Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8jJYqmuD7J-3vpZsYmqRZngcfzs.cer
File:                     8jJYqmuD7J-3vpZsYmqRZngcfzs.cer (raw, json)
Hash identifier:          N3ZypsgH/FOVlMEm9JbqL48rnraH2yzXIPXFB0PoaQo=
Subject key identifier:   F2:32:58:AA:6B:83:EC:9F:B7:BE:96:6C:62:6A:91:66:78:1C:7F:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B7B9CBE0C9D428D1CB7125EFFC4A9B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/48/48c3a8-b954-41c9-bd23-712fcfa441e4/1/8jJYqmuD7J-3vpZsYmqRZngcfzs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/48/48c3a8-b954-41c9-bd23-712fcfa441e4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:29:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 155.105.0.0/16

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 20 Apr 2024 08:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:b9:cb:e0:c9:d4:28:d1:cb:71:25:ef:fc:4a:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f23258aa6b83ec9fb7be966c626a9166781c7f3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:09:ec:82:b5:3a:5f:d3:1c:ec:51:5c:d9:52:
                    ce:0c:e0:67:b3:ff:3c:25:b6:13:6c:fc:54:a0:7e:
                    f6:9d:7e:69:2d:da:7a:1f:73:7c:2d:b9:33:57:0c:
                    90:03:70:fe:2c:6b:e4:af:1c:0c:fb:bf:82:a2:09:
                    c2:09:cd:58:80:21:88:70:54:90:5e:43:00:a1:c7:
                    44:63:d4:a4:46:bd:c9:71:38:0c:b8:7a:da:e1:c0:
                    0b:a5:0f:0e:ac:41:2b:28:44:a1:d7:31:be:02:6e:
                    04:43:99:c4:f8:4d:51:65:b9:de:77:6a:d2:05:8b:
                    36:02:b7:09:2e:63:80:54:97:3e:2d:3b:23:dd:b4:
                    4c:3c:d1:dd:e7:63:fb:02:f7:5e:d6:fb:10:57:b8:
                    55:cd:a2:03:f1:f6:9d:cc:12:fc:18:ad:33:c1:93:
                    ed:bf:3f:01:0b:35:6c:fe:a3:a3:1c:22:9a:2c:41:
                    2f:0c:ac:49:36:ef:8d:46:55:3f:c3:75:89:ea:8d:
                    2a:56:9d:b2:d9:75:4d:96:6e:ca:58:38:72:e8:0d:
                    78:cd:d9:4c:5e:24:ba:75:b9:17:c0:46:ab:f7:95:
                    10:60:97:09:34:0d:84:9a:94:f8:a4:db:52:8b:83:
                    13:63:cd:ee:fa:b1:4c:0a:4a:c2:f7:fa:bd:df:8b:
                    88:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:32:58:AA:6B:83:EC:9F:B7:BE:96:6C:62:6A:91:66:78:1C:7F:3B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/48c3a8-b954-41c9-bd23-712fcfa441e4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/48c3a8-b954-41c9-bd23-712fcfa441e4/1/8jJYqmuD7J-3vpZsYmqRZngcfzs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.105.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0d:ac:d7:81:59:65:8f:93:33:df:ab:5d:27:45:2e:95:b0:0a:
         e4:60:c2:c1:5d:a3:44:12:a5:25:1b:6b:93:0c:be:39:57:7b:
         9a:b6:ec:ec:a4:0c:31:84:2d:0a:f1:e4:8d:8d:4c:0d:94:51:
         c8:3a:82:d4:a9:7f:27:55:29:a3:26:87:cf:7f:78:25:1c:c8:
         aa:5e:b4:cc:d4:31:36:6d:b5:5b:f7:f3:da:8d:7d:7c:2c:c2:
         eb:02:38:02:3d:3b:ed:20:2d:40:7a:82:52:f5:e8:75:40:19:
         43:f5:56:60:28:7d:1b:aa:e1:9c:c0:fa:16:e0:a8:12:2e:f6:
         85:cb:0d:a0:68:c7:77:9e:6d:0d:4d:93:74:9b:40:9c:38:08:
         3a:25:af:a0:a2:bb:5c:9a:02:d2:9c:97:71:00:e3:ba:02:49:
         76:e6:32:8d:78:a1:52:0a:7f:3f:6e:30:53:ea:7d:92:b0:17:
         d1:0a:42:39:6a:b7:bd:2b:95:d1:d0:98:a5:ec:2f:b7:3d:93:
         36:36:26:d8:9b:aa:85:99:c7:70:7f:fa:6a:71:35:8a:f3:41:
         d1:79:71:c0:34:51:e2:11:5e:8f:b3:2e:44:32:9f:b3:87:35:
         7b:a6:fd:8b:e0:51:bc:0a:f2:98:3d:42:d3:bc:1a:db:32:dc:
         a2:d3:98:14
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzGt7nL4MnUKNHLcSXv/EqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjMyNThhYTZiODNlYzlmYjdiZTk2NmM2MjZhOTE2Njc4MWM3ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgnsgrU6X9Mc7FFc2VLODOBns/88
JbYTbPxUoH72nX5pLdp6H3N8LbkzVwyQA3D+LGvkrxwM+7+CognCCc1YgCGIcFSQ
XkMAocdEY9SkRr3JcTgMuHra4cALpQ8OrEErKESh1zG+Am4EQ5nE+E1RZbned2rS
BYs2ArcJLmOAVJc+LTsj3bRMPNHd52P7Avde1vsQV7hVzaID8fadzBL8GK0zwZPt
vz8BCzVs/qOjHCKaLEEvDKxJNu+NRlU/w3WJ6o0qVp2y2XVNlm7KWDhy6A14zdlM
XiS6dbkXwEar95UQYJcJNA2EmpT4pNtSi4MTY83u+rFMCkrC9/q934uI9wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFPIyWKprg+yft76WbGJqkWZ4HH87MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ4LzQ4YzNh
OC1iOTU0LTQxYzktYmQyMy03MTJmY2ZhNDQxZTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgvNDhjM2E4
LWI5NTQtNDFjOS1iZDIzLTcxMmZjZmE0NDFlNC8xLzhqSllxbXVEN0otM3ZwWnNZ
bXFSWm5nY2Z6cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUF
BwEHAQH/BA8wDTALBAIAATAFAwMAm2kwDQYJKoZIhvcNAQELBQADggEBAA2s14FZ
ZY+TM9+rXSdFLpWwCuRgwsFdo0QSpSUba5MMvjlXe5q27OykDDGELQrx5I2NTA2U
Ucg6gtSpfydVKaMmh89/eCUcyKpetMzUMTZttVv389qNfXwswusCOAI9O+0gLUB6
glL16HVAGUP1VmAofRuq4ZzA+hbgqBIu9oXLDaBox3eebQ1Nk3SbQJw4CDolr6Ci
u1yaAtKcl3EA47oCSXbmMo14oVIKfz9uMFPqfZKwF9EKQjlqt70rldHQmKXsL7c9
kzY2JtibqoWZx3B/+mpxNYrzQdF5ccA0UeIRXo+zLkQyn7OHNXum/YvgUbwK8pg9
QtO8Gtsy3KLTmBQ=
-----END CERTIFICATE-----