Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1jnNdVO9fqPNiOrAJgXqpDBtjyc.cer
File:                     1jnNdVO9fqPNiOrAJgXqpDBtjyc.cer (raw, json)
Hash identifier:          bUwAYCLiKfHmrgp3uM4XXHQBepFQhyKDg/7/1HMm4Fw=
Subject key identifier:   D6:39:CD:75:53:BD:7E:A3:CD:88:EA:C0:26:05:EA:A4:30:6D:8F:27
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56E315949FFD2480CDCE05050F373DC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/44/1063dd-a551-4164-8106-119011f91fec/1/1jnNdVO9fqPNiOrAJgXqpDBtjyc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/44/1063dd-a551-4164-8106-119011f91fec/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:29:42 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198079

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:31:59:49:ff:d2:48:0c:dc:e0:50:50:f3:73:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d639cd7553bd7ea3cd88eac02605eaa4306d8f27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:98:6a:43:5a:bb:76:6b:94:7d:4a:8f:6a:45:
                    91:54:3f:23:79:8a:7a:bb:33:c4:22:cb:cf:83:ef:
                    7a:1e:48:d5:59:8e:83:3a:4f:27:d8:53:48:ae:50:
                    12:af:02:a9:63:b2:39:9c:ff:33:a8:c5:9a:71:ab:
                    65:03:ad:89:0c:27:a0:8a:e1:24:43:2d:62:90:ae:
                    47:37:d7:53:36:10:b7:8e:49:dc:c4:4a:5b:45:9a:
                    c1:c5:c7:75:51:b3:97:aa:8b:55:7f:d3:11:fe:2d:
                    dd:4b:56:74:70:a7:13:33:a2:ba:e8:c1:4e:12:47:
                    f7:97:71:d2:17:7b:be:15:9f:bc:be:85:c1:f6:f9:
                    c5:71:7a:eb:16:c0:6e:2e:49:3a:2d:f6:60:21:17:
                    1f:d8:e9:cd:7a:40:db:33:15:85:4b:0d:5a:3d:f1:
                    c4:62:33:49:21:d7:38:19:27:90:c8:f2:aa:f6:11:
                    25:31:b3:d7:86:e7:07:1c:9f:76:43:51:b5:95:f3:
                    7b:37:36:80:6b:15:55:ab:e2:ef:f1:7a:c5:51:1e:
                    1d:d0:97:84:c2:34:27:ed:41:56:56:5f:ca:a8:c0:
                    1c:ba:e8:ba:4c:e2:1d:3b:d9:de:ad:47:ab:3c:66:
                    8a:7a:ca:aa:ce:2b:32:eb:b9:3f:25:53:2f:30:15:
                    9e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:39:CD:75:53:BD:7E:A3:CD:88:EA:C0:26:05:EA:A4:30:6D:8F:27
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1063dd-a551-4164-8106-119011f91fec/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1063dd-a551-4164-8106-119011f91fec/1/1jnNdVO9fqPNiOrAJgXqpDBtjyc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198079

    Signature Algorithm: sha256WithRSAEncryption
         01:7e:2b:06:6e:6f:b7:12:25:30:a1:87:e3:7e:09:80:3a:07:
         ac:6e:33:37:d3:b2:75:fd:bc:1a:4e:d0:81:40:d7:1e:37:22:
         0d:b5:1b:b5:58:11:fa:17:68:18:dc:e7:35:64:7c:14:d6:32:
         b3:52:1c:84:4e:ec:32:9c:1b:df:01:f6:5d:77:bc:e0:c4:5f:
         f8:e5:e2:38:33:eb:01:8a:4b:b5:fc:e6:df:97:ad:21:20:3f:
         4e:65:b8:39:6b:a4:35:58:b1:a1:96:95:7d:d6:cd:d5:7f:87:
         40:a2:2c:12:e8:fd:15:a7:04:17:6e:d6:be:99:c0:5a:e4:2e:
         f8:df:d9:a0:b2:af:ad:5b:bb:04:aa:a4:38:cb:7d:33:14:30:
         d9:b8:61:c3:b8:b3:dd:62:bd:1f:f7:3b:0a:26:90:67:f9:66:
         12:0a:38:6b:81:01:7a:d8:86:ad:0a:71:65:31:86:b3:bb:9c:
         74:65:41:35:46:77:93:b5:74:ff:40:f2:cf:f1:c5:ec:f9:fc:
         c0:f7:6a:54:7e:00:c2:c0:c7:55:e0:b1:33:9a:43:ff:56:02:
         cf:cd:31:8e:e5:cc:bf:76:6e:e4:19:31:bd:20:26:ad:ad:69:
         c0:d1:86:c8:fe:3c:0c:c0:99:c1:8c:1d:4b:8f:3c:6e:51:92:
         34:81:a9:40
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzFbjFZSf/SSAzc4FBQ83PcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM5Y2Q3NTUzYmQ3ZWEzY2Q4OGVhYzAyNjA1ZWFhNDMwNmQ4ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtphqQ1q7dmuUfUqPakWRVD8jeYp6
uzPEIsvPg+96HkjVWY6DOk8n2FNIrlASrwKpY7I5nP8zqMWacatlA62JDCegiuEk
Qy1ikK5HN9dTNhC3jkncxEpbRZrBxcd1UbOXqotVf9MR/i3dS1Z0cKcTM6K66MFO
Ekf3l3HSF3u+FZ+8voXB9vnFcXrrFsBuLkk6LfZgIRcf2OnNekDbMxWFSw1aPfHE
YjNJIdc4GSeQyPKq9hElMbPXhucHHJ92Q1G1lfN7NzaAaxVVq+Lv8XrFUR4d0JeE
wjQn7UFWVl/KqMAcuui6TOIdO9nerUerPGaKesqqzisy67k/JVMvMBWeoQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNY5zXVTvX6jzYjqwCYF6qQwbY8nMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0LzEwNjNk
ZC1hNTUxLTQxNjQtODEwNi0xMTkwMTFmOTFmZWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMTA2M2Rk
LWE1NTEtNDE2NC04MTA2LTExOTAxMWY5MWZlYy8xLzFqbk5kVk85ZnFQTmlPckFK
Z1hxcERCdGp5Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMFvzANBgkqhkiG9w0BAQsFAAOCAQEAAX4rBm5vtxIl
MKGH434JgDoHrG4zN9Oydf28Gk7QgUDXHjciDbUbtVgR+hdoGNznNWR8FNYys1Ic
hE7sMpwb3wH2XXe84MRf+OXiODPrAYpLtfzm35etISA/TmW4OWukNVixoZaVfdbN
1X+HQKIsEuj9FacEF27WvpnAWuQu+N/ZoLKvrVu7BKqkOMt9MxQw2bhhw7iz3WK9
H/c7CiaQZ/lmEgo4a4EBetiGrQpxZTGGs7ucdGVBNUZ3k7V0/0Dyz/HF7Pn8wPdq
VH4AwsDHVeCxM5pD/1YCz80xjuXMv3Zu5BkxvSAmra1pwNGGyP48DMCZwYwdS488
blGSNIGpQA==
-----END CERTIFICATE-----