Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4SGVC1Am_t2W9uUCmPkLrC28T-I.cer
File:                     4SGVC1Am_t2W9uUCmPkLrC28T-I.cer (raw, json)
Hash identifier:          jKI+ldOU0RQJp2VFUIUohT3SiEVsKziM2Gtgo5nIHjM=
Subject key identifier:   E1:21:95:0B:50:26:FE:DD:96:F6:E5:02:98:F9:0B:AC:2D:BC:4F:E2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA996520C7A019C79F7AD0D56E441A01
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/97/67547d-4cef-423f-87d9-82b0bbc6799f/1/4SGVC1Am_t2W9uUCmPkLrC28T-I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/97/67547d-4cef-423f-87d9-82b0bbc6799f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 14:34:59 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215843

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:65:20:c7:a0:19:c7:9f:7a:d0:d5:6e:44:1a:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:34:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e121950b5026fedd96f6e50298f90bac2dbc4fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cc:7b:77:9d:24:6e:08:98:2b:0f:4f:bd:6f:
                    9c:b0:2e:fb:17:b3:5d:77:9a:d4:35:5c:28:aa:c8:
                    9e:2b:2e:42:6e:6f:d1:17:f6:ff:7d:40:d8:0d:9d:
                    87:76:d3:7b:d4:b4:73:55:a1:5a:9a:b2:0a:a2:74:
                    28:da:dd:04:11:4b:c1:17:15:37:6c:55:9d:17:4c:
                    a0:78:c9:b6:69:df:fa:c8:f3:8c:62:3b:b8:0a:7f:
                    1d:1b:0e:f0:d8:12:98:f8:51:d6:5a:39:10:a1:5c:
                    b4:14:c7:2d:70:dd:14:c6:fd:1f:23:a4:fe:c0:b9:
                    bf:e6:d9:0f:e4:a4:6f:72:0f:1d:c5:9a:37:24:49:
                    f7:a7:97:e6:75:e0:4d:83:07:52:ae:ea:ab:45:9d:
                    fd:4f:95:6f:cd:4b:8a:13:30:40:c0:07:42:a1:a5:
                    00:1e:17:53:67:68:35:04:61:8a:7e:15:a1:31:7f:
                    ab:28:11:73:d6:bf:75:85:d9:7b:1d:08:97:ce:d4:
                    90:a8:45:d3:cc:f9:d7:f9:ae:8f:4f:cc:b5:04:18:
                    69:61:38:d0:29:15:74:3c:54:42:5e:0a:1a:86:3c:
                    18:84:88:93:05:e4:96:64:4b:0f:94:53:a3:18:88:
                    1e:fe:db:36:70:3b:01:33:5b:93:ba:a6:7b:63:77:
                    14:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:21:95:0B:50:26:FE:DD:96:F6:E5:02:98:F9:0B:AC:2D:BC:4F:E2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/67547d-4cef-423f-87d9-82b0bbc6799f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/67547d-4cef-423f-87d9-82b0bbc6799f/1/4SGVC1Am_t2W9uUCmPkLrC28T-I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215843

    Signature Algorithm: sha256WithRSAEncryption
         88:a7:32:ea:9c:cd:f5:46:d9:43:75:4a:7d:58:f9:ab:51:1e:
         7b:21:45:67:4f:cd:2e:64:fc:bb:9e:ef:ae:ef:5d:75:ec:0d:
         9f:75:15:46:6a:54:77:bb:6a:0c:2d:7c:d8:37:1f:0f:90:5d:
         b7:69:ee:4e:f6:26:da:cc:ee:81:b9:aa:58:7b:05:95:e3:0b:
         53:6c:f4:a6:2f:40:9f:90:43:f8:17:4d:0e:25:e2:eb:83:df:
         25:a0:e4:14:8f:47:6b:1b:4b:5b:07:ca:5c:24:d6:99:34:59:
         bd:7b:80:39:61:ee:27:00:20:2e:8c:a2:e2:06:d3:c1:77:c4:
         f4:4b:35:52:01:d5:92:1a:25:50:14:88:4b:22:e8:2b:d2:0d:
         d4:4e:9b:20:cf:f7:a1:91:38:e8:f6:26:89:af:b1:36:ff:bf:
         78:3b:5a:57:7d:cf:93:39:d2:59:ca:7a:e7:a2:f7:11:df:8e:
         7a:f0:f3:ef:c4:6b:7f:34:ef:2d:e5:7b:ca:0b:37:e6:60:74:
         40:7f:db:c4:35:5b:4f:a7:a6:2d:9f:ef:47:5b:12:a7:04:f9:
         c8:1d:11:4a:ea:ba:f6:b7:f1:f5:cc:ef:55:fa:6a:da:59:92:
         e2:78:61:c6:d0:0f:dd:94:9d:72:2e:13:9a:85:07:ae:ac:da:
         e3:72:77:87
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzKmWUgx6AZx5960NVuRBoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTIxOTUwYjUwMjZmZWRkOTZmNmU1MDI5OGY5MGJhYzJkYmM0ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsx7d50kbgiYKw9PvW+csC77F7Nd
d5rUNVwoqsieKy5Cbm/RF/b/fUDYDZ2HdtN71LRzVaFamrIKonQo2t0EEUvBFxU3
bFWdF0ygeMm2ad/6yPOMYju4Cn8dGw7w2BKY+FHWWjkQoVy0FMctcN0Uxv0fI6T+
wLm/5tkP5KRvcg8dxZo3JEn3p5fmdeBNgwdSruqrRZ39T5VvzUuKEzBAwAdCoaUA
HhdTZ2g1BGGKfhWhMX+rKBFz1r91hdl7HQiXztSQqEXTzPnX+a6PT8y1BBhpYTjQ
KRV0PFRCXgoahjwYhIiTBeSWZEsPlFOjGIge/ts2cDsBM1uTuqZ7Y3cU+wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOEhlQtQJv7dlvblApj5C6wtvE/iMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk3LzY3NTQ3
ZC00Y2VmLTQyM2YtODdkOS04MmIwYmJjNjc5OWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcvNjc1NDdk
LTRjZWYtNDIzZi04N2Q5LTgyYjBiYmM2Nzk5Zi8xLzRTR1ZDMUFtX3QyVzl1VUNt
UGtMckMyOFQtSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNLIzANBgkqhkiG9w0BAQsFAAOCAQEAiKcy6pzN9UbZ
Q3VKfVj5q1EeeyFFZ0/NLmT8u57vru9ddewNn3UVRmpUd7tqDC182DcfD5Bdt2nu
TvYm2szugbmqWHsFleMLU2z0pi9An5BD+BdNDiXi64PfJaDkFI9HaxtLWwfKXCTW
mTRZvXuAOWHuJwAgLoyi4gbTwXfE9Es1UgHVkholUBSISyLoK9IN1E6bIM/3oZE4
6PYmia+xNv+/eDtaV33PkznSWcp656L3Ed+OevDz78RrfzTvLeV7ygs35mB0QH/b
xDVbT6emLZ/vR1sSpwT5yB0RSuq69rfx9czvVfpq2lmS4nhhxtAP3ZSdci4TmoUH
rqza43J3hw==
-----END CERTIFICATE-----