Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EUNdZhaxNdu19j4P66aDpKkhbFg.cer
File:                     EUNdZhaxNdu19j4P66aDpKkhbFg.cer (raw, json)
Hash identifier:          U2c6wkFoOyNjmeF1C8M6tWpK/4G1oXYp8yr70A4W2R0=
Subject key identifier:   11:43:5D:66:16:B1:35:DB:B5:F6:3E:0F:EB:A6:83:A4:A9:21:6C:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018DE21C0EBC587EB1FD86C8D1EBF6CE8A5B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/500ee825-72ae-41c3-9c48-e52d0c46373f/1/11435D6616B135DBB5F63E0FEBA683A4A9216C58.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/500ee825-72ae-41c3-9c48-e52d0c46373f/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Sun 25 Feb 2024 21:11:46 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215810

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:e2:1c:0e:bc:58:7e:b1:fd:86:c8:d1:eb:f6:ce:8a:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 25 21:11:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=11435d6616b135dbb5f63e0feba683a4a9216c58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b7:57:b4:9b:18:6d:83:1f:71:6c:ce:39:73:
                    a3:9a:8c:41:36:da:d4:7a:4c:7c:15:45:37:de:b7:
                    a2:c6:d6:88:84:a4:ed:90:3b:d7:6a:60:ce:90:b8:
                    91:0b:2f:75:b8:a3:6b:2f:07:89:2f:f2:d6:44:99:
                    79:b0:ef:78:f5:25:3d:7d:a1:07:0a:35:18:78:28:
                    99:d0:77:80:b4:81:b6:30:c7:23:96:fc:0c:53:67:
                    cd:7d:0f:b3:04:5b:7f:ea:7e:30:3e:6d:f9:7e:d5:
                    7b:4f:d6:19:72:67:76:be:90:88:52:76:a6:9a:05:
                    1a:97:ac:f6:42:28:cf:2b:a8:c2:c9:fc:4a:1b:4e:
                    7a:cc:79:16:27:ed:66:7d:74:a2:3e:94:0f:91:c6:
                    35:3a:a2:6c:f2:10:8a:aa:1b:7d:12:e8:75:0c:7f:
                    82:9a:c7:9f:50:70:0b:d6:f4:4a:d7:46:5a:e9:94:
                    d4:12:01:f4:9e:b2:74:ee:8b:51:f5:87:32:b1:b6:
                    e6:be:76:8e:f2:06:ae:52:3d:c9:bb:4a:64:4d:fa:
                    a3:11:06:c8:5e:0c:2e:da:1a:04:5d:05:99:d9:b8:
                    f4:dd:c7:25:95:db:6d:3c:f8:40:1f:44:d2:7b:b7:
                    52:d5:79:f8:1a:5b:04:d8:fb:b2:c5:55:62:b9:bd:
                    7e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:43:5D:66:16:B1:35:DB:B5:F6:3E:0F:EB:A6:83:A4:A9:21:6C:58
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/500ee825-72ae-41c3-9c48-e52d0c46373f/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/500ee825-72ae-41c3-9c48-e52d0c46373f/1/11435D6616B135DBB5F63E0FEBA683A4A9216C58.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215810

    Signature Algorithm: sha256WithRSAEncryption
         1a:2c:a9:53:f1:d1:dc:e9:da:9d:67:7a:0f:7a:15:53:71:e4:
         88:e5:6f:36:2f:e7:b0:80:15:c2:9a:50:8f:a4:2b:18:22:b8:
         3d:9f:27:ee:17:a6:9b:4b:eb:57:13:a5:1b:3f:52:72:06:5e:
         cc:e1:66:92:e0:12:a7:21:23:61:90:b1:3b:6d:0d:d6:40:bf:
         5b:00:55:6a:e2:98:5e:82:31:b7:7c:a8:1a:ba:7f:20:0e:34:
         7b:0c:42:7d:d0:85:ad:42:53:cb:a4:d2:e3:46:76:f0:ef:7b:
         c5:ce:89:2d:13:c1:47:18:0e:38:f8:77:5a:7c:17:df:d7:87:
         4d:5e:79:00:84:6c:21:f8:f4:ea:91:10:24:b5:25:63:32:db:
         48:70:95:ae:64:12:6c:eb:c8:eb:e5:10:15:4e:7f:47:47:ac:
         31:c9:e9:0c:7e:35:1d:2d:0c:05:8d:a1:92:2e:fd:38:2b:b2:
         d6:3c:e2:20:89:3a:12:37:d7:e7:2f:fd:4c:bf:6c:7b:71:a3:
         a5:ff:a5:04:70:e8:9c:17:49:bd:fa:41:b0:fb:b6:21:fe:b5:
         b5:a9:50:64:42:6c:59:7b:b4:77:33:91:fd:d4:79:8d:86:ee:
         b8:21:f6:05:6a:30:05:a3:69:41:2f:a9:6d:60:04:98:ee:79:
         f2:f8:d6:18
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY3iHA68WH6x/YbI0ev2zopbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjI1MjExMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTQzNWQ2NjE2YjEzNWRiYjVmNjNlMGZlYmE2ODNhNGE5MjE2YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLdXtJsYbYMfcWzOOXOjmoxBNtrU
ekx8FUU33reixtaIhKTtkDvXamDOkLiRCy91uKNrLweJL/LWRJl5sO949SU9faEH
CjUYeCiZ0HeAtIG2MMcjlvwMU2fNfQ+zBFt/6n4wPm35ftV7T9YZcmd2vpCIUnam
mgUal6z2QijPK6jCyfxKG056zHkWJ+1mfXSiPpQPkcY1OqJs8hCKqht9Euh1DH+C
msefUHAL1vRK10Za6ZTUEgH0nrJ07otR9YcysbbmvnaO8gauUj3Ju0pkTfqjEQbI
Xgwu2hoEXQWZ2bj03cclldttPPhAH0TSe7dS1Xn4GlsE2PuyxVViub1+MwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFBFDXWYWsTXbtfY+D+umg6SpIWxYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUwMGVl
ODI1LTcyYWUtNDFjMy05YzQ4LWU1MmQwYzQ2MzczZi8xLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTAw
ZWU4MjUtNzJhZS00MWMzLTljNDgtZTUyZDBjNDYzNzNmLzEvMTE0MzVENjYxNkIx
MzVEQkI1RjYzRTBGRUJBNjgzQTRBOTIxNkM1OC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDSwIw
DQYJKoZIhvcNAQELBQADggEBABosqVPx0dzp2p1neg96FVNx5IjlbzYv57CAFcKa
UI+kKxgiuD2fJ+4XpptL61cTpRs/UnIGXszhZpLgEqchI2GQsTttDdZAv1sAVWri
mF6CMbd8qBq6fyAONHsMQn3Qha1CU8uk0uNGdvDve8XOiS0TwUcYDjj4d1p8F9/X
h01eeQCEbCH49OqRECS1JWMy20hwla5kEmzryOvlEBVOf0dHrDHJ6Qx+NR0tDAWN
oZIu/TgrstY84iCJOhI31+cv/Uy/bHtxo6X/pQRw6JwXSb36QbD7tiH+tbWpUGRC
bFl7tHczkf3UeY2G7rgh9gVqMAWjaUEvqW1gBJjuefL41hg=
-----END CERTIFICATE-----