Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6T3OhQyyYnpSvfS5k0oRKIy20nc.cer
File:                     6T3OhQyyYnpSvfS5k0oRKIy20nc.cer (raw, json)
Hash identifier:          Sm69q+UtyG9KIs5bkdMrjMU5/hQZSeOb4S8ghpi5DM8=
Subject key identifier:   E9:3D:CE:85:0C:B2:62:7A:52:BD:F4:B9:93:4A:11:28:8C:B6:D2:77
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC349271D4482360D7E54005638C6693E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3a/d4f2e8-d619-4869-98e3-f5e93646698e/1/6T3OhQyyYnpSvfS5k0oRKIy20nc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3a/d4f2e8-d619-4869-98e3-f5e93646698e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:30:00 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 43943

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Apr 2024 00:45:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:27:1d:44:82:36:0d:7e:54:00:56:38:c6:69:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e93dce850cb2627a52bdf4b9934a11288cb6d277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:65:b4:fc:3a:6a:00:8b:09:81:42:4f:73:56:
                    60:5f:93:fe:a5:cb:ef:8b:ce:f0:37:fe:e1:52:94:
                    46:3d:a8:ee:bd:4a:9b:fd:56:1f:1d:28:78:0d:11:
                    d5:5c:a9:09:53:36:ba:74:50:d6:da:35:8f:ca:d8:
                    88:18:b2:bd:bc:e8:ef:4a:57:5f:65:8a:03:0a:7d:
                    6d:cb:91:a6:fa:52:31:82:89:16:15:09:8a:4d:0a:
                    84:47:f3:47:70:09:81:8a:2c:5f:ec:c6:68:0c:12:
                    7f:30:fb:80:41:1f:5b:7e:0a:11:2c:cf:a4:8d:43:
                    ab:2c:64:16:d9:32:2d:27:bc:49:3c:77:f6:3b:9f:
                    44:70:47:a5:de:a4:73:8f:1d:39:94:cc:b2:fc:82:
                    5b:9a:98:76:7a:0d:8f:3d:0e:df:7d:20:4c:9b:27:
                    b9:21:f3:49:49:02:be:bd:ea:8c:a6:2b:c0:59:e4:
                    c7:54:8b:16:ca:03:05:a4:b2:ea:ea:88:8f:0f:98:
                    01:4d:2e:d3:14:6e:bd:58:30:69:9c:81:33:97:22:
                    32:28:92:41:ff:6e:de:e4:48:e2:7a:c8:b1:7b:6b:
                    89:34:b8:15:b0:53:01:0e:8b:94:be:8b:24:3d:65:
                    1a:a7:10:8f:7d:f6:81:b2:cf:53:b2:d3:42:5d:28:
                    b1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:3D:CE:85:0C:B2:62:7A:52:BD:F4:B9:93:4A:11:28:8C:B6:D2:77
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d4f2e8-d619-4869-98e3-f5e93646698e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d4f2e8-d619-4869-98e3-f5e93646698e/1/6T3OhQyyYnpSvfS5k0oRKIy20nc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43943

    Signature Algorithm: sha256WithRSAEncryption
         95:bb:8d:e2:1f:3c:49:99:18:19:0e:6e:8d:1e:b4:90:e1:3c:
         d8:7b:d0:85:67:30:ff:93:f7:c2:1f:dd:b2:33:61:b8:2c:ff:
         3f:03:9b:23:17:bd:77:aa:f6:d4:4b:c9:f6:72:a8:12:38:4b:
         1d:43:66:dc:81:a3:eb:ba:64:6d:7d:b5:dc:90:bd:9e:f2:a3:
         e7:9e:ea:13:d0:3b:ed:33:d9:b4:3c:59:f6:da:7c:9e:04:4c:
         51:91:17:70:f6:ad:16:fb:8d:c7:68:1b:9f:63:95:d1:ee:8d:
         b3:4a:b5:1a:6f:ff:51:a3:83:07:b8:c1:3c:b7:f9:b2:6c:fc:
         0e:bb:8c:e5:71:ff:14:0f:95:18:72:0c:86:dc:34:f8:ce:08:
         66:fe:8f:ed:55:23:48:24:95:14:f3:5e:18:68:34:83:b4:65:
         40:8c:bb:9e:ea:73:fe:72:66:16:e2:a4:66:52:17:94:94:f0:
         67:28:a2:9d:ae:67:d8:c6:d6:f6:8e:e7:b5:77:5d:9f:a1:f2:
         b3:f5:41:17:d8:41:1e:64:49:21:68:ec:fc:84:d0:49:93:be:
         5a:ee:8e:dc:64:60:1d:6d:78:1b:93:23:4a:01:8d:ac:e0:e5:
         eb:3c:fa:df:d5:b5:2b:85:28:df:5c:32:61:c8:ef:88:63:78:
         4c:b2:d4:c5
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzDSScdRII2DX5UAFY4xmk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTNkY2U4NTBjYjI2MjdhNTJiZGY0Yjk5MzRhMTEyODhjYjZkMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92W0/DpqAIsJgUJPc1ZgX5P+pcvv
i87wN/7hUpRGPajuvUqb/VYfHSh4DRHVXKkJUza6dFDW2jWPytiIGLK9vOjvSldf
ZYoDCn1ty5Gm+lIxgokWFQmKTQqER/NHcAmBiixf7MZoDBJ/MPuAQR9bfgoRLM+k
jUOrLGQW2TItJ7xJPHf2O59EcEel3qRzjx05lMyy/IJbmph2eg2PPQ7ffSBMmye5
IfNJSQK+veqMpivAWeTHVIsWygMFpLLq6oiPD5gBTS7TFG69WDBpnIEzlyIyKJJB
/27e5Ejiesixe2uJNLgVsFMBDouUvoskPWUapxCPffaBss9TstNCXSixnwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOk9zoUMsmJ6Ur30uZNKESiMttJ3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNhL2Q0ZjJl
OC1kNjE5LTQ4NjktOThlMy1mNWU5MzY0NjY5OGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2EvZDRmMmU4
LWQ2MTktNDg2OS05OGUzLWY1ZTkzNjQ2Njk4ZS8xLzZUM09oUXl5WW5wU3ZmUzVr
MG9SS0l5MjBuYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCrpzANBgkqhkiG9w0BAQsFAAOCAQEAlbuN4h88SZkY
GQ5ujR60kOE82HvQhWcw/5P3wh/dsjNhuCz/PwObIxe9d6r21EvJ9nKoEjhLHUNm
3IGj67pkbX213JC9nvKj557qE9A77TPZtDxZ9tp8ngRMUZEXcPatFvuNx2gbn2OV
0e6Ns0q1Gm//UaODB7jBPLf5smz8DruM5XH/FA+VGHIMhtw0+M4IZv6P7VUjSCSV
FPNeGGg0g7RlQIy7nupz/nJmFuKkZlIXlJTwZyiina5n2MbW9o7ntXddn6Hys/VB
F9hBHmRJIWjs/ITQSZO+Wu6O3GRgHW14G5MjSgGNrODl6zz639W1K4Uo31wyYcjv
iGN4TLLUxQ==
-----END CERTIFICATE-----