Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
File:                     DRDop2O_i6vpa-erR_nbWdnZUjI.cer (raw, json)
Hash identifier:          LasZi8EA1bfgcsrFyYOMXzpCXfzJoE3Vo98GWVmrw6Y=
Subject key identifier:   0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC466097B85E4E74CEA0437785768FDAF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
caRepository:             rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/
Notify URL:               https://repo.kagl.me/rpki/notification.xml
Certificate not before:   Mon 01 Jan 2024 09:41:10 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 50555

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 26 Apr 2024 08:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:66:09:7b:85:e4:e7:4c:ea:04:37:78:57:68:fd:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 09:41:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d4:47:9f:7e:0a:3d:36:90:f1:b8:6c:f2:b1:
                    d3:a2:1f:c1:15:85:bd:cf:6e:1a:91:65:88:f0:a7:
                    51:b8:7a:8d:02:ec:9d:36:0b:d8:62:de:3e:06:e9:
                    11:dc:47:81:fc:59:39:0e:79:df:38:0e:a8:e6:79:
                    bd:c5:57:9a:93:d1:3c:6b:97:12:ac:59:b3:30:26:
                    96:1e:a0:f9:f1:f5:9e:01:78:cd:27:2b:4a:84:98:
                    89:61:bf:50:7a:5b:32:f6:a9:43:86:16:80:d9:34:
                    9b:94:1b:9a:6f:2b:77:b1:49:a0:73:86:6a:1f:e5:
                    e1:16:37:34:e7:03:6a:53:d7:ba:dd:8d:cc:e7:31:
                    ac:6e:1a:fe:cb:0a:6e:8c:99:9c:d9:f4:85:94:9d:
                    e3:5b:de:dd:d9:04:3c:09:b3:0f:02:73:27:66:fa:
                    09:1e:b5:2f:9d:94:ec:35:83:1c:09:43:30:50:b7:
                    31:00:cb:22:3e:2e:53:67:d9:9d:4c:a8:e9:6f:39:
                    f3:62:0f:44:63:22:09:0d:20:58:33:7b:0d:81:48:
                    97:86:8f:cb:90:cb:32:97:c2:62:64:e6:94:c0:78:
                    bb:97:8a:37:82:45:58:ec:7c:fb:d2:f6:8e:a1:53:
                    77:23:3b:f6:52:20:07:67:7f:63:5c:42:99:7a:d8:
                    68:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/
                RPKI Manifest - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                RPKI Notify - URI:https://repo.kagl.me/rpki/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50555

    Signature Algorithm: sha256WithRSAEncryption
         89:c1:13:07:43:c6:46:b5:d0:da:a2:0d:ae:4b:d7:20:54:59:
         36:b0:dc:27:8b:a5:69:a2:c7:80:e0:c9:20:fa:52:95:dd:86:
         e5:7a:36:db:c6:00:63:c7:a2:90:77:2d:90:07:ae:1c:0c:b9:
         35:60:87:92:49:a2:a9:71:d4:c6:d2:4a:9c:7f:77:5c:26:57:
         2d:70:44:42:2f:d7:5b:9f:90:d9:7d:3a:e2:12:f8:c1:3b:df:
         d1:24:91:0c:de:cd:94:8a:40:6e:8e:d6:0e:ef:59:40:a7:7c:
         d6:06:cf:cd:12:98:b4:82:75:9d:cc:60:c5:fd:b4:4e:a1:60:
         03:29:9b:14:49:dd:71:2b:62:e5:32:97:0a:ae:89:63:44:83:
         78:91:75:ab:69:c0:b8:f4:0f:d9:e9:3a:4b:91:ca:a8:e7:ed:
         ca:7d:0f:32:73:b4:3e:47:83:4f:80:22:4a:ff:15:dc:21:f3:
         e8:14:4c:a9:fc:b3:51:ef:e2:bb:ac:8b:7c:57:26:63:a0:25:
         bc:a3:f5:c5:1c:59:6e:a5:21:ad:88:14:68:fc:3f:40:c7:b3:
         15:55:31:5b:9f:20:d8:ae:8a:6b:55:ee:17:f2:db:8f:b6:b5:
         e6:ee:49:69:da:7e:5f:a5:da:a8:36:8a:5b:24:f8:df:3e:96:
         6d:54:b4:76
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzEZgl7heTnTOoEN3hXaP2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDk0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEwZThhNzYzYmY4YmFiZTk2YmU3YWI0N2Y5ZGI1OWQ5ZDk1MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdRHn34KPTaQ8bhs8rHToh/BFYW9
z24akWWI8KdRuHqNAuydNgvYYt4+BukR3EeB/Fk5DnnfOA6o5nm9xVeak9E8a5cS
rFmzMCaWHqD58fWeAXjNJytKhJiJYb9Qelsy9qlDhhaA2TSblBuabyt3sUmgc4Zq
H+XhFjc05wNqU9e63Y3M5zGsbhr+ywpujJmc2fSFlJ3jW97d2QQ8CbMPAnMnZvoJ
HrUvnZTsNYMcCUMwULcxAMsiPi5TZ9mdTKjpbznzYg9EYyIJDSBYM3sNgUiXho/L
kMsyl8JiZOaUwHi7l4o3gkVY7Hz70vaOoVN3Izv2UiAHZ39jXEKZethotQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFA0Q6Kdjv4ur6Wvnq0f521nZ2VIyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgewGCCsGAQUFBwELBIHfMIHcMDoGCCsGAQUFBzAFhi5yc3lu
YzovL3JlcG8ua2FnbC5tZS9ycGtpL0tlYXRvbkFHTGFpci1URVNULzAvMGYGCCsG
AQUFBzAKhlpyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtpL0tlYXRvbkFHTGFpci1U
RVNULzAvMEQxMEU4QTc2M0JGOEJBQkU5NkJFN0FCNDdGOURCNTlEOUQ5NTIzMi5t
ZnQwNgYIKwYBBQUHMA2GKmh0dHBzOi8vcmVwby5rYWdsLm1lL3Jwa2kvbm90aWZp
Y2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVt
ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQL
MAmgBzAFAgMAxXswDQYJKoZIhvcNAQELBQADggEBAInBEwdDxka10NqiDa5L1yBU
WTaw3CeLpWmix4DgySD6UpXdhuV6NtvGAGPHopB3LZAHrhwMuTVgh5JJoqlx1MbS
Spx/d1wmVy1wREIv11ufkNl9OuIS+ME739EkkQzezZSKQG6O1g7vWUCnfNYGz80S
mLSCdZ3MYMX9tE6hYAMpmxRJ3XErYuUylwquiWNEg3iRdatpwLj0D9npOkuRyqjn
7cp9DzJztD5Hg0+AIkr/Fdwh8+gUTKn8s1Hv4rusi3xXJmOgJbyj9cUcWW6lIa2I
FGj8P0DHsxVVMVufINiuimtV7hfy24+2tebuSWnafl+l2qg2ilsk+N8+lm1UtHY=
-----END CERTIFICATE-----