Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FnguRefo6SnFw_lkQafmTFQfguY.cer
File:                     FnguRefo6SnFw_lkQafmTFQfguY.cer (raw, json)
Hash identifier:          19KZImlaQArj0K1QNbn5EpYAjmWOStW99w0nL1PF7Yg=
Subject key identifier:   16:78:2E:45:E7:E8:E9:29:C5:C3:F9:64:41:A7:E6:4C:54:1F:82:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC64A229BF29488200E1E2BC8A172E4DC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/09/ef01a5-5867-419f-83c8-7d57f58360a0/1/FnguRefo6SnFw_lkQafmTFQfguY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/09/ef01a5-5867-419f-83c8-7d57f58360a0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 18:29:56 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 44203

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Dec 2024 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:22:9b:f2:94:88:20:0e:1e:2b:c8:a1:72:e4:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16782e45e7e8e929c5c3f96441a7e64c541f82e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:57:a2:13:dd:19:f8:31:1b:f8:9a:66:7a:23:
                    c4:ab:b9:38:62:73:cb:f0:18:cf:03:55:e3:cf:54:
                    a6:42:fe:7b:03:3c:87:87:c3:b7:95:c9:1a:e2:92:
                    28:a3:d5:5a:05:06:84:db:39:d3:30:6d:34:0f:4d:
                    fb:65:b3:52:9d:3f:52:67:a1:b5:55:88:c6:8f:53:
                    e1:77:3a:ff:45:81:b5:f1:54:f5:eb:aa:84:51:1b:
                    4b:22:94:7b:cb:dc:a4:65:04:3e:78:b5:a3:73:3e:
                    26:28:84:94:23:d8:26:70:09:4b:0a:a9:ae:28:8a:
                    07:d1:8a:60:95:28:f9:94:c1:59:b4:8d:3e:69:04:
                    83:af:9f:a5:95:7c:5b:6f:9c:99:e7:88:05:80:31:
                    65:cd:23:1b:e5:c6:7e:e1:c7:f2:19:df:da:4e:06:
                    e4:3e:82:a3:19:37:2a:da:cc:ea:4d:8b:cf:df:7c:
                    60:1f:e7:2f:3e:57:94:fa:96:a3:4f:2c:5f:4f:f7:
                    3c:86:6f:c2:6b:d0:66:23:bd:3a:15:32:bc:cc:fd:
                    9d:af:b8:47:64:89:29:b4:56:a2:ab:11:af:f3:b2:
                    36:b0:e3:a4:ad:ea:da:d7:02:dc:b5:61:1a:d9:fa:
                    12:b2:1c:07:0f:57:66:60:44:e8:b2:04:16:70:e3:
                    62:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:78:2E:45:E7:E8:E9:29:C5:C3:F9:64:41:A7:E6:4C:54:1F:82:E6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ef01a5-5867-419f-83c8-7d57f58360a0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ef01a5-5867-419f-83c8-7d57f58360a0/1/FnguRefo6SnFw_lkQafmTFQfguY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44203

    Signature Algorithm: sha256WithRSAEncryption
         aa:96:ea:fa:1a:5b:a3:2f:94:98:a8:30:79:72:85:20:07:29:
         04:90:82:ce:79:ab:92:16:27:02:85:c0:78:d5:3a:9a:ef:d8:
         38:3a:46:6f:d7:00:07:d4:97:ce:c7:0b:3c:ed:9e:94:16:a0:
         ea:2a:78:c8:54:9a:06:87:0e:70:3d:fc:c9:a6:03:b9:82:1d:
         6e:e5:7a:ea:3c:b0:9a:77:f6:e3:e6:77:d8:78:1d:7f:5f:38:
         0e:7f:cb:58:63:be:f6:50:69:ab:32:9b:fd:f7:7a:1f:67:3a:
         6b:ef:4d:6e:43:57:65:d3:51:37:cd:12:e6:a4:3a:c9:0c:21:
         df:91:05:b0:2c:63:1b:d5:d8:e8:69:85:03:ed:e6:d3:20:0a:
         73:79:7d:a0:79:60:16:9e:15:f2:8d:d4:49:07:a3:29:2f:96:
         04:01:33:d3:32:14:13:a5:c9:6c:88:31:32:37:cd:7a:ac:90:
         fd:12:ad:95:94:46:89:78:50:45:b0:6a:01:80:fd:ba:c2:a2:
         e5:65:5f:36:67:2c:15:e2:c9:b8:46:f9:84:3f:cd:f5:3f:75:
         65:3e:c6:3c:85:7c:c7:d7:c0:36:3f:39:72:f9:d7:85:72:43:
         21:2a:26:9a:93:b4:ed:46:d1:9a:42:41:ba:28:5d:8c:c5:a9:
         e2:aa:21:3c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzGSiKb8pSIIA4eK8ihcuTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc4MmU0NWU3ZThlOTI5YzVjM2Y5NjQ0MWE3ZTY0YzU0MWY4MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1eiE90Z+DEb+JpmeiPEq7k4YnPL
8BjPA1Xjz1SmQv57AzyHh8O3lcka4pIoo9VaBQaE2znTMG00D037ZbNSnT9SZ6G1
VYjGj1Phdzr/RYG18VT166qEURtLIpR7y9ykZQQ+eLWjcz4mKISUI9gmcAlLCqmu
KIoH0YpglSj5lMFZtI0+aQSDr5+llXxbb5yZ54gFgDFlzSMb5cZ+4cfyGd/aTgbk
PoKjGTcq2szqTYvP33xgH+cvPleU+pajTyxfT/c8hm/Ca9BmI706FTK8zP2dr7hH
ZIkptFaiqxGv87I2sOOkrera1wLctWEa2foSshwHD1dmYETosgQWcONigwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBZ4LkXn6OkpxcP5ZEGn5kxUH4LmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5L2VmMDFh
NS01ODY3LTQxOWYtODNjOC03ZDU3ZjU4MzYwYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvZWYwMWE1
LTU4NjctNDE5Zi04M2M4LTdkNTdmNTgzNjBhMC8xL0ZuZ3VSZWZvNlNuRndfbGtR
YWZtVEZRZmd1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCsqzANBgkqhkiG9w0BAQsFAAOCAQEAqpbq+hpboy+U
mKgweXKFIAcpBJCCznmrkhYnAoXAeNU6mu/YODpGb9cAB9SXzscLPO2elBag6ip4
yFSaBocOcD38yaYDuYIdbuV66jywmnf24+Z32Hgdf184Dn/LWGO+9lBpqzKb/fd6
H2c6a+9NbkNXZdNRN80S5qQ6yQwh35EFsCxjG9XY6GmFA+3m0yAKc3l9oHlgFp4V
8o3USQejKS+WBAEz0zIUE6XJbIgxMjfNeqyQ/RKtlZRGiXhQRbBqAYD9usKi5WVf
NmcsFeLJuEb5hD/N9T91ZT7GPIV8x9fANj85cvnXhXJDISommpO07UbRmkJBuihd
jMWp4qohPA==
-----END CERTIFICATE-----