Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75S8y9TC4P-PeqsEXhSjEfOy-f4.cer
File:                     75S8y9TC4P-PeqsEXhSjEfOy-f4.cer (raw, json)
Hash identifier:          Poe3Bmi0VBTdcO4JxEqZjHrcOG1S4rfoVVmfA7bqB+g=
Subject key identifier:   EF:94:BC:CB:D4:C2:E0:FF:8F:7A:AB:04:5E:14:A3:11:F3:B2:F9:FE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01948A1D2CC00078065CF851F773D2D82401
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/38/bec253-9c29-478c-9711-cb63d6fbbfc7/1/75S8y9TC4P-PeqsEXhSjEfOy-f4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/38/bec253-9c29-478c-9711-cb63d6fbbfc7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 21 Jan 2025 18:25:55 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 192.231.17.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:8a:1d:2c:c0:00:78:06:5c:f8:51:f7:73:d2:d8:24:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 21 18:25:55 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=ef94bccbd4c2e0ff8f7aab045e14a311f3b2f9fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2f:b7:6f:86:ce:d2:d5:b0:57:56:c1:6c:be:
                    48:78:8e:d3:5a:e2:6c:f0:de:a0:66:22:47:44:1c:
                    20:f8:e9:0d:58:71:7b:41:a8:3a:97:cf:89:7a:65:
                    f2:07:e7:7e:14:71:ee:85:ff:a4:91:b2:49:75:63:
                    b2:1a:63:54:6d:61:a2:1d:65:f2:bf:8d:31:74:77:
                    bd:73:2b:63:46:6a:60:15:06:bc:12:8d:3b:73:5b:
                    6d:3f:c7:68:0b:67:e6:0a:60:7e:bf:28:58:c7:c3:
                    22:b6:c9:fa:b1:35:b8:0f:ef:33:66:46:7b:af:2a:
                    5f:ee:f0:80:90:95:84:de:f5:05:b5:88:0d:1f:f2:
                    37:7f:f3:c7:5f:16:0d:71:ff:93:7b:93:fd:01:bf:
                    b1:31:e5:e8:9f:4d:5b:6d:e0:63:94:7d:fe:68:54:
                    32:19:26:69:59:33:6b:be:fd:9d:97:35:82:d2:91:
                    b0:99:6e:0c:e3:49:77:a9:49:7b:1e:c3:eb:03:59:
                    c6:18:7c:39:67:d7:a2:e0:15:32:76:32:fb:30:0a:
                    c3:65:17:b9:b7:49:8a:fd:09:df:d8:e6:d0:d8:61:
                    9d:6a:89:8e:3a:d1:d9:62:88:b3:39:71:25:40:73:
                    c5:88:c9:de:3d:a6:4c:09:fc:cc:90:66:08:df:94:
                    87:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:94:BC:CB:D4:C2:E0:FF:8F:7A:AB:04:5E:14:A3:11:F3:B2:F9:FE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/bec253-9c29-478c-9711-cb63d6fbbfc7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/bec253-9c29-478c-9711-cb63d6fbbfc7/1/75S8y9TC4P-PeqsEXhSjEfOy-f4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.231.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:b1:3d:98:ac:8e:11:cc:25:7d:94:d2:be:56:77:f6:46:93:
         00:0a:d8:19:af:ee:1a:ec:7f:ae:1b:ce:a3:68:b4:cf:4f:58:
         61:45:44:09:98:40:9b:dd:c3:63:ce:de:bf:fc:16:02:dd:17:
         36:d7:57:cc:8d:cd:82:0a:7b:7e:0f:6a:51:32:64:9f:9a:a1:
         6e:af:fd:17:80:bb:f5:73:be:a2:54:84:c4:96:2e:75:a5:88:
         e0:57:9e:b7:91:a5:c2:e8:7c:10:cf:83:5d:0d:b7:3c:73:e2:
         ef:2b:1c:18:11:88:c6:2c:77:a1:9b:56:63:f6:b2:6d:4e:25:
         f3:35:34:26:35:97:1d:b6:46:30:cb:c7:17:a1:85:08:fb:e6:
         f8:d4:ca:d3:84:c9:72:81:0f:5f:5c:55:8f:62:2e:e7:5e:14:
         b8:25:d2:a5:78:c6:23:80:10:46:4a:45:a0:3d:2a:72:d1:34:
         78:c8:28:bc:93:d6:d5:29:e9:fd:6c:db:a3:e9:9a:f5:a9:46:
         13:7b:a3:58:76:bf:62:9a:ca:90:9c:0b:7e:b4:ea:dd:ea:fa:
         c0:24:f6:2f:d9:44:c3:31:4e:b5:2d:69:9f:04:a5:90:02:2c:
         5e:84:90:bf:08:93:39:0d:15:fc:e1:8e:dc:bf:27:d6:d1:3e:
         fa:94:da:b3
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZSKHSzAAHgGXPhR93PS2CQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTIxMTgyNTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjk0YmNjYmQ0YzJlMGZmOGY3YWFiMDQ1ZTE0YTMxMWYzYjJmOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty+3b4bO0tWwV1bBbL5IeI7TWuJs
8N6gZiJHRBwg+OkNWHF7Qag6l8+JemXyB+d+FHHuhf+kkbJJdWOyGmNUbWGiHWXy
v40xdHe9cytjRmpgFQa8Eo07c1ttP8doC2fmCmB+vyhYx8Mitsn6sTW4D+8zZkZ7
rypf7vCAkJWE3vUFtYgNH/I3f/PHXxYNcf+Te5P9Ab+xMeXon01bbeBjlH3+aFQy
GSZpWTNrvv2dlzWC0pGwmW4M40l3qUl7HsPrA1nGGHw5Z9ei4BUydjL7MArDZRe5
t0mK/Qnf2ObQ2GGdaomOOtHZYoizOXElQHPFiMnePaZMCfzMkGYI35SH6QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFO+UvMvUwuD/j3qrBF4UoxHzsvn+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM4L2JlYzI1
My05YzI5LTQ3OGMtOTcxMS1jYjYzZDZmYmJmYzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgvYmVjMjUz
LTljMjktNDc4Yy05NzExLWNiNjNkNmZiYmZjNy8xLzc1Uzh5OVRDNFAtUGVxc0VY
aFNqRWZPeS1mNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwOcRMA0GCSqGSIb3DQEBCwUAA4IBAQBBsT2Y
rI4RzCV9lNK+Vnf2RpMACtgZr+4a7H+uG86jaLTPT1hhRUQJmECb3cNjzt6//BYC
3Rc211fMjc2CCnt+D2pRMmSfmqFur/0XgLv1c76iVITEli51pYjgV563kaXC6HwQ
z4NdDbc8c+LvKxwYEYjGLHehm1Zj9rJtTiXzNTQmNZcdtkYwy8cXoYUI++b41MrT
hMlygQ9fXFWPYi7nXhS4JdKleMYjgBBGSkWgPSpy0TR4yCi8k9bVKen9bNuj6Zr1
qUYTe6NYdr9imsqQnAt+tOrd6vrAJPYv2UTDMU61LWmfBKWQAixehJC/CJM5DRX8
4Y7cvyfW0T76lNqz
-----END CERTIFICATE-----