha256WithRSAEncryption
         3b:3b:06:2b:b4:b3:df:2f:e2:d3:bb:09:cb:05:f1:e3:42:d7:
         df:e6:a3:1d:7b:8e:54:49:5b:6d:56:ca:57:db:5e:04:52:22:
         e4:17:76:5c:04:f5:0e:7d:3e:aa:78:36:d6:51:b7:20:7a:06:
         55:39:18:92:f6:dc:9f:d0:fd:7f:d7:8a:13:d5:c9:f4:d8:01:
         e5:bd:d3:2d:03:2d:35:87:d4:7b:ff:15:61:3b:2d:0b:7b:56:
         1f:f4:1b:01:cd:7e:d5:e0:4e:ba:0f:00:74:60:40:37:c7:60:
         b3:a6:8b:16:f4:02:6d:57:e4:8c:6e:72:ba:73:ac:84:da:f0:
         96:a8:e1:97:76:fb:dd:1c:44:82:02:41:fc:ef:3b:81:78:2c:
         fc:4e:7c:b3:f1:eb:f7:49:ae:4b:0d:c2:59:81:49:0c:2d:a5:
         36:ea:ea:43:52:36:83:e9:2e:63:1a:19:39:9b:75:71:f9:d5:
         b3:04:3b:bd:db:1e:38:50:c9:6b:c5:9f:9d:9d:33:c3:ed:6e:
         a0:d9:77:ba:ec:0e:76:7d:74:7f:ef:d2:3b:02:8e:a4:8e:10:
         83:e3:a2:08:27:81:ba:17:23:f8:13:16:29:b9:28:e7:ee:df:
         c3:8e:d1:72:ba:ed:a3:40:42:e3:63:18:f5:8c:66:38:f4:2a:
         c5:d0:f6:33
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY8N0YM7/iR/2su7l2tIzFvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDI0MDE1NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE2ZjZlYjUyMjAxODEwMTY4M2RhOGE0MTZkNTQ5YTNlMmE0ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJUlwhpNMsbg0m55FzNIEmON1Dob
7snihgo7EN3jbOq/hl9UcXmWgpyvlokgsInTAGnh26f5HdL5rxkHA84WgjlasHa4
4oeX7/q1x1oGQIFndc/Psg9WY9de/LavCJy/iW8w+O9IEq49BcQHl6uk2+LIk4QS
Ib5YXa8/s+VCMfprmgH1hPRF5bf3fgJVmFkvzsBbKYCJF7Zpsno3A8CpOxSY3+fm
+Qa8AfD9oDdC2Tc54GHfFF6eBjOQQWBCs1qJIa9gjlWrosrGGISavBL4aUMoz5+Z
F1tyRr7cDpSfFJzTbRv3MZGaI8wU2bA2GkmXC1E/vtRrblPBde1MX8h7PQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFH6m9utSIBgQFoPaikFtVJo+Kk5VMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZiLzQyOTlh
Mi05N2UwLTQ2ZmEtYmI5YS03Y2E2MzY1MjE4MTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIvNDI5OWEy
LTk3ZTAtNDZmYS1iYjlhLTdjYTYzNjUyMTgxOC8xL2ZxYjI2MUlnR0JBV2c5cUtR
VzFVbWo0cVRsVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMSbzANBgkqhkiG9w0BAQsFAAOCAQEAOzsGK7Sz3y/i
07sJywXx40LX3+ajHXuOVElbbVbKV9teBFIi5Bd2XAT1Dn0+qng21lG3IHoGVTkY
kvbcn9D9f9eKE9XJ9NgB5b3TLQMtNYfUe/8VYTstC3tWH/QbAc1+1eBOug8AdGBA
N8dgs6aLFvQCbVfkjG5yunOshNrwlqjhl3b73RxEggJB/O87gXgs/E58s/Hr90mu
Sw3CWYFJDC2lNurqQ1I2g+kuYxoZOZt1cfnVswQ7vdseOFDJa8WfnZ0zw+1uoNl3
uuwOdn10f+/SOwKOpI4Qg+OiCCeBuhcj+BMWKbko5+7fw47Rcrrto0BC42MY9Yxm
OPQqxdD2Mw==
-----END CERTIFICATE-----