Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AdIyzG-yu_d4bZLGxq66oO2aceQ.cer
File:                     AdIyzG-yu_d4bZLGxq66oO2aceQ.cer (raw, json)
Hash identifier:          XGc+z/WWYwArp3WAT1Xuda7UigEqaWznCTjCPDNXwHM=
Subject key identifier:   01:D2:32:CC:6F:B2:BB:F7:78:6D:92:C6:C6:AE:BA:A0:ED:9A:71:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC493288CC3F2BABCF4C394BF06CD224F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/53/ea6fed-194b-4331-81da-d10a9771d79b/1/AdIyzG-yu_d4bZLGxq66oO2aceQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/53/ea6fed-194b-4331-81da-d10a9771d79b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:30:27 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 206382

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 26 Apr 2024 14:10:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:28:8c:c3:f2:ba:bc:f4:c3:94:bf:06:cd:22:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:30:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=01d232cc6fb2bbf7786d92c6c6aebaa0ed9a71e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d6:23:cd:ec:6d:35:12:26:4f:b0:7d:db:f2:
                    73:dd:77:59:5a:da:0a:87:f9:b8:04:31:f9:cc:ba:
                    61:b3:4a:36:c8:99:21:9d:de:0c:77:48:c6:51:20:
                    75:27:40:12:c5:20:8e:d7:91:ca:62:91:20:fd:30:
                    9e:b4:a4:69:7b:a9:5d:29:12:1d:dd:e6:07:5e:95:
                    93:30:c1:60:23:fc:16:85:bc:10:bc:d2:31:d5:75:
                    12:58:9f:3b:e7:28:ef:9d:09:dd:39:18:08:74:7b:
                    f6:e6:fb:68:9b:79:cd:19:ae:15:e7:a3:db:fe:15:
                    f9:0b:86:68:b6:56:e8:c7:b8:0d:cc:c3:07:dd:bd:
                    af:90:83:2d:6d:f1:52:37:28:d6:91:18:41:c2:f9:
                    e1:ef:c3:79:16:61:21:71:1b:e2:2c:da:31:ac:e3:
                    10:83:ae:45:41:29:49:c6:50:45:b0:2a:70:b4:f9:
                    41:83:e8:8e:af:ec:a7:f0:14:16:00:c8:9a:ac:b0:
                    89:6e:45:18:b0:2c:e7:8c:4a:c0:9b:42:36:4d:52:
                    ed:f4:7d:41:fa:6e:0e:e3:5d:f3:99:1e:da:78:44:
                    75:d5:4f:ed:85:59:99:16:b5:64:17:01:54:85:0b:
                    54:56:b5:b0:64:cb:7f:bd:87:2b:53:93:63:d6:6c:
                    1e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:D2:32:CC:6F:B2:BB:F7:78:6D:92:C6:C6:AE:BA:A0:ED:9A:71:E4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ea6fed-194b-4331-81da-d10a9771d79b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ea6fed-194b-4331-81da-d10a9771d79b/1/AdIyzG-yu_d4bZLGxq66oO2aceQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206382

    Signature Algorithm: sha256WithRSAEncryption
         9e:a6:c3:22:b2:81:e6:e0:6a:84:d1:27:48:60:d6:08:16:90:
         98:fd:8b:98:0a:0b:9a:e5:ac:97:ae:11:54:00:88:c1:a7:4f:
         3f:11:bc:84:e7:3e:27:d0:71:d2:ce:c4:c4:ee:64:a7:e2:ed:
         70:59:50:da:e3:0c:28:c8:d4:8f:ec:f0:a1:24:44:b5:19:28:
         cd:4c:71:a1:84:b7:a9:61:83:e4:e5:53:c1:b4:71:cd:36:0b:
         9e:b2:a3:f4:8d:21:72:9b:b2:85:b4:cb:51:4b:56:bc:f1:26:
         b4:19:b8:c3:ac:57:0d:82:8e:d5:4e:72:85:f2:65:fa:fa:ce:
         e1:f3:cc:e1:74:d2:ab:99:c7:3c:8e:da:16:57:5d:e0:41:ed:
         8e:a1:98:84:a0:24:74:e5:23:53:a2:df:9d:26:66:43:75:d5:
         9c:8c:4d:78:50:05:be:5c:b1:71:a7:b7:56:1c:73:a1:14:9b:
         69:cc:50:1c:e1:33:c2:b4:be:90:13:9e:de:ed:a1:54:4a:11:
         be:ff:31:36:8b:b7:88:db:f0:71:87:33:5b:93:30:9d:5c:74:
         df:11:d2:8c:dc:35:98:77:ad:05:64:08:3d:85:f0:ca:36:79:
         d6:51:bd:03:20:1d:98:86:21:8d:8b:7c:4f:63:38:f1:f7:07:
         24:1f:a4:5a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzEkyiMw/K6vPTDlL8GzSJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQyMzJjYzZmYjJiYmY3Nzg2ZDkyYzZjNmFlYmFhMGVkOWE3MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNYjzextNRImT7B92/Jz3XdZWtoK
h/m4BDH5zLphs0o2yJkhnd4Md0jGUSB1J0ASxSCO15HKYpEg/TCetKRpe6ldKRId
3eYHXpWTMMFgI/wWhbwQvNIx1XUSWJ875yjvnQndORgIdHv25vtom3nNGa4V56Pb
/hX5C4Zotlbox7gNzMMH3b2vkIMtbfFSNyjWkRhBwvnh78N5FmEhcRviLNoxrOMQ
g65FQSlJxlBFsCpwtPlBg+iOr+yn8BQWAMiarLCJbkUYsCznjErAm0I2TVLt9H1B
+m4O413zmR7aeER11U/thVmZFrVkFwFUhQtUVrWwZMt/vYcrU5Nj1mwe4QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAHSMsxvsrv3eG2SxsauuqDtmnHkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzL2VhNmZl
ZC0xOTRiLTQzMzEtODFkYS1kMTBhOTc3MWQ3OWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZWE2ZmVk
LTE5NGItNDMzMS04MWRhLWQxMGE5NzcxZDc5Yi8xL0FkSXl6Ry15dV9kNGJaTEd4
cTY2b08yYWNlUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMmLjANBgkqhkiG9w0BAQsFAAOCAQEAnqbDIrKB5uBq
hNEnSGDWCBaQmP2LmAoLmuWsl64RVACIwadPPxG8hOc+J9Bx0s7ExO5kp+LtcFlQ
2uMMKMjUj+zwoSREtRkozUxxoYS3qWGD5OVTwbRxzTYLnrKj9I0hcpuyhbTLUUtW
vPEmtBm4w6xXDYKO1U5yhfJl+vrO4fPM4XTSq5nHPI7aFldd4EHtjqGYhKAkdOUj
U6LfnSZmQ3XVnIxNeFAFvlyxcae3VhxzoRSbacxQHOEzwrS+kBOe3u2hVEoRvv8x
Nou3iNvwcYczW5MwnVx03xHSjNw1mHetBWQIPYXwyjZ51lG9AyAdmIYhjYt8T2M4
8fcHJB+kWg==
-----END CERTIFICATE-----