Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6YMf0OexWxfgoKfcz8q7Bj18R8o.cer
File:                     6YMf0OexWxfgoKfcz8q7Bj18R8o.cer (raw, json)
Hash identifier:          SisJR0gz8umQvej73BcR4bcI8HvnDSpiDNDehHNb35Y=
Subject key identifier:   E9:83:1F:D0:E7:B1:5B:17:E0:A0:A7:DC:CF:CA:BB:06:3D:7C:47:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0190CB85E9ACDCD90E6645CA1E5184186F33
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 19 Jul 2024 15:04:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216040

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:cb:85:e9:ac:dc:d9:0e:66:45:ca:1e:51:84:18:6f:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul 19 15:04:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e9831fd0e7b15b17e0a0a7dccfcabb063d7c47ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:cb:17:e7:8e:cb:cb:b8:38:0b:60:22:51:86:
                    8b:8c:24:6a:b9:e5:fb:38:8a:8c:e1:10:a2:0d:84:
                    44:83:80:53:45:75:31:67:fd:2f:28:62:57:ac:aa:
                    7b:b0:59:ea:0d:69:60:f7:81:7a:36:3b:b2:35:a1:
                    e7:bf:a6:9b:d4:75:03:87:7c:b9:1b:d8:a4:d4:cc:
                    6f:b6:bd:f8:94:b4:4e:2a:97:7b:59:c0:16:63:5f:
                    e0:15:3a:b3:f6:d0:9d:6d:81:ec:8f:df:ea:fa:44:
                    c9:f1:c7:1e:9e:8b:48:53:c3:f1:37:c5:71:78:65:
                    b5:a3:44:b0:70:4a:af:4f:33:e0:5f:8a:6e:da:1e:
                    83:a9:f5:f9:b1:00:ac:30:8c:7b:6f:f4:7e:80:e3:
                    26:5c:0e:e7:86:fd:dd:3c:95:2b:9d:26:f5:45:69:
                    ec:db:8f:ac:cc:fc:95:e3:5f:d0:f0:4b:c4:69:41:
                    8c:e5:00:b2:48:ef:d7:43:90:ce:2d:c8:bf:3e:8e:
                    00:eb:da:b1:b0:40:9a:67:e2:55:dd:74:52:20:21:
                    03:d6:96:a2:b7:c8:68:b1:d6:ef:e8:2e:22:05:43:
                    62:27:65:26:f9:e6:06:be:1d:df:6f:b0:0a:fe:79:
                    f3:08:4c:37:05:50:0d:e9:62:31:64:ce:0f:89:66:
                    ac:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:83:1F:D0:E7:B1:5B:17:E0:A0:A7:DC:CF:CA:BB:06:3D:7C:47:CA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216040

    Signature Algorithm: sha256WithRSAEncryption
         33:f0:5d:a2:31:2d:10:2c:46:55:b3:3c:1c:0f:fe:ec:5c:99:
         33:a4:16:82:73:f2:b9:3f:6a:35:0e:38:b2:f5:5e:46:29:9a:
         67:d5:15:14:aa:0e:0e:9c:dc:45:c4:9d:25:47:7b:7f:a8:b6:
         a9:f3:05:23:8e:b7:44:3e:48:1a:8c:8d:da:2d:76:be:b9:9c:
         5f:e2:c2:83:42:73:41:35:8c:9e:34:a7:dd:88:4e:de:74:b2:
         27:d6:66:b1:66:66:c7:a0:a3:b7:14:5a:9f:6a:65:fd:bc:6b:
         84:a0:18:04:d0:ac:73:68:d4:8f:36:19:4e:b6:76:75:ba:d8:
         90:76:48:37:5f:f3:29:63:7a:09:1a:b9:f8:3d:e4:8a:ec:22:
         bd:7b:98:95:f5:61:cc:ec:5b:a1:7e:b1:52:a8:05:3f:52:c0:
         12:ab:8c:4a:72:37:54:38:51:82:4f:ba:3c:5b:5a:08:bb:48:
         d2:10:80:48:07:3f:83:68:72:45:0e:11:d9:1b:fd:08:1a:0d:
         42:9d:e5:fd:21:3c:09:b2:02:cd:ad:83:52:dc:13:37:70:18:
         78:20:b6:94:90:e5:75:5e:01:b8:69:73:da:88:70:0d:d5:e8:
         ea:41:b1:c2:2e:a9:32:0e:15:ba:55:56:ef:c0:15:5e:37:64:
         00:2d:92:64
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZDLhems3NkOZkXKHlGEGG8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNzE5MTUwNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTgzMWZkMGU3YjE1YjE3ZTBhMGE3ZGNjZmNhYmIwNjNkN2M0N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncsX547Ly7g4C2AiUYaLjCRqueX7
OIqM4RCiDYREg4BTRXUxZ/0vKGJXrKp7sFnqDWlg94F6NjuyNaHnv6ab1HUDh3y5
G9ik1Mxvtr34lLROKpd7WcAWY1/gFTqz9tCdbYHsj9/q+kTJ8ccenotIU8PxN8Vx
eGW1o0SwcEqvTzPgX4pu2h6DqfX5sQCsMIx7b/R+gOMmXA7nhv3dPJUrnSb1RWns
24+szPyV41/Q8EvEaUGM5QCySO/XQ5DOLci/Po4A69qxsECaZ+JV3XRSICED1pai
t8hosdbv6C4iBUNiJ2Um+eYGvh3fb7AK/nnzCEw3BVAN6WIxZM4PiWas0QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOmDH9DnsVsX4KCn3M/KuwY9fEfKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2Lzk0ZmQ4
YS0zYjY1LTRhZjctODg1ZC0wMTQ3ZTEzYTk5M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvOTRmZDhh
LTNiNjUtNGFmNy04ODVkLTAxNDdlMTNhOTkzZS8xLzZZTWYwT2V4V3hmZ29LZmN6
OHE3QmoxOFI4by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNL6DANBgkqhkiG9w0BAQsFAAOCAQEAM/BdojEtECxG
VbM8HA/+7FyZM6QWgnPyuT9qNQ44svVeRimaZ9UVFKoODpzcRcSdJUd7f6i2qfMF
I463RD5IGoyN2i12vrmcX+LCg0JzQTWMnjSn3YhO3nSyJ9ZmsWZmx6CjtxRan2pl
/bxrhKAYBNCsc2jUjzYZTrZ2dbrYkHZIN1/zKWN6CRq5+D3kiuwivXuYlfVhzOxb
oX6xUqgFP1LAEquMSnI3VDhRgk+6PFtaCLtI0hCASAc/g2hyRQ4R2Rv9CBoNQp3l
/SE8CbICza2DUtwTN3AYeCC2lJDldV4BuGlz2ohwDdXo6kGxwi6pMg4VulVW78AV
XjdkAC2SZA==
-----END CERTIFICATE-----