Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DVYxF7sQWr2oMJVtCmdSwI4y8g4.cer
File:                     DVYxF7sQWr2oMJVtCmdSwI4y8g4.cer (raw, json)
Hash identifier:          dQLmqJQQAFjRwXhVBqR0KPeYP+1rQ56ZIv+R9oQ12d0=
Subject key identifier:   0D:56:31:17:BB:10:5A:BD:A8:30:95:6D:0A:67:52:C0:8E:32:F2:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DF856B2EB849AC4E48368A2C88EE32
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ee/40c094-1ba6-4f3f-bc8d-d1566df0db05/1/DVYxF7sQWr2oMJVtCmdSwI4y8g4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ee/40c094-1ba6-4f3f-bc8d-d1566df0db05/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:32:21 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 203446

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Apr 2024 23:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:85:6b:2e:b8:49:ac:4e:48:36:8a:2c:88:ee:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:32:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d563117bb105abda830956d0a6752c08e32f20e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:57:78:f9:77:3b:a5:13:e5:3a:47:5b:c0:9a:
                    34:de:91:90:89:fd:20:32:95:b4:90:76:b9:9f:72:
                    b7:72:04:15:14:fa:a4:7d:ea:08:63:87:66:62:22:
                    01:be:5d:69:c4:2a:a8:98:15:37:ea:b4:01:17:e5:
                    1c:86:ae:36:f7:22:a4:42:34:b6:b6:81:2c:0f:ab:
                    1c:56:fb:a0:f2:eb:5f:09:49:57:19:34:b2:8c:2c:
                    18:69:52:4d:7a:42:19:7e:20:9d:d3:d9:b5:84:47:
                    87:61:81:5b:f6:6b:e4:b6:4b:f6:f8:e3:e5:f3:a1:
                    87:0c:69:b5:a9:69:76:79:ad:7a:95:8e:0c:85:6b:
                    25:b2:7c:75:a4:c5:a9:f4:65:e9:8b:62:ab:17:85:
                    cc:80:b5:21:de:2c:1a:c3:85:b0:72:98:a5:f2:40:
                    9a:56:3d:41:09:c5:5e:51:5c:32:87:57:9f:ab:35:
                    af:92:69:25:40:8c:ea:f6:c9:e9:20:e7:5b:0e:68:
                    9b:69:51:83:6e:b4:35:a4:26:6c:c8:07:a8:d8:5b:
                    04:15:14:fb:e3:34:60:bb:47:84:1e:28:c8:29:b1:
                    f4:a7:3d:fd:8e:ca:c7:b2:d9:6f:06:7b:87:30:83:
                    2e:be:37:5a:c5:9a:da:de:0c:ae:33:0d:18:12:94:
                    eb:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:56:31:17:BB:10:5A:BD:A8:30:95:6D:0A:67:52:C0:8E:32:F2:0E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/40c094-1ba6-4f3f-bc8d-d1566df0db05/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/40c094-1ba6-4f3f-bc8d-d1566df0db05/1/DVYxF7sQWr2oMJVtCmdSwI4y8g4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203446

    Signature Algorithm: sha256WithRSAEncryption
         15:a6:67:bf:06:8e:90:3d:85:42:ad:2c:ae:de:7b:74:89:e5:
         69:08:09:1c:fc:05:ea:99:58:f4:a6:06:2d:61:bc:3c:d2:ff:
         cc:e8:27:f7:1f:65:44:45:25:a1:f1:3b:73:b3:cb:3c:75:30:
         cd:52:cb:0a:e5:76:1a:ad:42:fc:bf:12:d5:7c:62:18:cf:1a:
         10:eb:64:ad:63:4a:0c:09:3c:a7:38:05:33:e8:73:ba:3d:a6:
         38:26:42:19:e9:2e:70:2a:76:2f:9c:c0:82:bf:b1:85:18:17:
         cf:ea:1c:5e:cf:70:96:7d:16:6b:49:2b:7a:a4:8d:13:8f:b7:
         45:a5:01:d9:6f:13:f9:86:c5:95:48:be:de:95:1c:a4:8c:a4:
         33:00:09:13:f3:85:58:3b:2b:c4:e7:ad:6e:50:8e:bc:70:04:
         84:59:b4:33:50:88:b1:7d:bd:cf:3f:88:73:31:16:dc:b3:7e:
         a6:9f:30:75:1c:28:96:9a:35:06:18:8f:c5:d0:d1:6d:a4:6c:
         9f:5c:f1:6e:a8:4c:5d:b5:fc:a3:ea:f6:39:ed:fb:97:08:34:
         bf:e0:3a:be:44:6f:51:d9:ef:cb:07:f8:47:63:0a:76:1f:04:
         aa:54:ec:19:4e:3f:04:a8:55:7c:1b:b6:18:41:ed:d9:a1:d0:
         26:0d:2c:5b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzI34VrLrhJrE5INoosiO4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDU2MzExN2JiMTA1YWJkYTgzMDk1NmQwYTY3NTJjMDhlMzJmMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1d4+Xc7pRPlOkdbwJo03pGQif0g
MpW0kHa5n3K3cgQVFPqkfeoIY4dmYiIBvl1pxCqomBU36rQBF+Uchq429yKkQjS2
toEsD6scVvug8utfCUlXGTSyjCwYaVJNekIZfiCd09m1hEeHYYFb9mvktkv2+OPl
86GHDGm1qWl2ea16lY4MhWslsnx1pMWp9GXpi2KrF4XMgLUh3iwaw4Wwcpil8kCa
Vj1BCcVeUVwyh1efqzWvkmklQIzq9snpIOdbDmibaVGDbrQ1pCZsyAeo2FsEFRT7
4zRgu0eEHijIKbH0pz39jsrHstlvBnuHMIMuvjdaxZra3gyuMw0YEpTr1QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFA1WMRe7EFq9qDCVbQpnUsCOMvIOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VlLzQwYzA5
NC0xYmE2LTRmM2YtYmM4ZC1kMTU2NmRmMGRiMDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUvNDBjMDk0
LTFiYTYtNGYzZi1iYzhkLWQxNTY2ZGYwZGIwNS8xL0RWWXhGN3NRV3Iyb01KVnRD
bWRTd0k0eThnNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMatjANBgkqhkiG9w0BAQsFAAOCAQEAFaZnvwaOkD2F
Qq0srt57dInlaQgJHPwF6plY9KYGLWG8PNL/zOgn9x9lREUlofE7c7PLPHUwzVLL
CuV2Gq1C/L8S1XxiGM8aEOtkrWNKDAk8pzgFM+hzuj2mOCZCGekucCp2L5zAgr+x
hRgXz+ocXs9wln0Wa0kreqSNE4+3RaUB2W8T+YbFlUi+3pUcpIykMwAJE/OFWDsr
xOetblCOvHAEhFm0M1CIsX29zz+IczEW3LN+pp8wdRwolpo1BhiPxdDRbaRsn1zx
bqhMXbX8o+r2Oe37lwg0v+A6vkRvUdnvywf4R2MKdh8EqlTsGU4/BKhVfBu2GEHt
2aHQJg0sWw==
-----END CERTIFICATE-----