Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7ZAKVVGLZ57cePqpiD7G5gNa5xw.cer
File:                     7ZAKVVGLZ57cePqpiD7G5gNa5xw.cer (raw, json)
Hash identifier:          W7V7Kf3Sk0DsrVQ63f3qRF8DVwkU/QvgCLkxtapJMZc=
Subject key identifier:   ED:90:0A:55:51:8B:67:9E:DC:78:FA:A9:88:3E:C6:E6:03:5A:E7:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019111E6274B78E9938CC55ABF622BA3DFE1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/7ZAKVVGLZ57cePqpiD7G5gNa5xw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Aug 2024 07:03:01 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215472
                          IP: 2001:678:b74::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:11:e6:27:4b:78:e9:93:8c:c5:5a:bf:62:2b:a3:df:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug  2 07:03:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ed900a55518b679edc78faa9883ec6e6035ae71c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cf:35:2b:81:3d:56:83:08:b1:84:0a:a1:37:
                    1d:92:67:63:f0:02:7f:32:a3:8b:07:61:7b:66:22:
                    ea:84:59:f9:ec:d4:4f:a9:f5:67:bc:a0:b6:cf:93:
                    de:f2:57:d2:89:84:64:58:26:66:59:84:91:6d:dc:
                    d1:a4:7e:22:1e:1b:21:16:c3:0c:75:d2:63:47:15:
                    df:40:8e:e0:0a:6c:d9:19:e6:b3:ed:c4:aa:25:81:
                    48:07:5a:82:3a:8b:1c:6c:a5:e2:84:56:63:4e:94:
                    f8:bf:da:0b:5a:69:3d:2c:3c:62:00:49:08:3a:21:
                    fa:2c:ac:b3:ee:6f:c8:e9:63:bb:15:fa:cc:72:e1:
                    1f:be:ab:06:5c:99:13:0d:e7:69:a5:8b:ac:c7:bf:
                    31:d3:98:2e:f3:21:51:c3:f7:c8:da:69:e6:9d:56:
                    55:78:ae:9e:31:35:45:e5:da:1e:80:82:0b:ee:74:
                    49:c2:55:ad:5f:83:62:9b:bd:d3:9d:f5:dd:76:5f:
                    1e:7a:ca:65:09:62:cf:c2:f3:9b:7a:36:6c:e2:6c:
                    6c:16:5c:01:e8:33:20:3e:29:a7:1c:85:dc:7d:41:
                    c0:8d:1d:d9:07:5a:3b:8d:7e:ae:00:86:91:67:32:
                    35:3c:99:9f:6b:82:3e:c4:47:5f:96:3e:e5:71:2b:
                    6d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:90:0A:55:51:8B:67:9E:DC:78:FA:A9:88:3E:C6:E6:03:5A:E7:1C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/7ZAKVVGLZ57cePqpiD7G5gNa5xw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:b74::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215472

    Signature Algorithm: sha256WithRSAEncryption
         5d:94:a1:40:15:fc:36:6b:b1:a3:85:c5:3c:cd:64:d2:cf:1e:
         0a:14:33:48:7b:ab:f8:8b:8d:e1:d9:a9:36:74:b2:62:35:9c:
         c4:4e:c3:d3:0c:54:c6:5c:3b:18:83:34:50:5d:b0:f8:13:c1:
         05:9a:59:fb:fb:23:fb:b9:d2:bd:81:95:33:2d:a5:b3:f1:10:
         d6:4f:66:8d:69:e8:db:aa:35:48:b6:0c:21:77:fa:7f:80:6b:
         3c:fc:cd:f9:01:39:2f:2e:07:d6:b0:8b:43:87:b7:c3:72:13:
         96:49:95:1f:b3:8e:b2:db:e9:7f:99:a4:6c:09:18:54:bd:b6:
         af:4f:f6:b8:94:27:bf:dc:84:8f:d1:54:99:59:ac:37:ff:53:
         10:a7:00:b6:7d:ad:0f:d8:0f:6f:aa:77:ec:b4:a0:77:36:30:
         40:ce:28:08:8b:f1:b1:c6:40:cc:c0:bf:f7:97:47:03:9e:42:
         9d:fb:e7:59:39:f7:f9:f8:5d:01:b1:a3:4a:75:72:6b:ec:8b:
         b5:6c:50:c5:37:a5:75:7a:84:9b:d6:cf:66:88:14:dc:41:cf:
         fa:09:a8:fb:d9:a4:95:86:3b:f6:85:f4:0f:29:a9:26:a8:c1:
         e0:9b:c6:ec:f6:6b:75:fd:d3:c7:13:fc:82:c2:9e:81:9d:7f:
         2b:a5:87:2c
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZER5idLeOmTjMVav2Iro9/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwODAyMDcwMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDkwMGE1NTUxOGI2NzllZGM3OGZhYTk4ODNlYzZlNjAzNWFlNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs81K4E9VoMIsYQKoTcdkmdj8AJ/
MqOLB2F7ZiLqhFn57NRPqfVnvKC2z5Pe8lfSiYRkWCZmWYSRbdzRpH4iHhshFsMM
ddJjRxXfQI7gCmzZGeaz7cSqJYFIB1qCOoscbKXihFZjTpT4v9oLWmk9LDxiAEkI
OiH6LKyz7m/I6WO7FfrMcuEfvqsGXJkTDedppYusx78x05gu8yFRw/fI2mnmnVZV
eK6eMTVF5doegIIL7nRJwlWtX4Nim73TnfXddl8eesplCWLPwvObejZs4mxsFlwB
6DMgPimnHIXcfUHAjR3ZB1o7jX6uAIaRZzI1PJmfa4I+xEdflj7lcSttAQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFO2QClVRi2ee3Hj6qYg+xuYDWuccMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBhL2ZiZmFj
Yy1hNGYwLTRiZGItYWJiYi0wZjczNjYxZDVmMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvZmJmYWNj
LWE0ZjAtNGJkYi1hYmJiLTBmNzM2NjFkNWYzNS8xLzdaQUtWVkdMWjU3Y2VQcXBp
RDdHNWdOYTV4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAt0MBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwNJsDANBgkqhkiG9w0BAQsFAAOCAQEAXZShQBX8Nmuxo4XFPM1k0s8eChQz
SHur+IuN4dmpNnSyYjWcxE7D0wxUxlw7GIM0UF2w+BPBBZpZ+/sj+7nSvYGVMy2l
s/EQ1k9mjWno26o1SLYMIXf6f4BrPPzN+QE5Ly4H1rCLQ4e3w3ITlkmVH7OOstvp
f5mkbAkYVL22r0/2uJQnv9yEj9FUmVmsN/9TEKcAtn2tD9gPb6p37LSgdzYwQM4o
CIvxscZAzMC/95dHA55CnfvnWTn3+fhdAbGjSnVya+yLtWxQxTeldXqEm9bPZogU
3EHP+gmo+9mklYY79oX0DympJqjB4JvG7PZrdf3TxxP8gsKegZ1/K6WHLA==
-----END CERTIFICATE-----