Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Fm9ncLp34DLn59HXMtl1AkHhGfk.cer
File:                     Fm9ncLp34DLn59HXMtl1AkHhGfk.cer (raw, json)
Hash identifier:          vu52FacjIJtaFgNXeFnsVKtPPXer2XK+jvNwqV1OTFw=
Subject key identifier:   16:6F:67:70:BA:77:E0:32:E7:E7:D1:D7:32:D9:75:02:41:E1:19:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01903176E77681B844B5C748CA0F0297AF08
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/Fm9ncLp34DLn59HXMtl1AkHhGfk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 19 Jun 2024 17:06:34 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 193.164.155.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Sep 2024 14:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:31:76:e7:76:81:b8:44:b5:c7:48:ca:0f:02:97:af:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 19 17:06:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=166f6770ba77e032e7e7d1d732d9750241e119f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:60:bd:21:a1:32:93:36:ed:1c:73:7b:a0:9d:
                    bf:29:73:55:c4:13:f4:45:93:fa:d4:98:cd:fe:3a:
                    03:e2:97:3b:af:e4:7e:fa:7a:9d:27:a0:c4:3c:9c:
                    ef:de:1d:33:1e:01:f9:ab:e0:f6:85:65:9b:d0:92:
                    d6:79:b5:10:66:98:3c:04:dd:86:0a:75:cc:88:a1:
                    13:f2:91:0b:7c:7d:05:fe:f2:62:63:78:53:86:33:
                    a2:14:ab:11:09:e4:78:4b:1c:d8:9d:c1:46:27:ed:
                    49:73:3d:e0:be:11:84:fd:3d:62:12:c4:e2:7b:47:
                    ed:24:2a:8f:51:7a:d8:63:4c:71:b0:64:e7:6a:06:
                    f7:ba:8a:a3:6e:cf:cf:13:cb:b2:09:ae:a1:7d:64:
                    e1:41:f0:39:cb:11:83:36:cd:31:f6:9c:c6:09:b1:
                    06:ce:69:66:bb:ec:36:73:d5:26:4a:d3:9e:f9:c3:
                    31:37:83:c4:62:06:92:8d:51:4a:31:3e:1f:53:1d:
                    a4:ca:c1:f8:5e:bf:4d:ca:9d:b8:1e:02:d3:b8:4b:
                    af:21:a3:0f:1c:48:a2:f8:a3:f0:30:16:a6:63:41:
                    53:32:48:c7:57:20:14:4e:68:85:13:eb:8b:f4:d4:
                    51:74:41:da:ff:9e:43:8d:05:81:7a:83:7a:56:f1:
                    c2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6F:67:70:BA:77:E0:32:E7:E7:D1:D7:32:D9:75:02:41:E1:19:F9
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/Fm9ncLp34DLn59HXMtl1AkHhGfk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.164.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:d0:89:92:16:92:32:1c:a9:c7:36:fd:93:da:1a:8a:93:d0:
         11:f1:f5:41:2c:f0:ca:e6:11:b2:92:95:46:04:36:92:c2:a2:
         4a:98:f3:a8:8e:fc:22:82:96:40:91:07:bd:ca:0c:30:38:c6:
         fb:76:5e:96:46:38:30:80:e9:c1:6a:b6:b4:c4:c0:7c:5f:c8:
         a8:bd:66:17:5b:58:63:86:1f:85:52:19:63:5e:d2:50:39:b6:
         db:55:5d:ee:05:8f:11:80:46:71:cb:88:4f:e5:c4:0f:64:a3:
         63:ff:41:c0:5e:3f:13:54:35:ee:b8:5d:8e:7d:ba:b7:b8:fd:
         b1:f2:b1:6e:5c:3e:8a:d9:55:ff:40:84:47:6e:a9:fd:f1:09:
         fd:0a:51:4c:2a:8d:8a:7d:89:83:53:c4:a2:5b:55:e8:f5:c6:
         24:d7:01:6b:20:cf:a0:d2:86:33:54:99:f0:f3:cf:30:20:03:
         f3:17:64:f4:c5:d9:21:34:fa:1a:b6:b1:d0:f9:00:cd:d4:e2:
         13:ed:8a:28:da:b9:f1:76:2f:6f:25:41:bd:f8:15:bb:8e:a8:
         9b:08:14:12:65:69:b1:38:18:b5:42:40:b0:1a:87:0b:08:9d:
         da:4b:4f:cd:53:7b:77:84:92:96:a3:44:7a:6b:d9:57:21:ec:
         23:8c:ad:79
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZAxdud2gbhEtcdIyg8Cl68IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjE5MTcwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjZmNjc3MGJhNzdlMDMyZTdlN2QxZDczMmQ5NzUwMjQxZTExOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WC9IaEykzbtHHN7oJ2/KXNVxBP0
RZP61JjN/joD4pc7r+R++nqdJ6DEPJzv3h0zHgH5q+D2hWWb0JLWebUQZpg8BN2G
CnXMiKET8pELfH0F/vJiY3hThjOiFKsRCeR4SxzYncFGJ+1Jcz3gvhGE/T1iEsTi
e0ftJCqPUXrYY0xxsGTnagb3uoqjbs/PE8uyCa6hfWThQfA5yxGDNs0x9pzGCbEG
zmlmu+w2c9UmStOe+cMxN4PEYgaSjVFKMT4fUx2kysH4Xr9Nyp24HgLTuEuvIaMP
HEii+KPwMBamY0FTMkjHVyAUTmiFE+uL9NRRdEHa/55DjQWBeoN6VvHC6wIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFBZvZ3C6d+Ay5+fR1zLZdQJB4Rn5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEzLzdiZGM0
MS0xODc1LTRlNTAtYjNkNC0wNjljMTBkYWZiMDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMvN2JkYzQx
LTE4NzUtNGU1MC1iM2Q0LTA2OWMxMGRhZmIwNy8xL0ZtOW5jTHAzNERMbjU5SFhN
dGwxQWtIaEdmay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwaSbMA0GCSqGSIb3DQEBCwUAA4IBAQAS0ImS
FpIyHKnHNv2T2hqKk9AR8fVBLPDK5hGykpVGBDaSwqJKmPOojvwigpZAkQe9ygww
OMb7dl6WRjgwgOnBara0xMB8X8iovWYXW1hjhh+FUhljXtJQObbbVV3uBY8RgEZx
y4hP5cQPZKNj/0HAXj8TVDXuuF2Ofbq3uP2x8rFuXD6K2VX/QIRHbqn98Qn9ClFM
Ko2KfYmDU8SiW1Xo9cYk1wFrIM+g0oYzVJnw888wIAPzF2T0xdkhNPoatrHQ+QDN
1OIT7Yoo2rnxdi9vJUG9+BW7jqibCBQSZWmxOBi1QkCwGocLCJ3aS0/NU3t3hJKW
o0R6a9lXIewjjK15
-----END CERTIFICATE-----