Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-uAUZKaVsPb1L1EbzBJA-ihNPc8.cer
File:                     1-uAUZKaVsPb1L1EbzBJA-ihNPc8.cer (raw, json)
Hash identifier:          Fhfd+nfuPblsyD2owTIEIwwL9OZEHiu56sYKkH5yFzk=
Subject key identifier:   FA:E0:14:64:A6:95:B0:F6:F5:2F:51:1B:CC:12:40:FA:28:4D:3D:CF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942748683D92A5B52DA89C72E47501701C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/1-uAUZKaVsPb1L1EbzBJA-ihNPc8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 13:50:44 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 91.220.2.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:48:68:3d:92:a5:b5:2d:a8:9c:72:e4:75:01:70:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 13:50:44 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fae01464a695b0f6f52f511bcc1240fa284d3dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:db:7b:c6:5d:66:0e:ed:1c:5f:d5:14:ce:1e:
                    d3:57:c3:33:36:6d:23:85:bd:98:0f:58:56:9d:ef:
                    10:c7:bb:3a:56:68:cd:86:bd:ea:97:a1:49:d6:ef:
                    14:4c:84:80:b5:46:38:55:9b:cc:9c:8c:87:92:ff:
                    66:d6:53:92:18:66:fc:79:d6:b0:a5:89:ea:15:d8:
                    06:24:c0:aa:1d:d5:71:a7:f9:84:4a:81:49:29:65:
                    1c:5c:0e:9a:73:9f:48:c9:17:fc:94:fc:48:62:22:
                    42:96:55:a2:02:cb:8a:69:05:d3:a4:89:2f:84:c1:
                    2d:ac:0f:3d:58:90:fe:bf:4b:37:04:f0:3f:1f:51:
                    6f:cc:64:26:7b:d8:67:6c:70:15:5c:16:2a:be:11:
                    85:a4:0e:85:11:40:0a:cb:47:05:e8:2f:e0:95:cb:
                    6e:f8:61:0a:d5:58:83:c3:23:c9:d5:51:36:b3:03:
                    72:c6:b6:2b:ff:8c:53:ae:48:39:47:5a:5f:5e:1f:
                    c1:75:14:44:f1:10:68:06:a2:45:23:3b:55:47:a8:
                    7f:f1:8d:5d:c0:b1:f6:39:a1:44:08:e9:ae:32:03:
                    d0:d7:58:9c:54:ca:53:73:06:02:5b:ed:13:df:65:
                    06:46:ea:eb:62:48:81:3a:6b:cf:2a:cc:dc:58:cc:
                    2f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:E0:14:64:A6:95:B0:F6:F5:2F:51:1B:CC:12:40:FA:28:4D:3D:CF
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/1-uAUZKaVsPb1L1EbzBJA-ihNPc8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:ed:0f:b5:97:13:b4:a8:9c:3a:e8:e3:03:c3:62:7c:44:0e:
         81:74:fd:c0:aa:3e:16:a5:89:c3:73:16:c8:04:27:50:87:33:
         cf:7f:c5:15:4c:97:49:27:c7:28:dd:33:ad:cc:ba:f2:5a:3c:
         73:2b:12:74:07:bb:77:09:38:31:91:82:38:ff:50:0e:97:3d:
         93:5b:0b:73:28:dc:b0:e7:22:50:d7:55:33:f1:3b:44:b1:51:
         55:2c:94:59:10:3b:77:44:4b:56:6f:c1:e6:6d:fe:ad:7e:12:
         de:af:2b:97:65:69:f3:7c:ab:0c:8e:9a:80:9d:1f:50:f1:d5:
         51:d5:b0:1e:17:37:30:fc:08:95:85:c0:f8:a6:d3:78:a2:7d:
         4d:f3:3f:05:8e:22:be:2e:79:ea:31:2b:bd:ad:9b:25:c9:db:
         89:9d:87:b5:fa:85:51:cf:c5:4a:e3:34:eb:94:09:cd:d8:54:
         e7:03:4a:a8:3c:16:91:e4:1d:13:f3:6e:ea:ce:6f:75:d0:5e:
         89:c6:8c:3f:c7:ca:11:52:2d:af:dc:af:ec:c2:7f:e7:3e:da:
         40:4e:22:c9:ff:89:b8:69:b6:dc:fa:73:3b:e1:ce:9b:74:74:
         44:38:b5:f9:e3:6b:db:13:f1:ad:e0:a6:ed:2e:13:31:83:dc:
         d7:af:a1:05
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQnSGg9kqW1LaiccuR1AXAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWUwMTQ2NGE2OTViMGY2ZjUyZjUxMWJjYzEyNDBmYTI4NGQzZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdt7xl1mDu0cX9UUzh7TV8MzNm0j
hb2YD1hWne8Qx7s6VmjNhr3ql6FJ1u8UTISAtUY4VZvMnIyHkv9m1lOSGGb8edaw
pYnqFdgGJMCqHdVxp/mESoFJKWUcXA6ac59IyRf8lPxIYiJCllWiAsuKaQXTpIkv
hMEtrA89WJD+v0s3BPA/H1FvzGQme9hnbHAVXBYqvhGFpA6FEUAKy0cF6C/glctu
+GEK1ViDwyPJ1VE2swNyxrYr/4xTrkg5R1pfXh/BdRRE8RBoBqJFIztVR6h/8Y1d
wLH2OaFECOmuMgPQ11icVMpTcwYCW+0T32UGRurrYkiBOmvPKszcWMwvfQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFPrgFGSmlbD29S9RG8wSQPooTT3PMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzFjNjcw
NC01MTBhLTQ4MDAtYTg5MC0zMjM1MmY5NmE2MjEvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvMWM2NzA0
LTUxMGEtNDgwMC1hODkwLTMyMzUyZjk2YTYyMS8xLzEtdUFVWkthVnNQYjFMMUVi
ekJKQS1paE5QYzgubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcAjANBgkqhkiG9w0BAQsFAAOCAQEAQO0P
tZcTtKicOujjA8NifEQOgXT9wKo+FqWJw3MWyAQnUIczz3/FFUyXSSfHKN0zrcy6
8lo8cysSdAe7dwk4MZGCOP9QDpc9k1sLcyjcsOciUNdVM/E7RLFRVSyUWRA7d0RL
Vm/B5m3+rX4S3q8rl2Vp83yrDI6agJ0fUPHVUdWwHhc3MPwIlYXA+KbTeKJ9TfM/
BY4ivi556jErva2bJcnbiZ2HtfqFUc/FSuM065QJzdhU5wNKqDwWkeQdE/Nu6s5v
ddBeicaMP8fKEVItr9yv7MJ/5z7aQE4iyf+JuGm23PpzO+HOm3R0RDi1+eNr2xPx
reCm7S4TMYPc16+hBQ==
-----END CERTIFICATE-----