Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7oAELqPLNIc97Q6wZJWU4v8jkIE.cer
File:                     7oAELqPLNIc97Q6wZJWU4v8jkIE.cer (raw, json)
Hash identifier:          Lfokpwj2U1yjT5xyFNFYo5s0OBEyWe8QNpaTzSGfCf8=
Subject key identifier:   EE:80:04:2E:A3:CB:34:87:3D:ED:0E:B0:64:95:94:E2:FF:23:90:81
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B66CB102623EF43A1D24CB0D5570AE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1d/f5e2a7-5dbb-4b36-9614-d51617e02983/1/7oAELqPLNIc97Q6wZJWU4v8jkIE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1d/f5e2a7-5dbb-4b36-9614-d51617e02983/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:29:21 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 33813

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:6c:b1:02:62:3e:f4:3a:1d:24:cb:0d:55:70:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:29:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ee80042ea3cb34873ded0eb0649594e2ff239081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c8:70:ac:6e:79:5a:c9:4d:b7:10:ce:df:3c:
                    94:2b:4b:ef:05:d3:2c:d8:cd:7a:86:4a:61:38:bb:
                    2e:f4:a9:79:1d:41:12:d3:89:de:f3:5e:b8:3e:c1:
                    5e:90:4d:db:53:c0:72:60:f1:e1:b0:69:b9:ef:8b:
                    a0:86:35:9d:21:88:ed:b1:50:e4:7e:d3:a6:b5:e8:
                    be:0c:a9:fc:b3:61:cc:b3:b9:09:36:52:35:d4:cb:
                    74:c5:ba:40:95:bb:39:a1:a0:c4:27:b5:c0:e0:9d:
                    db:9f:75:1c:fc:75:ab:12:26:11:71:e7:f2:d4:c1:
                    06:a2:57:12:26:d0:55:26:d6:3c:a8:c9:43:37:be:
                    ae:75:af:a4:f4:da:43:49:9a:75:cd:9b:5e:02:9a:
                    1f:f3:ce:7b:c1:83:d6:67:78:10:f9:2b:ce:7f:69:
                    b2:aa:e7:ac:a7:4a:8a:13:40:81:01:63:2f:36:a5:
                    5a:ed:5e:c2:bd:73:2c:78:9a:d9:2b:c1:69:3a:a4:
                    62:0e:92:6c:07:90:b8:9f:64:b0:87:81:58:a5:2b:
                    af:05:e0:90:9e:85:ff:5d:7a:9a:33:b6:b0:d6:c5:
                    14:0b:f0:ea:7a:cd:76:e6:0f:53:a3:6e:c2:58:31:
                    8e:1f:72:d8:de:b4:42:2e:ff:72:59:f5:12:03:79:
                    a4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:80:04:2E:A3:CB:34:87:3D:ED:0E:B0:64:95:94:E2:FF:23:90:81
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f5e2a7-5dbb-4b36-9614-d51617e02983/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f5e2a7-5dbb-4b36-9614-d51617e02983/1/7oAELqPLNIc97Q6wZJWU4v8jkIE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  33813

    Signature Algorithm: sha256WithRSAEncryption
         a5:af:cf:dd:26:fa:de:9e:bf:a0:aa:a1:a8:36:2c:52:aa:87:
         9a:85:50:0f:5f:47:3e:4e:88:84:38:52:36:08:1b:7d:61:a6:
         62:6b:a7:73:d4:e3:72:aa:d1:ed:c3:8a:dd:6e:40:99:6e:41:
         47:3b:1f:1e:7d:21:c9:2e:a1:a6:c4:6d:21:94:23:71:00:29:
         e8:64:4e:e3:8e:23:a6:57:9a:3d:25:36:68:e8:54:e0:23:d4:
         75:b3:23:d9:a0:a8:60:20:67:4d:98:9a:d9:aa:74:1d:39:b4:
         79:ef:13:fc:4e:fe:72:df:38:88:21:9e:10:8d:85:62:dc:df:
         9f:52:f5:a0:2c:eb:d6:f8:be:a8:19:66:64:e1:2c:b9:7d:7b:
         33:2b:8f:12:b2:6f:1e:70:9b:e5:bb:74:d0:64:fc:b8:e4:1f:
         a6:bd:22:ed:30:98:53:7b:ba:06:7b:14:0c:34:8a:7a:03:e0:
         fe:6d:70:e0:4a:d2:b8:d4:10:c9:d5:e3:07:e5:3a:5e:6d:d9:
         71:b8:6b:79:69:f3:16:99:ca:c0:70:1c:de:b9:d1:3a:9e:67:
         35:e6:e7:a2:09:9c:04:bb:30:d7:64:70:18:70:19:9a:b3:69:
         ad:61:c7:3a:9c:b8:51:c8:b8:05:9f:2d:a9:22:cb:72:05:7b:
         a6:76:cd:cd
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzDtmyxAmI+9DodJMsNVXCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTgwMDQyZWEzY2IzNDg3M2RlZDBlYjA2NDk1OTRlMmZmMjM5MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MhwrG55WslNtxDO3zyUK0vvBdMs
2M16hkphOLsu9Kl5HUES04ne8164PsFekE3bU8ByYPHhsGm574ughjWdIYjtsVDk
ftOmtei+DKn8s2HMs7kJNlI11Mt0xbpAlbs5oaDEJ7XA4J3bn3Uc/HWrEiYRcefy
1MEGolcSJtBVJtY8qMlDN76uda+k9NpDSZp1zZteApof8857wYPWZ3gQ+SvOf2my
quesp0qKE0CBAWMvNqVa7V7CvXMseJrZK8FpOqRiDpJsB5C4n2Swh4FYpSuvBeCQ
noX/XXqaM7aw1sUUC/Dqes125g9To27CWDGOH3LY3rRCLv9yWfUSA3mkLwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFO6ABC6jyzSHPe0OsGSVlOL/I5CBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFkL2Y1ZTJh
Ny01ZGJiLTRiMzYtOTYxNC1kNTE2MTdlMDI5ODMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvZjVlMmE3
LTVkYmItNGIzNi05NjE0LWQ1MTYxN2UwMjk4My8xLzdvQUVMcVBMTkljOTdRNnda
SldVNHY4amtJRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCEFTANBgkqhkiG9w0BAQsFAAOCAQEApa/P3Sb63p6/
oKqhqDYsUqqHmoVQD19HPk6IhDhSNggbfWGmYmunc9TjcqrR7cOK3W5AmW5BRzsf
Hn0hyS6hpsRtIZQjcQAp6GRO444jpleaPSU2aOhU4CPUdbMj2aCoYCBnTZia2ap0
HTm0ee8T/E7+ct84iCGeEI2FYtzfn1L1oCzr1vi+qBlmZOEsuX17MyuPErJvHnCb
5bt00GT8uOQfpr0i7TCYU3u6BnsUDDSKegPg/m1w4ErSuNQQydXjB+U6Xm3Zcbhr
eWnzFpnKwHAc3rnROp5nNebnogmcBLsw12RwGHAZmrNprWHHOpy4Uci4BZ8tqSLL
cgV7pnbNzQ==
-----END CERTIFICATE-----