Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer
File:                     8H-pjVIdhMKNrsion3SIu86AAhU.cer (raw, json)
Hash identifier:          Kpf7rz1v6lIYGgb3EEhtAFAdx47/VuHQd4JGRtooCR0=
Subject key identifier:   F0:7F:A9:8D:52:1D:84:C2:8D:AE:C8:A8:9F:74:88:BB:CE:80:02:15
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019428D377212EF97CE61CD1EBBF826B1EBC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 21:02:14 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 213641
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:28:d3:77:21:2e:f9:7c:e6:1c:d1:eb:bf:82:6b:1e:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 21:02:14 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=f07fa98d521d84c28daec8a89f7488bbce800215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:45:de:18:c4:41:47:ca:db:05:ad:4b:7d:d3:
                    27:e9:da:cf:49:cf:48:65:de:7f:4c:5a:c9:4d:7c:
                    77:dd:5e:c8:31:b0:d5:db:5c:20:92:16:74:a0:04:
                    d0:f2:e8:da:59:0a:e1:84:38:9b:04:8a:45:0f:5e:
                    5f:d0:48:9d:c6:24:8d:ed:5b:30:e8:86:19:54:12:
                    bf:85:b8:60:71:4e:f4:4b:d9:8d:fb:3e:c3:10:e9:
                    81:f5:f2:92:89:7d:ba:52:32:78:37:bd:07:a5:9c:
                    8b:f8:19:3f:98:1f:49:6c:3d:b8:2b:2b:58:31:a5:
                    26:64:7b:e1:a5:b8:43:89:bf:2a:59:39:9d:fd:a9:
                    07:2a:0d:73:cd:6b:a2:f0:19:1e:86:13:5f:cd:07:
                    84:7f:21:37:5a:66:59:e9:a2:55:c6:01:34:60:78:
                    b4:7c:11:c7:ad:64:e6:19:67:08:df:85:d3:3a:5d:
                    6f:88:14:85:ea:e5:9d:2d:8d:26:5a:c7:ca:7a:f2:
                    c4:c6:57:99:11:ff:92:d5:45:c2:69:50:26:32:58:
                    00:2b:81:37:b9:69:ef:a5:44:eb:6e:c8:1a:82:17:
                    94:45:de:e3:78:b9:ab:81:16:85:e1:a2:cd:e0:39:
                    b4:56:d2:40:22:98:b7:d5:5c:8f:e8:d4:10:f5:19:
                    48:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:7F:A9:8D:52:1D:84:C2:8D:AE:C8:A8:9F:74:88:BB:CE:80:02:15
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213641

    Signature Algorithm: sha256WithRSAEncryption
         a4:67:07:19:d5:73:a2:e6:28:c2:f0:b9:5d:92:6a:21:f0:d8:
         ae:22:1e:29:13:fe:ad:34:a9:a6:0c:fe:18:11:b5:f1:a6:4a:
         b2:d0:5b:26:f9:38:52:3c:47:b1:57:2c:05:3d:bd:d4:d5:de:
         db:26:c4:81:3f:ba:56:05:83:b8:07:aa:e9:5a:ed:e7:3c:3c:
         85:b3:12:05:d5:de:0d:28:cf:01:ac:b3:19:2a:16:65:1d:7b:
         17:2b:47:13:82:f4:9a:e2:6e:7b:86:64:26:5e:41:1e:a1:a6:
         cf:5b:a3:9b:2d:5c:2d:06:a8:73:42:1f:f7:80:2b:6f:02:02:
         1d:a1:d6:d3:c1:fe:88:87:97:42:f1:8d:66:4d:c9:f8:ed:75:
         59:4c:41:be:d6:72:22:dd:99:1c:e7:c8:62:bd:0f:0d:27:0f:
         4e:17:74:29:7e:8e:30:e5:2a:cf:87:a4:31:4a:91:a9:50:0b:
         9c:d9:67:ac:42:35:40:ad:b9:d8:e5:68:ea:ce:c0:ff:7b:af:
         43:85:de:50:1d:72:28:31:56:4f:23:1a:8e:f3:fa:94:26:2e:
         58:4d:08:f5:92:ba:e9:c4:47:a4:e6:48:75:ef:76:7c:60:1f:
         46:73:bd:08:fb:9a:95:69:a4:15:bd:68:c3:4f:c7:c5:06:2e:
         0b:43:e1:f5
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQo03chLvl85hzR67+Cax68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMjEwMjE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDdmYTk4ZDUyMWQ4NGMyOGRhZWM4YTg5Zjc0ODhiYmNlODAwMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkXeGMRBR8rbBa1LfdMn6drPSc9I
Zd5/TFrJTXx33V7IMbDV21wgkhZ0oATQ8ujaWQrhhDibBIpFD15f0EidxiSN7Vsw
6IYZVBK/hbhgcU70S9mN+z7DEOmB9fKSiX26UjJ4N70HpZyL+Bk/mB9JbD24KytY
MaUmZHvhpbhDib8qWTmd/akHKg1zzWui8BkehhNfzQeEfyE3WmZZ6aJVxgE0YHi0
fBHHrWTmGWcI34XTOl1viBSF6uWdLY0mWsfKevLExleZEf+S1UXCaVAmMlgAK4E3
uWnvpUTrbsgagheURd7jeLmrgRaF4aLN4Dm0VtJAIpi31VyP6NQQ9RlI9QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPB/qY1SHYTCja7IqJ90iLvOgAIVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1L2EyNWY4
OS02MzliLTRmOWUtYWM5ZC03ZDkyOGMxMzE3MjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvYTI1Zjg5
LTYzOWItNGY5ZS1hYzlkLTdkOTI4YzEzMTcyNC8xLzhILXBqVklkaE1LTnJzaW9u
M1NJdTg2QUFoVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNCiTANBgkqhkiG9w0BAQsFAAOCAQEApGcHGdVzouYo
wvC5XZJqIfDYriIeKRP+rTSppgz+GBG18aZKstBbJvk4UjxHsVcsBT291NXe2ybE
gT+6VgWDuAeq6Vrt5zw8hbMSBdXeDSjPAayzGSoWZR17FytHE4L0muJue4ZkJl5B
HqGmz1ujmy1cLQaoc0If94ArbwICHaHW08H+iIeXQvGNZk3J+O11WUxBvtZyIt2Z
HOfIYr0PDScPThd0KX6OMOUqz4ekMUqRqVALnNlnrEI1QK252OVo6s7A/3uvQ4Xe
UB1yKDFWTyMajvP6lCYuWE0I9ZK66cRHpOZIde92fGAfRnO9CPualWmkFb1ow0/H
xQYuC0Ph9Q==
-----END CERTIFICATE-----