Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
File:                     CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer (raw, json)
Hash identifier:          hYHVcCgWg6/cZhXsBUQzCxryXIm+eIS4kKF3xwu5bBE=
Subject key identifier:   08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56E69C454421C5FBBD64FB845642CF2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:29:56 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 56766

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Apr 2024 14:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:69:c4:54:42:1c:5f:bb:d6:4f:b8:45:64:2c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:01:4d:4a:df:cf:4f:bb:0f:78:19:ff:3c:e2:
                    9b:a8:02:b3:b2:42:5b:41:4d:a8:a1:7a:87:e0:87:
                    95:14:65:77:f0:c3:12:ca:85:f7:6a:c1:65:22:36:
                    77:e3:94:5a:24:51:69:17:67:3d:d0:1c:bd:6a:ff:
                    12:65:e4:c5:ee:ba:99:bd:be:ac:3f:7c:8b:8b:3a:
                    9b:13:bd:93:ad:6f:1c:2a:da:30:33:36:33:45:87:
                    d8:4b:6a:07:f6:90:d6:72:88:2a:6a:27:8a:9c:41:
                    73:16:cd:c7:24:43:3d:e7:7c:30:83:bd:8d:d7:0c:
                    3e:1a:5a:d7:9e:d1:71:0e:5b:73:32:68:38:2e:cd:
                    70:6b:b3:87:72:33:5f:0c:5d:67:73:75:f9:15:39:
                    9b:46:f7:73:b9:71:13:2e:d1:63:3b:92:5c:9d:e2:
                    62:f6:29:7f:84:75:7c:34:a8:e4:9d:27:a9:31:a2:
                    16:52:0d:43:22:64:8d:83:e7:00:16:30:fb:4f:9a:
                    cb:a6:4c:31:2d:ed:5c:c2:d8:9b:27:5a:f8:3a:c6:
                    08:bc:77:ff:37:a5:1f:59:db:29:2e:a6:3f:ca:0e:
                    76:4a:32:2b:d5:f7:07:91:27:49:fe:d3:35:00:a5:
                    f4:ab:d5:77:0d:6f:86:0f:f7:4b:dc:81:e2:44:7e:
                    6c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56766

    Signature Algorithm: sha256WithRSAEncryption
         a6:c4:ec:f1:26:a3:85:84:a5:4d:8c:ab:e1:e2:c6:18:6e:c4:
         6e:7c:48:88:b9:3c:1c:9c:12:bd:89:05:36:3e:a5:33:36:0e:
         08:ce:82:e3:c6:a2:9d:a4:63:7e:ed:55:e9:b7:47:15:89:03:
         3a:38:ef:74:16:7e:5e:f9:67:21:14:ac:0e:db:dc:12:6c:6d:
         c6:9e:82:38:82:0d:66:ff:5f:0e:3d:73:91:f2:ad:16:14:2c:
         43:4d:7b:85:fb:80:71:d8:a6:1f:58:c1:ed:24:e7:b3:b5:70:
         99:ca:e0:cd:5e:80:ed:aa:11:82:23:c2:56:8c:35:af:29:54:
         44:3b:1f:bf:b7:b5:e1:66:d2:8e:9f:20:64:ec:38:8c:66:93:
         7a:fe:60:47:74:6a:fe:01:99:21:3a:5c:8f:12:6d:f5:c7:61:
         50:a0:5b:8f:ed:1d:4d:63:dc:b2:f0:7f:fd:29:00:8e:8a:a3:
         8c:e1:0b:48:62:9c:fb:bb:eb:39:b1:1a:d4:cb:40:95:17:35:
         ad:35:64:7c:80:10:c7:0c:ad:91:dd:3c:86:fa:05:df:75:59:
         72:3b:37:43:1f:b6:9f:66:23:76:6f:40:d6:fb:33:08:da:5f:
         e7:d5:de:3f:c4:35:12:0e:64:58:2d:e7:21:56:5f:ed:a0:bd:
         74:c7:0b:f8
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzFbmnEVEIcX7vWT7hFZCzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQyN2ZkYzkwZjgwZjgwOTcyYzEyNWJkNDFlZGIwYWU4MzM0YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gFNSt/PT7sPeBn/POKbqAKzskJb
QU2ooXqH4IeVFGV38MMSyoX3asFlIjZ345RaJFFpF2c90By9av8SZeTF7rqZvb6s
P3yLizqbE72TrW8cKtowMzYzRYfYS2oH9pDWcogqaieKnEFzFs3HJEM953wwg72N
1ww+GlrXntFxDltzMmg4Ls1wa7OHcjNfDF1nc3X5FTmbRvdzuXETLtFjO5JcneJi
9il/hHV8NKjknSepMaIWUg1DImSNg+cAFjD7T5rLpkwxLe1cwtibJ1r4OsYIvHf/
N6UfWdspLqY/yg52SjIr1fcHkSdJ/tM1AKX0q9V3DW+GD/dL3IHiRH5slQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAjSf9yQ+A+AlywSW9Qe2wroM0qgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzY2MmRi
ZS01OTM3LTQ2ZmEtOGQ5Ni05MTA1NDExNTVmZWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvNjYyZGJl
LTU5MzctNDZmYS04ZDk2LTkxMDU0MTE1NWZlZi8xL0NOSl8zSkQ0RDRDWExCSmIx
QjdiQ3VnelNxQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDdvjANBgkqhkiG9w0BAQsFAAOCAQEApsTs8SajhYSl
TYyr4eLGGG7EbnxIiLk8HJwSvYkFNj6lMzYOCM6C48ainaRjfu1V6bdHFYkDOjjv
dBZ+XvlnIRSsDtvcEmxtxp6COIINZv9fDj1zkfKtFhQsQ017hfuAcdimH1jB7STn
s7VwmcrgzV6A7aoRgiPCVow1rylURDsfv7e14WbSjp8gZOw4jGaTev5gR3Rq/gGZ
ITpcjxJt9cdhUKBbj+0dTWPcsvB//SkAjoqjjOELSGKc+7vrObEa1MtAlRc1rTVk
fIAQxwytkd08hvoF33VZcjs3Qx+2n2Yjdm9A1vszCNpf59XeP8Q1Eg5kWC3nIVZf
7aC9dMcL+A==
-----END CERTIFICATE-----