Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DvD-irs27bvvRGptVK24YsSrO6E.cer
File:                     DvD-irs27bvvRGptVK24YsSrO6E.cer (raw, json)
Hash identifier:          PaQRz0Jeyf//T+ckMla70bkUofTIpj05VnGDoAUaRyc=
Subject key identifier:   0E:F0:FE:8A:BB:36:ED:BB:EF:44:6A:6D:54:AD:B8:62:C4:AB:3B:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8714508BFF03FE8B0086BFA7D89D475
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/94/831ecb-ab1f-4427-8d60-f746652444da/1/DvD-irs27bvvRGptVK24YsSrO6E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/94/831ecb-ab1f-4427-8d60-f746652444da/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:31:55 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 64419

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 25 Apr 2024 14:05:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:45:08:bf:f0:3f:e8:b0:08:6b:fa:7d:89:d4:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:31:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ef0fe8abb36edbbef446a6d54adb862c4ab3ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:64:c5:70:25:a0:d0:e1:8f:7c:59:dc:af:e0:
                    ee:1d:5f:e5:11:e0:91:6b:76:20:b9:88:e2:dd:e2:
                    da:2e:f9:60:6b:57:84:66:bc:ee:9d:7a:c0:2e:e5:
                    dc:10:43:cd:ed:eb:b9:98:f3:ea:13:c8:15:f2:4e:
                    bd:3d:dd:c8:5d:b8:f8:24:08:e9:a3:c5:b8:bb:f3:
                    a9:f9:76:47:ea:eb:02:e6:4f:21:29:f9:e1:6a:54:
                    8c:9c:bd:b0:3e:b1:98:a7:6f:df:5d:b9:4b:2c:ba:
                    d9:10:5c:b2:99:25:90:3f:fb:4a:a4:b4:af:79:0a:
                    89:30:ec:53:8b:d9:26:2b:2f:66:d9:76:fc:9c:00:
                    89:7b:75:fd:85:4e:74:76:b4:b5:f8:9f:e8:94:ce:
                    94:ed:50:70:31:a3:a9:d3:b1:4e:ed:61:53:2c:1c:
                    8b:a2:47:61:03:ee:89:57:90:9e:89:d5:cf:6b:11:
                    72:36:e2:4b:d9:d7:45:d1:4a:0b:d9:97:a3:7d:d4:
                    e8:22:b6:81:9b:43:ea:48:34:12:df:ab:0e:97:ad:
                    1a:6f:2e:16:f3:bd:a9:08:1a:f1:1e:61:da:7c:59:
                    55:34:74:8f:30:1b:20:90:04:88:6c:5b:0f:d7:67:
                    6f:c0:55:1c:db:0b:3b:fc:80:a4:2e:fe:e7:4f:0b:
                    fc:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:F0:FE:8A:BB:36:ED:BB:EF:44:6A:6D:54:AD:B8:62:C4:AB:3B:A1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/831ecb-ab1f-4427-8d60-f746652444da/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/831ecb-ab1f-4427-8d60-f746652444da/1/DvD-irs27bvvRGptVK24YsSrO6E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  64419

    Signature Algorithm: sha256WithRSAEncryption
         2e:8c:62:48:05:3d:11:e6:37:e0:4a:59:3a:a4:50:e3:bc:58:
         72:2d:34:74:52:2a:50:47:c5:4c:b9:3b:7e:dd:43:21:cd:2a:
         ba:a2:65:ff:db:46:ad:1b:b3:7b:49:c9:d1:be:ea:fe:1d:b8:
         3b:85:59:f2:90:54:4c:79:9b:c7:c5:e9:b4:a1:84:ff:5e:35:
         18:81:73:15:28:d4:8a:60:62:43:1c:3b:9f:e6:18:72:7a:1e:
         25:c2:04:13:f5:bc:28:85:63:fd:81:8f:88:90:73:64:dc:52:
         04:15:23:f4:d2:99:14:c5:6e:8e:c2:87:27:be:99:fb:c9:23:
         89:73:28:a2:fd:e6:db:93:56:d5:d6:fa:8b:3a:b1:1c:ef:4d:
         63:7a:40:ef:78:55:a6:e8:c6:69:9f:19:25:5c:27:3a:a9:75:
         ba:f9:fc:81:bf:48:80:6a:fa:c9:9f:ac:6f:3e:28:df:31:41:
         c9:e0:f8:56:7c:cc:06:18:10:05:c8:df:ca:78:73:5d:d3:08:
         1a:ad:ee:87:33:2d:86:87:43:b8:ce:04:49:11:26:57:57:09:
         2c:34:63:98:8f:04:b3:a2:56:da:73:ee:8e:37:7d:eb:ef:9f:
         93:ae:20:27:cc:90:ec:6e:5b:e9:ee:f8:5c:df:2c:41:16:e9:
         0d:72:f4:0b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzIcUUIv/A/6LAIa/p9idR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWYwZmU4YWJiMzZlZGJiZWY0NDZhNmQ1NGFkYjg2MmM0YWIzYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGTFcCWg0OGPfFncr+DuHV/lEeCR
a3YguYji3eLaLvlga1eEZrzunXrALuXcEEPN7eu5mPPqE8gV8k69Pd3IXbj4JAjp
o8W4u/Op+XZH6usC5k8hKfnhalSMnL2wPrGYp2/fXblLLLrZEFyymSWQP/tKpLSv
eQqJMOxTi9kmKy9m2Xb8nACJe3X9hU50drS1+J/olM6U7VBwMaOp07FO7WFTLByL
okdhA+6JV5CeidXPaxFyNuJL2ddF0UoL2ZejfdToIraBm0PqSDQS36sOl60aby4W
872pCBrxHmHafFlVNHSPMBsgkASIbFsP12dvwFUc2ws7/ICkLv7nTwv8wQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFA7w/oq7Nu2770RqbVStuGLEqzuhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk0LzgzMWVj
Yi1hYjFmLTQ0MjctOGQ2MC1mNzQ2NjUyNDQ0ZGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQvODMxZWNi
LWFiMWYtNDQyNy04ZDYwLWY3NDY2NTI0NDRkYS8xL0R2RC1pcnMyN2J2dlJHcHRW
SzI0WXNTck82RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwD7ozANBgkqhkiG9w0BAQsFAAOCAQEALoxiSAU9EeY3
4EpZOqRQ47xYci00dFIqUEfFTLk7ft1DIc0quqJl/9tGrRuze0nJ0b7q/h24O4VZ
8pBUTHmbx8XptKGE/141GIFzFSjUimBiQxw7n+YYcnoeJcIEE/W8KIVj/YGPiJBz
ZNxSBBUj9NKZFMVujsKHJ76Z+8kjiXMoov3m25NW1db6izqxHO9NY3pA73hVpujG
aZ8ZJVwnOql1uvn8gb9IgGr6yZ+sbz4o3zFByeD4VnzMBhgQBcjfynhzXdMIGq3u
hzMthodDuM4ESREmV1cJLDRjmI8Es6JW2nPujjd96++fk64gJ8yQ7G5b6e74XN8s
QRbpDXL0Cw==
-----END CERTIFICATE-----