Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5frVG_rdJFMhvgkuaB2N5uLSdcM.cer
File:                     5frVG_rdJFMhvgkuaB2N5uLSdcM.cer (raw, json)
Hash identifier:          reyLD/qjvSUclKHwQ51Jn/zLZA2j5KhNBAN2wLZ6B6c=
Subject key identifier:   E5:FA:D5:1B:FA:DD:24:53:21:BE:09:2E:68:1D:8D:E6:E2:D2:75:C3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018DA37857C2B7631F38FDB4DF27A0953F44
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/5frVG_rdJFMhvgkuaB2N5uLSdcM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 13 Feb 2024 17:16:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216123

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a3:78:57:c2:b7:63:1f:38:fd:b4:df:27:a0:95:3f:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 13 17:16:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e5fad51bfadd245321be092e681d8de6e2d275c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:cc:3a:fb:12:7f:b2:0f:46:7f:73:7c:88:45:
                    b5:93:6f:ed:df:96:ff:82:33:6f:cf:68:6b:7e:08:
                    59:59:04:72:3b:75:1d:fe:2d:a3:f0:63:0f:57:f4:
                    9b:9d:f1:a8:e3:49:76:6e:e1:ae:5f:92:f2:ba:cc:
                    8e:d1:27:54:7c:7b:83:85:aa:7f:35:c7:89:56:e5:
                    c8:ec:3a:8b:ce:54:10:3a:60:01:75:ba:ad:ca:ad:
                    7e:5d:cf:ad:75:17:48:c1:9c:d3:52:5b:11:f2:b6:
                    f4:c0:bc:64:80:1b:3b:3c:40:83:e5:34:82:9b:27:
                    e9:72:30:ff:12:a4:f8:79:d9:7b:a4:d6:1d:f4:b7:
                    bf:26:d9:64:db:02:27:02:65:ed:a4:ea:b7:0d:cf:
                    5e:bd:b2:4c:01:62:59:a0:b8:ad:a1:8c:1e:4a:c7:
                    0d:49:0d:e1:a7:90:3c:53:6a:a4:4d:25:61:e5:ed:
                    99:1b:80:8d:d8:11:df:94:15:f8:f0:45:3f:a0:14:
                    c4:26:77:40:2c:2e:32:ea:ba:41:a2:0f:29:ce:09:
                    31:b0:40:af:ce:fe:e8:90:f0:ea:7f:1d:2c:50:ba:
                    40:bf:5b:2b:52:67:50:d3:af:d6:db:c3:96:62:32:
                    38:4a:f9:83:58:78:0c:ec:cb:54:05:51:8c:94:0f:
                    1a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:FA:D5:1B:FA:DD:24:53:21:BE:09:2E:68:1D:8D:E6:E2:D2:75:C3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/5frVG_rdJFMhvgkuaB2N5uLSdcM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216123

    Signature Algorithm: sha256WithRSAEncryption
         af:71:15:9f:32:17:f0:22:bb:cc:80:f7:52:2d:45:97:d1:7a:
         bb:35:05:ad:66:22:33:a5:13:9e:0a:fa:0d:5e:93:3d:f2:25:
         88:3b:21:ca:8b:56:64:38:ca:82:bc:ed:cd:2a:20:83:0d:75:
         c0:f0:17:d1:48:0c:5e:ea:45:bc:a3:52:4b:cb:4f:d2:3c:40:
         85:9b:42:72:14:63:19:6c:7d:3f:93:af:ff:70:ff:66:66:34:
         4a:9b:bf:4d:bf:f4:7f:52:f6:b9:14:5e:b4:b0:ae:29:8f:4e:
         d6:52:9d:91:e0:e5:54:63:40:e5:a5:16:af:ce:ac:f5:e3:5c:
         a7:20:10:17:ad:1d:89:b1:07:86:40:cb:06:57:93:87:54:e1:
         e6:49:3f:fd:77:d8:0f:23:f3:97:b6:86:62:d5:60:30:f7:09:
         9e:6f:6f:d9:4a:1a:04:da:13:69:4c:19:3b:e6:89:e1:fb:f2:
         2b:c4:f8:e2:90:e9:e4:48:48:5d:fc:2a:7f:ec:db:44:e0:1f:
         18:37:03:50:72:5e:a5:37:a1:8d:1e:38:74:ed:30:36:ec:a0:
         f1:bd:d4:e7:90:ba:d0:30:ea:d9:43:16:1f:e4:24:b4:e8:8c:
         36:79:ab:b3:2a:0a:83:93:75:91:d4:85:28:70:4a:ad:5f:cb:
         de:fd:cc:3a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY2jeFfCt2MfOP203yeglT9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjEzMTcxNjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZhZDUxYmZhZGQyNDUzMjFiZTA5MmU2ODFkOGRlNmUyZDI3NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18w6+xJ/sg9Gf3N8iEW1k2/t35b/
gjNvz2hrfghZWQRyO3Ud/i2j8GMPV/SbnfGo40l2buGuX5LyusyO0SdUfHuDhap/
NceJVuXI7DqLzlQQOmABdbqtyq1+Xc+tdRdIwZzTUlsR8rb0wLxkgBs7PECD5TSC
myfpcjD/EqT4edl7pNYd9Le/Jtlk2wInAmXtpOq3Dc9evbJMAWJZoLitoYweSscN
SQ3hp5A8U2qkTSVh5e2ZG4CN2BHflBX48EU/oBTEJndALC4y6rpBog8pzgkxsECv
zv7okPDqfx0sULpAv1srUmdQ06/W28OWYjI4SvmDWHgM7MtUBVGMlA8akwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOX61Rv63SRTIb4JLmgdjebi0nXDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5LzAyMGI3
YS03NGEzLTQ1OTQtOWM0Ni1kNWJkYjYzOWZiY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvMDIwYjdh
LTc0YTMtNDU5NC05YzQ2LWQ1YmRiNjM5ZmJjYS8xLzVmclZHX3JkSkZNaHZna3Vh
QjJONXVMU2RjTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNMOzANBgkqhkiG9w0BAQsFAAOCAQEAr3EVnzIX8CK7
zID3Ui1Fl9F6uzUFrWYiM6UTngr6DV6TPfIliDshyotWZDjKgrztzSoggw11wPAX
0UgMXupFvKNSS8tP0jxAhZtCchRjGWx9P5Ov/3D/ZmY0Spu/Tb/0f1L2uRRetLCu
KY9O1lKdkeDlVGNA5aUWr86s9eNcpyAQF60dibEHhkDLBleTh1Th5kk//XfYDyPz
l7aGYtVgMPcJnm9v2UoaBNoTaUwZO+aJ4fvyK8T44pDp5EhIXfwqf+zbROAfGDcD
UHJepTehjR44dO0wNuyg8b3U55C60DDq2UMWH+QktOiMNnmrsyoKg5N1kdSFKHBK
rV/L3v3MOg==
-----END CERTIFICATE-----