Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/A_g_WVVmnLCoGPusAnxoKurtXXI.cer
File:                     A_g_WVVmnLCoGPusAnxoKurtXXI.cer (raw, json)
Hash identifier:          TAeOX4qS94CPUmDZEqVKXY4KUk595X2nKadTO11E3bU=
Subject key identifier:   03:F8:3F:59:55:66:9C:B0:A8:18:FB:AC:02:7C:68:2A:EA:ED:5D:72
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019E92096B0BAD303FF5562F2B506EDF6384
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/A_g_WVVmnLCoGPusAnxoKurtXXI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 04 Jun 2026 09:49:11 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 35348
                          AS: 39669
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:92:09:6b:0b:ad:30:3f:f5:56:2f:2b:50:6e:df:63:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun  4 09:49:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=03f83f5955669cb0a818fbac027c682aeaed5d72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:62:88:03:06:b7:a7:f3:23:35:db:ee:5d:69:
                    bb:de:31:35:48:32:c2:64:3e:3e:36:06:27:43:e6:
                    dc:f4:c6:f8:6d:cd:6b:27:79:a3:3d:8d:dd:14:86:
                    3f:04:6f:50:99:12:97:59:d7:67:43:b1:55:ba:b9:
                    ce:1b:7f:ab:80:64:7a:ce:ef:3b:85:00:b8:98:e7:
                    3e:54:e4:a7:dd:83:58:80:1a:c0:f7:b8:6c:8c:22:
                    45:98:bc:3a:2a:77:79:34:38:b8:e5:2e:15:ea:07:
                    3b:c0:d5:19:e8:a2:e7:cb:d3:4a:25:d2:c8:33:da:
                    37:92:cf:43:18:dd:13:48:48:3d:4b:ac:63:19:24:
                    2e:90:e9:37:7e:14:7c:3f:ab:ab:a2:cc:95:ed:d7:
                    59:ab:05:91:75:03:67:78:ae:5f:6a:0b:f8:17:ee:
                    e6:a0:0d:0f:2b:e7:8a:ec:c1:d3:4e:c0:99:0b:cd:
                    47:dd:9e:84:60:92:d7:49:3d:7e:73:f6:61:b4:c1:
                    0f:b4:a2:f8:8e:ad:9f:84:e7:6a:0d:ce:c2:71:56:
                    e6:a2:6c:42:22:d1:63:0e:91:15:df:29:6f:b8:5f:
                    97:06:cf:1c:b1:b3:fa:a4:0b:26:96:70:63:9f:e5:
                    93:aa:5b:01:14:8e:0d:d4:d9:d0:a9:c9:bf:82:97:
                    2f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:F8:3F:59:55:66:9C:B0:A8:18:FB:AC:02:7C:68:2A:EA:ED:5D:72
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/A_g_WVVmnLCoGPusAnxoKurtXXI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  35348
                  39669

    Signature Algorithm: sha256WithRSAEncryption
         a5:7a:19:e8:a1:45:e0:03:3e:b1:43:a5:3f:2f:59:0f:b1:0b:
         8e:0b:23:15:38:d7:54:aa:31:a8:04:ca:f9:9b:5e:16:8d:d1:
         5a:6a:ab:42:48:2d:bd:0a:29:a3:c5:36:b7:09:ad:a8:55:37:
         d5:d2:03:09:1a:36:55:c9:d5:23:94:fc:eb:e9:39:f9:59:70:
         d2:24:4f:5a:6d:76:25:f9:a2:91:e8:12:b2:21:ce:52:05:8f:
         4e:f2:0a:87:b8:8a:0e:e5:20:9f:c7:1d:14:31:6d:df:dc:16:
         0e:2f:cd:f0:c5:ac:dc:0e:ab:b7:8d:67:fd:a7:dc:16:be:28:
         04:99:43:07:d7:6b:66:0c:78:49:58:af:e7:60:1a:02:d8:69:
         46:9a:ac:99:de:a8:92:79:94:31:cf:97:56:e4:c1:ed:a3:f3:
         25:83:ed:be:9b:6b:1a:9e:47:03:03:09:87:79:9c:91:48:94:
         d4:c5:28:9f:0c:39:13:8a:5d:fb:dd:e9:bb:d1:4b:1b:e1:67:
         79:bf:86:4b:b7:53:b8:d6:64:e4:fa:da:96:94:b6:dd:aa:99:
         7c:be:9f:70:aa:d4:16:ce:6f:76:15:4b:7f:27:25:54:e6:f2:
         16:1b:11:a7:20:10:fc:fc:4b:2b:d8:18:32:4e:1c:aa:62:a2:
         9c:d3:0d:0a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZ6SCWsLrTA/9VYvK1Bu32OEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNjA0MDk0OTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Y4M2Y1OTU1NjY5Y2IwYTgxOGZiYWMwMjdjNjgyYWVhZWQ1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+mKIAwa3p/MjNdvuXWm73jE1SDLC
ZD4+NgYnQ+bc9Mb4bc1rJ3mjPY3dFIY/BG9QmRKXWddnQ7FVurnOG3+rgGR6zu87
hQC4mOc+VOSn3YNYgBrA97hsjCJFmLw6Knd5NDi45S4V6gc7wNUZ6KLny9NKJdLI
M9o3ks9DGN0TSEg9S6xjGSQukOk3fhR8P6urosyV7ddZqwWRdQNneK5fagv4F+7m
oA0PK+eK7MHTTsCZC81H3Z6EYJLXST1+c/ZhtMEPtKL4jq2fhOdqDc7CcVbmomxC
ItFjDpEV3ylvuF+XBs8csbP6pAsmlnBjn+WTqlsBFI4N1NnQqcm/gpcvmQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFAP4P1lVZpywqBj7rAJ8aCrq7V1yMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3L2FmYmIw
Zi00YTlhLTRjMzAtOGE2Mi1mMTZmMWE3MGFiMmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvYWZiYjBm
LTRhOWEtNGMzMC04YTYyLWYxNmYxYTcwYWIyZC8xL0FfZ19XVlZtbkxDb0dQdXNB
bnhvS3VydFhYSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwCKFAIDAJr1MA0GCSqGSIb3DQEBCwUAA4IBAQClehno
oUXgAz6xQ6U/L1kPsQuOCyMVONdUqjGoBMr5m14WjdFaaqtCSC29CimjxTa3Ca2o
VTfV0gMJGjZVydUjlPzr6Tn5WXDSJE9abXYl+aKR6BKyIc5SBY9O8gqHuIoO5SCf
xx0UMW3f3BYOL83wxazcDqu3jWf9p9wWvigEmUMH12tmDHhJWK/nYBoC2GlGmqyZ
3qiSeZQxz5dW5MHto/Mlg+2+m2sankcDAwmHeZyRSJTUxSifDDkTil373em70Usb
4Wd5v4ZLt1O41mTk+tqWlLbdqpl8vp9wqtQWzm92FUt/JyVU5vIWGxGnIBD8/Esr
2BgyThyqYqKc0w0K
-----END CERTIFICATE-----