Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FXdt9sJqD_OcQ1OdAkcpIbhh5Ow.cer
File:                     FXdt9sJqD_OcQ1OdAkcpIbhh5Ow.cer (raw, json)
Hash identifier:          nvHyq88LfkBqXwrerhdw4c1GsHd2ymOaMJZ7hNBlUvk=
Subject key identifier:   15:77:6D:F6:C2:6A:0F:F3:9C:43:53:9D:02:47:29:21:B8:61:E4:EC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019425FD0019752C6342BFCB34ABB054B6A3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f6/3ec808-52e1-4f66-b145-4accf9f53927/1/FXdt9sJqD_OcQ1OdAkcpIbhh5Ow.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f6/3ec808-52e1-4f66-b145-4accf9f53927/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 07:48:45 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 50852
                          IP: 194.247.22.0/23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:fd:00:19:75:2c:63:42:bf:cb:34:ab:b0:54:b6:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 07:48:45 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=15776df6c26a0ff39c43539d02472921b861e4ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b5:a9:a2:3f:35:89:f1:63:81:d3:aa:1f:60:
                    03:53:27:ec:07:27:e1:fa:99:a0:f5:06:c7:84:ab:
                    58:fb:50:d6:5a:ac:2b:14:b1:1c:c4:4b:14:59:10:
                    8c:2f:4a:7e:4f:5f:1d:1e:92:53:4b:43:e2:39:30:
                    ab:20:f8:f6:9a:b2:07:5e:58:93:90:d7:8e:bc:33:
                    b9:31:d0:d1:7f:c2:65:7e:35:94:81:0c:27:ae:3f:
                    00:be:6c:8c:c0:78:6a:1b:5b:72:1e:b7:d0:7c:bf:
                    97:4d:5d:60:0e:2f:07:22:d0:7f:ae:51:d3:9a:7a:
                    8d:d9:39:ea:84:39:c9:15:f0:cf:d6:b8:95:82:ce:
                    5d:cf:36:b7:95:4a:7e:5e:71:e1:9e:e2:e2:0e:e5:
                    8e:de:74:41:1f:7c:c1:cc:58:53:6d:c8:25:17:ae:
                    a6:44:79:4a:60:c3:ff:84:ea:16:1f:72:3e:3c:b7:
                    85:5f:3b:11:50:44:82:8d:62:33:0b:ae:6c:70:7a:
                    5f:01:d0:7c:b8:60:3c:3c:2e:e3:54:3f:04:5c:12:
                    4d:e4:e8:a9:91:5f:9e:93:b9:c3:3d:35:a9:f6:4b:
                    80:49:cc:4b:bd:f6:62:aa:6b:19:f3:38:87:25:16:
                    e6:84:17:4b:05:f2:ec:b1:f4:b4:1a:73:ae:2d:a2:
                    8d:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:77:6D:F6:C2:6A:0F:F3:9C:43:53:9D:02:47:29:21:B8:61:E4:EC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3ec808-52e1-4f66-b145-4accf9f53927/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3ec808-52e1-4f66-b145-4accf9f53927/1/FXdt9sJqD_OcQ1OdAkcpIbhh5Ow.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.247.22.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50852

    Signature Algorithm: sha256WithRSAEncryption
         9d:18:46:d8:9a:ad:17:0a:76:1e:c5:b5:34:42:08:b0:d1:36:
         a0:9f:4a:e0:c7:e4:c9:ae:8b:ca:36:07:7f:d5:fd:51:ee:b0:
         b4:d7:57:f0:3f:50:c5:c8:24:ad:61:94:47:c9:24:ae:e0:ae:
         b6:ca:76:54:fd:27:bf:95:1f:b7:e8:6a:15:df:93:aa:32:df:
         bd:59:ca:9d:41:ef:3f:80:b2:7a:18:3d:68:d7:1b:39:e4:5a:
         e2:54:ef:fd:da:63:f6:91:4d:e9:08:1e:69:57:02:f1:c9:fe:
         31:2f:e4:50:a8:6c:d8:fb:78:a5:60:42:7a:a3:e9:e2:91:9b:
         73:46:7d:12:3a:e4:9f:a6:d6:69:33:52:81:66:21:7f:12:9d:
         1c:57:fb:5f:34:1a:3d:4d:f7:cb:53:d3:c4:8e:89:f5:5d:ee:
         72:0e:05:ee:0c:45:81:43:df:80:bc:a7:eb:fc:00:33:3c:d3:
         86:64:34:cc:33:5e:42:99:69:01:2a:9e:56:41:7e:16:77:d9:
         c1:d9:2b:66:f7:40:75:51:0f:89:08:53:09:e1:aa:c5:73:4b:
         8b:c9:da:34:2c:a1:90:04:ad:e4:af:83:6d:dd:e5:2e:04:3d:
         00:13:16:31:ae:2b:ce:48:58:ff:02:72:01:e0:51:e2:6b:16:
         58:a8:72:a9
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQl/QAZdSxjQr/LNKuwVLajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTc3NmRmNmMyNmEwZmYzOWM0MzUzOWQwMjQ3MjkyMWI4NjFlNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrWpoj81ifFjgdOqH2ADUyfsByfh
+pmg9QbHhKtY+1DWWqwrFLEcxEsUWRCML0p+T18dHpJTS0PiOTCrIPj2mrIHXliT
kNeOvDO5MdDRf8JlfjWUgQwnrj8AvmyMwHhqG1tyHrfQfL+XTV1gDi8HItB/rlHT
mnqN2TnqhDnJFfDP1riVgs5dzza3lUp+XnHhnuLiDuWO3nRBH3zBzFhTbcglF66m
RHlKYMP/hOoWH3I+PLeFXzsRUESCjWIzC65scHpfAdB8uGA8PC7jVD8EXBJN5Oip
kV+ek7nDPTWp9kuAScxLvfZiqmsZ8ziHJRbmhBdLBfLssfS0GnOuLaKNawIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFBV3bfbCag/znENTnQJHKSG4YeTsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2LzNlYzgw
OC01MmUxLTRmNjYtYjE0NS00YWNjZjlmNTM5MjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvM2VjODA4
LTUyZTEtNGY2Ni1iMTQ1LTRhY2NmOWY1MzkyNy8xL0ZYZHQ5c0pxRF9PY1ExT2RB
a2NwSWJoaDVPdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwvcWMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDGpDANBgkqhkiG9w0BAQsFAAOCAQEAnRhG2JqtFwp2HsW1NEIIsNE2oJ9K4Mfk
ya6LyjYHf9X9Ue6wtNdX8D9QxcgkrWGUR8kkruCutsp2VP0nv5Uft+hqFd+TqjLf
vVnKnUHvP4Cyehg9aNcbOeRa4lTv/dpj9pFN6QgeaVcC8cn+MS/kUKhs2Pt4pWBC
eqPp4pGbc0Z9Ejrkn6bWaTNSgWYhfxKdHFf7XzQaPU33y1PTxI6J9V3ucg4F7gxF
gUPfgLyn6/wAMzzThmQ0zDNeQplpASqeVkF+FnfZwdkrZvdAdVEPiQhTCeGqxXNL
i8naNCyhkASt5K+Dbd3lLgQ9ABMWMa4rzkhY/wJyAeBR4msWWKhyqQ==
-----END CERTIFICATE-----