Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5sb6_bae4Rba7mdCy2I0gV324no.cer
File:                     5sb6_bae4Rba7mdCy2I0gV324no.cer (raw, json)
Hash identifier:          KD/0PE5K9uq6/5yDp/IsJQea6ZwaPelnTf+uvA5u/EQ=
Subject key identifier:   E6:C6:FA:FD:B6:9E:E1:16:DA:EE:67:42:CB:62:34:81:5D:F6:E2:7A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC500095D9770B35013B39240B0DF083C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/91/cd5188-1700-48ef-b086-ca3133d218af/1/5sb6_bae4Rba7mdCy2I0gV324no.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/91/cd5188-1700-48ef-b086-ca3133d218af/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 12:29:23 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 212242

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:09:5d:97:70:b3:50:13:b3:92:40:b0:df:08:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e6c6fafdb69ee116daee6742cb6234815df6e27a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e3:52:85:b7:cf:74:90:a4:21:76:71:2d:41:
                    55:1d:08:75:dc:ef:c2:08:84:a8:44:c3:ee:32:3d:
                    e1:e1:ad:3b:ae:fe:a5:0f:67:df:cf:9e:1a:16:a3:
                    e5:4c:a3:dc:3e:13:02:35:82:85:48:3e:2d:54:1a:
                    13:28:42:1b:10:d6:71:11:42:bf:4a:85:96:60:a0:
                    ac:54:fe:aa:ad:c1:f1:6b:f2:d3:55:df:30:8d:f2:
                    78:4d:33:c9:04:36:5f:2f:49:38:5b:5f:32:44:2b:
                    2a:43:2c:9e:cd:7f:57:97:cc:31:7e:e4:7f:81:a6:
                    c5:6b:63:b5:36:38:34:c9:33:c6:1f:4e:86:0e:c5:
                    72:70:87:a6:62:ab:26:fa:21:1b:70:65:fe:c4:53:
                    80:f1:94:e2:c6:bc:71:57:69:f3:4c:5a:b6:b5:58:
                    e0:1a:29:25:6e:23:ba:9b:19:5b:1e:57:e8:a4:22:
                    f6:4b:ed:ee:89:f7:08:04:b1:ba:89:06:3d:3a:d1:
                    da:d9:e9:71:e7:97:f7:85:0a:dc:1f:95:4c:c2:53:
                    bf:29:3e:c6:9a:92:c0:44:98:78:e4:fc:f4:82:5e:
                    6d:75:f8:4f:f3:3c:b3:95:7c:43:77:84:4a:66:38:
                    92:87:b1:ac:83:6c:10:df:4d:ca:29:e1:67:7a:89:
                    1d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:C6:FA:FD:B6:9E:E1:16:DA:EE:67:42:CB:62:34:81:5D:F6:E2:7A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/cd5188-1700-48ef-b086-ca3133d218af/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/cd5188-1700-48ef-b086-ca3133d218af/1/5sb6_bae4Rba7mdCy2I0gV324no.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212242

    Signature Algorithm: sha256WithRSAEncryption
         31:33:24:2d:ba:96:ad:8c:68:69:65:1b:db:a6:c9:bb:58:6e:
         cc:f7:fa:44:21:94:57:57:34:d1:5e:c7:01:08:3a:e3:d5:78:
         d4:88:94:c7:a9:ae:d8:85:33:02:ba:be:32:14:b3:d6:2e:49:
         59:b1:92:c7:13:9e:6e:3b:53:f1:8f:0e:8f:ed:ae:c3:d1:bb:
         d0:b9:21:0e:ca:f6:46:74:75:fe:9d:1a:65:a8:9a:12:db:5a:
         b8:90:a0:9c:a3:dd:11:fd:4f:23:62:da:83:91:28:92:17:60:
         48:85:d7:e0:b7:3a:cc:73:04:da:e8:28:46:a4:14:1a:65:40:
         ec:dd:65:fd:10:a9:c9:62:ee:0f:5c:9b:c3:e0:db:52:d5:e8:
         a4:01:76:9a:fe:48:3d:cd:5f:82:0d:a4:bd:a0:0f:fb:3c:d8:
         3d:e2:49:fd:04:f3:c4:80:01:36:36:16:23:c5:3d:22:47:83:
         a8:0b:fb:d8:66:26:d9:53:ed:7e:57:0f:06:9f:1b:15:c3:aa:
         8c:5f:4f:82:da:8c:58:be:28:0f:24:13:ea:1d:98:e0:6c:8b:
         8c:9c:89:e1:09:39:f2:2f:4f:9d:4b:3c:46:68:12:7f:8b:c9:
         8b:db:88:0b:48:17:73:2e:f9:57:28:e3:bf:68:9d:6a:6a:8b:
         d2:ac:14:fe
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzFAAldl3CzUBOzkkCw3wg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM2ZmFmZGI2OWVlMTE2ZGFlZTY3NDJjYjYyMzQ4MTVkZjZlMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ONShbfPdJCkIXZxLUFVHQh13O/C
CISoRMPuMj3h4a07rv6lD2ffz54aFqPlTKPcPhMCNYKFSD4tVBoTKEIbENZxEUK/
SoWWYKCsVP6qrcHxa/LTVd8wjfJ4TTPJBDZfL0k4W18yRCsqQyyezX9Xl8wxfuR/
gabFa2O1Njg0yTPGH06GDsVycIemYqsm+iEbcGX+xFOA8ZTixrxxV2nzTFq2tVjg
GiklbiO6mxlbHlfopCL2S+3uifcIBLG6iQY9OtHa2elx55f3hQrcH5VMwlO/KT7G
mpLARJh45Pz0gl5tdfhP8zyzlXxDd4RKZjiSh7Gsg2wQ303KKeFneokddwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFObG+v22nuEW2u5nQstiNIFd9uJ6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxL2NkNTE4
OC0xNzAwLTQ4ZWYtYjA4Ni1jYTMxMzNkMjE4YWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEvY2Q1MTg4
LTE3MDAtNDhlZi1iMDg2LWNhMzEzM2QyMThhZi8xLzVzYjZfYmFlNFJiYTdtZEN5
MkkwZ1YzMjRuby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM9EjANBgkqhkiG9w0BAQsFAAOCAQEAMTMkLbqWrYxo
aWUb26bJu1huzPf6RCGUV1c00V7HAQg649V41IiUx6mu2IUzArq+MhSz1i5JWbGS
xxOebjtT8Y8Oj+2uw9G70LkhDsr2RnR1/p0aZaiaEttauJCgnKPdEf1PI2Lag5Eo
khdgSIXX4Lc6zHME2ugoRqQUGmVA7N1l/RCpyWLuD1ybw+DbUtXopAF2mv5IPc1f
gg2kvaAP+zzYPeJJ/QTzxIABNjYWI8U9IkeDqAv72GYm2VPtflcPBp8bFcOqjF9P
gtqMWL4oDyQT6h2Y4GyLjJyJ4Qk58i9PnUs8RmgSf4vJi9uIC0gXcy75Vyjjv2id
amqL0qwU/g==
-----END CERTIFICATE-----