Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0m9HluwczjftJ86jmJgDukl2JR4.cer
File:                     0m9HluwczjftJ86jmJgDukl2JR4.cer (raw, json)
Hash identifier:          ypcybjauWBbzrECtpR3UOem56wd+3UFt7KnM0YFfs4A=
Subject key identifier:   D2:6F:47:96:EC:1C:CE:37:ED:27:CE:A3:98:98:03:BA:49:76:25:1E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018DF0FAC0C8C83D3924AB93915C9E918449
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fe/685711-a4ef-4e6c-b490-396d5ad896b8/1/0m9HluwczjftJ86jmJgDukl2JR4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fe/685711-a4ef-4e6c-b490-396d5ad896b8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 28 Feb 2024 18:29:41 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215409

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f0:fa:c0:c8:c8:3d:39:24:ab:93:91:5c:9e:91:84:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 28 18:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d26f4796ec1cce37ed27cea3989803ba4976251e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e4:e3:d9:56:45:cb:24:83:e7:0a:43:e6:05:
                    f3:50:91:2d:cc:4f:6e:80:a8:42:32:93:0d:0f:eb:
                    47:31:a0:d9:2c:86:e1:1d:3f:d9:5c:e9:39:9d:55:
                    f7:b0:84:91:38:82:63:22:3d:cd:ee:a5:7e:ed:21:
                    36:ae:ea:46:aa:03:3e:71:c6:1e:64:09:4e:1c:6f:
                    ce:21:93:03:21:ce:87:8d:89:66:15:df:f8:3f:c8:
                    0d:16:e7:9b:c1:61:69:ce:9c:13:6c:64:0f:07:c8:
                    f5:10:5d:91:db:f8:ad:e4:15:ed:de:89:90:49:2c:
                    7f:7e:df:89:3e:1e:c9:cb:73:24:a0:e8:be:99:b9:
                    8a:f9:75:4b:57:e7:7f:50:0c:a8:32:dc:44:2b:38:
                    40:1a:73:19:b6:ce:ad:88:b6:6a:5a:00:7f:7e:5e:
                    e1:29:36:e1:f4:c9:38:2d:ed:3c:e5:77:14:22:d4:
                    b9:c7:30:58:32:49:a1:d2:38:ee:6d:7d:c1:22:3f:
                    d8:f2:2a:f4:43:7a:68:55:5d:e2:c1:98:07:8e:8e:
                    db:dd:36:24:05:d9:ba:e2:8d:82:62:12:2e:94:20:
                    22:26:b4:1b:a9:4f:f8:6f:ae:a0:56:e2:e5:48:db:
                    78:d3:4b:a3:d9:3f:4c:5d:63:a9:61:11:67:a1:35:
                    f1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:6F:47:96:EC:1C:CE:37:ED:27:CE:A3:98:98:03:BA:49:76:25:1E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/685711-a4ef-4e6c-b490-396d5ad896b8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/685711-a4ef-4e6c-b490-396d5ad896b8/1/0m9HluwczjftJ86jmJgDukl2JR4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215409

    Signature Algorithm: sha256WithRSAEncryption
         32:27:6f:b7:e0:17:d6:83:55:3d:03:4a:4d:08:66:ed:9a:09:
         f1:81:13:79:f9:a8:a4:eb:25:fa:df:b8:44:bc:3f:1c:95:47:
         d5:8c:5c:4b:6c:1d:e5:62:ee:e2:38:58:4e:63:63:1a:4c:f3:
         8a:55:72:88:ba:90:75:e7:02:23:e2:e6:d7:e3:09:46:9b:60:
         eb:64:d2:8c:06:7c:57:d7:a9:72:8f:8e:21:eb:52:cc:81:16:
         70:7f:eb:07:74:4c:1d:af:6e:2b:8a:73:43:ae:92:8d:d6:1e:
         56:8e:ad:36:e2:a7:71:2e:a5:b1:d4:fb:45:f0:d9:a0:b4:ea:
         db:33:8a:e8:c8:87:7d:58:3f:cf:a9:d6:71:4a:83:e2:13:14:
         3d:fe:12:68:5f:b5:cf:ec:98:10:d4:03:da:7d:e2:58:1f:d0:
         6e:fb:b8:e4:dd:30:a4:c4:13:7b:a4:01:bf:d4:1c:1f:20:fc:
         db:0f:95:f1:e9:51:c2:4f:53:58:39:0b:d0:9e:8a:d1:91:49:
         2a:8c:0a:2a:bc:e6:b3:07:6d:64:f3:a1:bb:72:8c:07:29:75:
         19:26:73:24:1d:81:bf:c0:75:f0:58:5d:09:be:fb:b2:e3:a3:
         8d:a0:d0:81:ab:95:8e:d1:57:ee:9b:cd:a3:8b:d0:0f:37:06:
         ad:60:bd:d9
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY3w+sDIyD05JKuTkVyekYRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjI4MTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZmNDc5NmVjMWNjZTM3ZWQyN2NlYTM5ODk4MDNiYTQ5NzYyNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuTj2VZFyySD5wpD5gXzUJEtzE9u
gKhCMpMND+tHMaDZLIbhHT/ZXOk5nVX3sISROIJjIj3N7qV+7SE2rupGqgM+ccYe
ZAlOHG/OIZMDIc6HjYlmFd/4P8gNFuebwWFpzpwTbGQPB8j1EF2R2/it5BXt3omQ
SSx/ft+JPh7Jy3MkoOi+mbmK+XVLV+d/UAyoMtxEKzhAGnMZts6tiLZqWgB/fl7h
KTbh9Mk4Le085XcUItS5xzBYMkmh0jjubX3BIj/Y8ir0Q3poVV3iwZgHjo7b3TYk
Bdm64o2CYhIulCAiJrQbqU/4b66gVuLlSNt400uj2T9MXWOpYRFnoTXxpwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNJvR5bsHM437SfOo5iYA7pJdiUeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlLzY4NTcx
MS1hNGVmLTRlNmMtYjQ5MC0zOTZkNWFkODk2YjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvNjg1NzEx
LWE0ZWYtNGU2Yy1iNDkwLTM5NmQ1YWQ4OTZiOC8xLzBtOUhsdXdjempmdEo4Nmpt
SmdEdWtsMkpSNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNJcTANBgkqhkiG9w0BAQsFAAOCAQEAMidvt+AX1oNV
PQNKTQhm7ZoJ8YETefmopOsl+t+4RLw/HJVH1YxcS2wd5WLu4jhYTmNjGkzzilVy
iLqQdecCI+Lm1+MJRptg62TSjAZ8V9epco+OIetSzIEWcH/rB3RMHa9uK4pzQ66S
jdYeVo6tNuKncS6lsdT7RfDZoLTq2zOK6MiHfVg/z6nWcUqD4hMUPf4SaF+1z+yY
ENQD2n3iWB/Qbvu45N0wpMQTe6QBv9QcHyD82w+V8elRwk9TWDkL0J6K0ZFJKowK
KrzmswdtZPOhu3KMByl1GSZzJB2Bv8B18FhdCb77suOjjaDQgauVjtFX7pvNo4vQ
DzcGrWC92Q==
-----END CERTIFICATE-----