Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8JdgzxHvK4Yhh7BeXXUcc0xjS0U.cer
File:                     8JdgzxHvK4Yhh7BeXXUcc0xjS0U.cer (raw, json)
Hash identifier:          06kZob/jXTrD7rEw+KIoQQPK1lBBRs819lRwaTochMc=
Subject key identifier:   F0:97:60:CF:11:EF:2B:86:21:87:B0:5E:5D:75:1C:73:4C:63:4B:45
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC500E346B6D73F5823F9D26D6B6278E2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/78/10849b-f1aa-4917-b8cb-36022446f023/1/8JdgzxHvK4Yhh7BeXXUcc0xjS0U.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/78/10849b-f1aa-4917-b8cb-36022446f023/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 12:30:18 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 62034

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:e3:46:b6:d7:3f:58:23:f9:d2:6d:6b:62:78:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:30:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f09760cf11ef2b862187b05e5d751c734c634b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b5:38:f1:6a:22:e4:89:11:3f:23:1f:1a:63:
                    e2:62:d6:10:bf:f1:7f:91:0e:7a:c9:62:60:a4:7c:
                    ac:7e:cb:b3:c5:92:fa:e1:80:de:b8:7f:7b:d6:7e:
                    33:6f:db:ad:66:b3:b5:a3:f1:85:3c:b4:51:14:92:
                    31:df:f9:0e:48:58:b9:a4:3e:0e:f2:88:85:14:8f:
                    c4:0f:fd:49:07:1d:e6:1b:65:4a:72:d5:e9:34:21:
                    a7:08:03:2e:33:04:ad:47:c0:3a:af:15:d5:b7:bb:
                    7d:d2:34:85:95:84:fa:17:c8:b5:e2:75:de:16:a2:
                    53:22:82:5d:b3:b6:51:cd:5c:1a:57:c8:2d:55:49:
                    84:0d:46:42:51:1e:12:59:88:17:2e:9c:29:ba:b1:
                    5a:7e:45:1d:65:05:05:d6:de:aa:f4:5a:6f:f1:49:
                    04:92:f2:87:df:e6:10:bd:41:db:aa:2d:0a:d1:08:
                    ae:76:6c:21:09:40:9c:e7:ef:01:1f:d1:34:12:4f:
                    ef:2a:92:d9:13:9a:d5:2e:d9:4b:f4:69:06:02:a9:
                    2c:74:b5:07:6b:18:ac:88:a4:5e:12:3c:06:82:fd:
                    14:65:23:b0:12:a7:73:d8:1a:a0:3a:b0:55:e9:c6:
                    3f:28:62:e0:1b:dc:a9:a5:30:39:f5:9f:98:07:cf:
                    4b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:97:60:CF:11:EF:2B:86:21:87:B0:5E:5D:75:1C:73:4C:63:4B:45
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/10849b-f1aa-4917-b8cb-36022446f023/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/10849b-f1aa-4917-b8cb-36022446f023/1/8JdgzxHvK4Yhh7BeXXUcc0xjS0U.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62034

    Signature Algorithm: sha256WithRSAEncryption
         0d:27:80:53:0a:a6:0d:1d:d2:4b:29:66:b0:0b:b8:08:f8:9f:
         21:09:f9:f7:60:6b:21:e9:cf:cc:3e:88:ec:04:4b:79:d6:14:
         bd:a3:99:cf:b4:88:b8:91:f0:28:8b:11:50:d5:04:a7:ea:89:
         22:80:ff:08:29:55:2a:f6:4b:b2:17:c0:47:40:0a:46:00:11:
         2b:79:12:f7:1b:c6:ae:24:88:5d:42:80:cf:32:4a:40:7f:6a:
         e1:3d:6d:db:23:ec:d5:93:f1:51:90:d9:8c:13:cc:83:89:c4:
         b5:96:c9:1e:1b:c4:ef:6f:70:f1:7c:cd:c6:50:9a:ae:47:63:
         3c:1b:5f:4a:9a:1b:b0:0f:9b:a8:61:9a:4b:50:a8:14:43:6b:
         36:59:74:5f:6c:51:b3:fc:3d:0c:53:c2:4b:dc:0f:df:2a:45:
         4a:02:88:32:cf:2e:32:34:5a:35:5d:59:3d:22:e0:3b:81:df:
         7c:92:41:ba:ff:31:98:1b:d4:61:49:95:58:9c:32:13:8e:2a:
         8c:1c:8a:4a:1c:13:00:bb:27:98:d8:26:f6:40:8a:07:8b:8a:
         03:02:3b:d3:42:e8:e1:68:0d:1e:dd:b7:c8:7d:59:06:d4:73:
         f9:eb:db:25:43:e9:f3:69:bf:d5:09:a7:de:81:ba:18:fe:7c:
         a1:3f:1e:ae
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzFAONGttc/WCP50m1rYnjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDk3NjBjZjExZWYyYjg2MjE4N2IwNWU1ZDc1MWM3MzRjNjM0YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rU48Woi5IkRPyMfGmPiYtYQv/F/
kQ56yWJgpHysfsuzxZL64YDeuH971n4zb9utZrO1o/GFPLRRFJIx3/kOSFi5pD4O
8oiFFI/ED/1JBx3mG2VKctXpNCGnCAMuMwStR8A6rxXVt7t90jSFlYT6F8i14nXe
FqJTIoJds7ZRzVwaV8gtVUmEDUZCUR4SWYgXLpwpurFafkUdZQUF1t6q9Fpv8UkE
kvKH3+YQvUHbqi0K0QiudmwhCUCc5+8BH9E0Ek/vKpLZE5rVLtlL9GkGAqksdLUH
axisiKReEjwGgv0UZSOwEqdz2BqgOrBV6cY/KGLgG9yppTA59Z+YB89LBwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPCXYM8R7yuGIYewXl11HHNMY0tFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4LzEwODQ5
Yi1mMWFhLTQ5MTctYjhjYi0zNjAyMjQ0NmYwMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvMTA4NDli
LWYxYWEtNDkxNy1iOGNiLTM2MDIyNDQ2ZjAyMy8xLzhKZGd6eEh2SzRZaGg3QmVY
WFVjYzB4alMwVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDyUjANBgkqhkiG9w0BAQsFAAOCAQEADSeAUwqmDR3S
SylmsAu4CPifIQn592BrIenPzD6I7ARLedYUvaOZz7SIuJHwKIsRUNUEp+qJIoD/
CClVKvZLshfAR0AKRgARK3kS9xvGriSIXUKAzzJKQH9q4T1t2yPs1ZPxUZDZjBPM
g4nEtZbJHhvE729w8XzNxlCarkdjPBtfSpobsA+bqGGaS1CoFENrNll0X2xRs/w9
DFPCS9wP3ypFSgKIMs8uMjRaNV1ZPSLgO4HffJJBuv8xmBvUYUmVWJwyE44qjByK
ShwTALsnmNgm9kCKB4uKAwI700Lo4WgNHt23yH1ZBtRz+evbJUPp82m/1Qmn3oG6
GP58oT8erg==
-----END CERTIFICATE-----