Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
File:                     3tvumMupuOYloRR7s7VRl9LQoFc.cer (raw, json)
Hash identifier:          LceHPyKyCQILBp/WHUvpX+JeVYJ3ERw6V8u2/9JNejc=
Subject key identifier:   DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC501038058D5174E7C7BE32C81964280
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 12:30:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 48297

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:03:80:58:d5:17:4e:7c:7b:e3:2c:81:96:42:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:30:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6d:20:44:e2:f0:82:3d:aa:54:5e:66:90:3f:
                    7b:6d:d6:f0:00:84:89:46:43:c2:5e:89:3c:53:1d:
                    50:2a:2d:6b:5a:4a:2f:b3:a8:a1:25:91:8f:8d:3c:
                    bd:dd:c7:c1:70:b6:78:4c:03:11:d4:60:af:77:1b:
                    61:93:c6:3d:9e:c4:bf:66:66:6c:4f:a8:ab:52:6c:
                    8b:0f:06:d7:1e:f4:07:9c:99:9b:b3:a4:42:52:98:
                    70:cc:eb:5a:88:94:ac:c9:ea:84:1a:d6:33:a6:45:
                    df:ea:a2:63:1c:2f:df:97:0b:a4:b7:bc:ee:bd:f8:
                    3a:51:69:c9:0a:f0:a6:f3:9f:fb:64:7d:35:1e:ff:
                    4a:32:57:49:59:83:84:65:91:14:cc:48:9a:34:a3:
                    d4:fa:78:b8:f1:8a:0e:f5:af:a5:8c:fd:12:17:ad:
                    76:83:62:8b:86:f3:96:0b:e1:a8:45:5b:bf:cb:0a:
                    21:08:19:b2:8c:a3:14:6a:98:03:43:85:79:6b:d7:
                    23:a6:8d:d7:77:f7:2f:b3:3e:f5:cb:2c:e1:8e:11:
                    f2:8c:56:db:03:74:0a:c7:91:c7:13:bd:22:82:17:
                    6a:40:5d:dc:1a:08:f6:3f:5e:34:7c:78:c8:6b:95:
                    63:b6:46:1f:1b:46:2d:0a:79:fc:46:35:e3:80:52:
                    e5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48297

    Signature Algorithm: sha256WithRSAEncryption
         60:d4:e5:ba:07:b8:21:3e:cd:b8:c1:bc:3a:03:41:25:c7:3c:
         9a:8f:17:35:77:81:19:71:2b:13:e0:85:b8:e9:40:c7:9c:53:
         4d:24:42:3c:4a:af:77:0f:9c:d1:68:04:be:a2:75:88:44:1d:
         06:e2:71:bd:fe:b4:4b:3a:23:3b:f9:44:39:81:b6:76:67:18:
         2d:6d:34:5d:30:55:31:82:5b:20:a1:1c:6a:e4:f7:f9:f7:ce:
         71:6d:a1:9e:f9:63:2e:50:d0:19:90:0a:48:5c:f9:0f:a4:5a:
         3a:f7:d9:fc:2c:a5:76:ff:28:e9:9d:75:1e:d5:45:84:b0:24:
         26:58:53:08:d9:18:8f:0b:18:d9:17:64:6e:09:14:45:22:ae:
         02:39:28:84:74:41:89:b6:da:27:42:88:be:49:e2:7a:a4:67:
         41:ad:7f:3b:24:aa:c2:23:d7:0c:d4:13:08:50:6d:24:00:b6:
         59:23:f5:2a:96:2f:86:ee:1d:4e:34:c5:e0:d0:4b:93:19:e0:
         2e:08:26:23:e0:dd:76:e2:6f:d5:0b:90:78:16:33:b4:18:58:
         22:f2:4a:ad:57:4b:e9:79:dd:ed:eb:88:d2:04:ba:b7:cd:04:
         a1:b4:7a:3f:66:be:07:0d:06:72:e1:29:ed:1e:4f:ef:59:88:
         e1:dd:43:1b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzFAQOAWNUXTnx74yyBlkKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRiZWU5OGNiYTliOGU2MjVhMTE0N2JiM2I1NTE5N2QyZDBhMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs20gROLwgj2qVF5mkD97bdbwAISJ
RkPCXok8Ux1QKi1rWkovs6ihJZGPjTy93cfBcLZ4TAMR1GCvdxthk8Y9nsS/ZmZs
T6irUmyLDwbXHvQHnJmbs6RCUphwzOtaiJSsyeqEGtYzpkXf6qJjHC/flwukt7zu
vfg6UWnJCvCm85/7ZH01Hv9KMldJWYOEZZEUzEiaNKPU+ni48YoO9a+ljP0SF612
g2KLhvOWC+GoRVu/ywohCBmyjKMUapgDQ4V5a9cjpo3Xd/cvsz71yyzhjhHyjFbb
A3QKx5HHE70ighdqQF3cGgj2P140fHjIa5VjtkYfG0YtCnn8RjXjgFLl6QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFN7b7pjLqbjmJaEUe7O1UZfS0KBXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q4LzBlZjY3
OC03ODcwLTRlMDgtYWIyNS0xOGYwYjgwZjI1MGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgvMGVmNjc4
LTc4NzAtNGUwOC1hYjI1LTE4ZjBiODBmMjUwZC8xLzN0dnVtTXVwdU9ZbG9SUjdz
N1ZSbDlMUW9GYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC8qTANBgkqhkiG9w0BAQsFAAOCAQEAYNTluge4IT7N
uMG8OgNBJcc8mo8XNXeBGXErE+CFuOlAx5xTTSRCPEqvdw+c0WgEvqJ1iEQdBuJx
vf60SzojO/lEOYG2dmcYLW00XTBVMYJbIKEcauT3+ffOcW2hnvljLlDQGZAKSFz5
D6RaOvfZ/Cyldv8o6Z11HtVFhLAkJlhTCNkYjwsY2RdkbgkURSKuAjkohHRBibba
J0KIvknieqRnQa1/OySqwiPXDNQTCFBtJAC2WSP1KpYvhu4dTjTF4NBLkxngLggm
I+DdduJv1QuQeBYztBhYIvJKrVdL6Xnd7euI0gS6t80EobR6P2a+Bw0GcuEp7R5P
71mI4d1DGw==
-----END CERTIFICATE-----