Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GVc7IITN9G7hzNKC36O49rfqcmw.cer
File:                     GVc7IITN9G7hzNKC36O49rfqcmw.cer (raw, json)
Hash identifier:          B6GrqDk6dlZNjykuPiw2wLCOgs6Z5o+MZ6WoKAIrM6c=
Subject key identifier:   19:57:3B:20:84:CD:F4:6E:E1:CC:D2:82:DF:A3:B8:F6:B7:EA:72:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2963212EBFCD5C66D561CA804A5CDB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/22/8b8542-1ca1-4f8d-8ee7-e5d0e180d8e8/1/GVc7IITN9G7hzNKC36O49rfqcmw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/22/8b8542-1ca1-4f8d-8ee7-e5d0e180d8e8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:32:39 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 205786

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 26 Apr 2024 14:10:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:29:63:21:2e:bf:cd:5c:66:d5:61:ca:80:4a:5c:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:32:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19573b2084cdf46ee1ccd282dfa3b8f6b7ea726c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:67:86:88:e4:1b:12:06:a7:9e:9f:00:ca:9a:
                    0a:8e:5d:f4:32:75:9f:ed:a0:80:c0:a7:1d:3c:7d:
                    be:be:2c:a3:2f:9a:d3:22:1c:ba:64:a4:fa:ae:18:
                    54:e9:83:5a:4a:06:35:84:52:ad:ed:ad:17:1a:b4:
                    e7:cb:6c:9a:07:4e:37:db:75:65:57:e0:a1:89:15:
                    c6:89:44:af:b1:2d:b2:b1:31:57:1d:c6:84:cc:2f:
                    4d:0e:89:3c:34:02:de:9d:a6:df:c7:77:65:2f:06:
                    41:58:38:4d:b9:a4:1c:6e:72:13:dd:a6:29:3d:a0:
                    9a:7f:72:4e:d8:5c:f8:9a:5e:fc:1e:93:6d:3b:43:
                    1a:c1:ea:07:41:1a:8c:64:c7:8a:fa:e3:86:1e:bf:
                    8a:b2:0f:3f:92:30:b7:b3:33:47:67:3e:21:d4:1c:
                    6d:c8:ea:35:97:28:a6:dd:6a:ca:9f:bf:51:d3:b6:
                    6e:24:04:f3:bf:fc:ca:17:4f:a9:46:90:4d:5e:14:
                    17:6e:bf:b9:67:39:22:a8:3f:bc:38:3c:ac:b6:08:
                    cb:b5:08:8a:53:0b:f3:ec:77:7e:31:cd:66:e7:2f:
                    dd:53:39:5a:1a:ac:2b:6b:ec:59:5a:a3:5e:39:06:
                    2c:19:83:2e:00:93:72:7f:4c:58:f7:a8:1c:bb:cb:
                    3a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:57:3B:20:84:CD:F4:6E:E1:CC:D2:82:DF:A3:B8:F6:B7:EA:72:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8b8542-1ca1-4f8d-8ee7-e5d0e180d8e8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8b8542-1ca1-4f8d-8ee7-e5d0e180d8e8/1/GVc7IITN9G7hzNKC36O49rfqcmw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205786

    Signature Algorithm: sha256WithRSAEncryption
         37:a1:d3:3c:de:1b:58:4e:8b:f0:f9:85:b1:4f:1d:f0:a9:4e:
         08:22:65:70:87:00:d2:c2:58:89:56:a2:45:71:64:dc:45:73:
         bb:3d:f4:0e:71:88:04:65:0e:81:83:1f:35:2c:9d:a2:23:c2:
         50:f1:60:47:bb:e3:f5:fa:a2:e1:1d:ea:24:b6:79:c9:14:a3:
         31:f8:cf:23:d4:98:55:1d:93:43:16:cc:e2:43:1c:27:27:b6:
         fa:9e:b6:b1:6d:d5:4e:a3:08:34:ae:a4:38:81:0e:a2:8b:ba:
         ec:b1:9c:57:b9:24:ab:29:7d:8f:06:c0:50:77:8a:4a:7a:2f:
         a3:67:5c:37:b1:b9:0e:8d:20:d2:25:05:da:1d:38:ec:37:a4:
         fe:37:45:ff:d2:a6:ed:86:ac:17:bc:74:f9:67:df:98:f1:a3:
         0c:49:01:3e:0b:17:f1:70:7f:81:fd:14:77:7f:42:79:2c:ab:
         0c:90:89:49:14:18:f5:27:52:a9:f3:61:6e:0d:24:11:3c:78:
         68:7a:71:cd:bb:66:3a:78:71:d3:a3:0d:9e:19:2d:9f:09:18:
         06:5b:22:ee:a3:aa:e7:0d:e5:54:ee:36:19:c7:29:65:03:1a:
         f3:5e:f0:b5:c9:6a:af:21:be:ce:7e:b4:7b:57:b4:fe:83:30:
         67:fa:6b:21
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzKKWMhLr/NXGbVYcqASlzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTU3M2IyMDg0Y2RmNDZlZTFjY2QyODJkZmEzYjhmNmI3ZWE3MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGeGiOQbEgannp8AypoKjl30MnWf
7aCAwKcdPH2+viyjL5rTIhy6ZKT6rhhU6YNaSgY1hFKt7a0XGrTny2yaB04323Vl
V+ChiRXGiUSvsS2ysTFXHcaEzC9NDok8NALenabfx3dlLwZBWDhNuaQcbnIT3aYp
PaCaf3JO2Fz4ml78HpNtO0MaweoHQRqMZMeK+uOGHr+Ksg8/kjC3szNHZz4h1Bxt
yOo1lyim3WrKn79R07ZuJATzv/zKF0+pRpBNXhQXbr+5ZzkiqD+8ODystgjLtQiK
Uwvz7Hd+Mc1m5y/dUzlaGqwra+xZWqNeOQYsGYMuAJNyf0xY96gcu8s61wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBlXOyCEzfRu4czSgt+juPa36nJsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyLzhiODU0
Mi0xY2ExLTRmOGQtOGVlNy1lNWQwZTE4MGQ4ZTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvOGI4NTQy
LTFjYTEtNGY4ZC04ZWU3LWU1ZDBlMTgwZDhlOC8xL0dWYzdJSVROOUc3aHpOS0Mz
Nk80OXJmcWNtdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMj2jANBgkqhkiG9w0BAQsFAAOCAQEAN6HTPN4bWE6L
8PmFsU8d8KlOCCJlcIcA0sJYiVaiRXFk3EVzuz30DnGIBGUOgYMfNSydoiPCUPFg
R7vj9fqi4R3qJLZ5yRSjMfjPI9SYVR2TQxbM4kMcJye2+p62sW3VTqMINK6kOIEO
oou67LGcV7kkqyl9jwbAUHeKSnovo2dcN7G5Do0g0iUF2h047Dek/jdF/9Km7Yas
F7x0+WffmPGjDEkBPgsX8XB/gf0Ud39CeSyrDJCJSRQY9SdSqfNhbg0kETx4aHpx
zbtmOnhx06MNnhktnwkYBlsi7qOq5w3lVO42GccpZQMa817wtclqryG+zn60e1e0
/oMwZ/prIQ==
-----END CERTIFICATE-----