Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.cer
File:                     IhMAdZZJOAL7k6Mmcx_TMp6uLaw.cer (raw, json)
Hash identifier:          2GZBNtmQuDOoichPWpt3uth0+/l25rHEzeHlSgl20eU=
Subject key identifier:   22:13:00:75:96:49:38:02:FB:93:A3:26:73:1F:D3:32:9E:AE:2D:AC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC7932E2D2FE3451A4B3AC99745B381BD
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:29:20 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 58186
                          IP: 91.192.226.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:2e:2d:2f:e3:45:1a:4b:3a:c9:97:45:b3:81:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:29:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2213007596493802fb93a326731fd3329eae2dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:47:fc:ad:d6:05:fb:42:0e:2a:7d:43:16:94:
                    1a:1e:5c:b4:6a:4f:95:a2:7a:19:3b:35:e6:bc:20:
                    dc:7b:7a:d8:a6:e5:61:1d:31:8b:2f:b1:67:e1:62:
                    0a:21:46:dc:4f:c6:ba:b8:fa:c2:80:71:69:99:f7:
                    41:aa:af:8d:57:11:f0:4a:7f:85:ab:c9:20:15:cd:
                    34:70:8b:47:e1:b4:4a:0b:82:22:c2:28:6c:25:e1:
                    e5:02:5b:e1:3f:1c:2b:18:74:01:e6:75:ac:33:67:
                    60:3e:27:d0:58:eb:b7:d2:b4:ea:93:00:70:b0:4e:
                    54:a3:36:b8:60:89:a8:1d:a1:f4:64:2f:c7:c2:f6:
                    fa:db:23:63:d0:0b:67:b0:f7:1f:96:ba:08:a9:d2:
                    f8:96:08:dd:97:df:52:a9:f4:5e:8e:25:74:49:c0:
                    9b:19:6d:6f:db:04:69:d5:63:1f:9e:57:56:87:4d:
                    d7:21:1a:2f:6f:b9:46:54:89:f8:fe:93:a6:dc:3d:
                    15:69:21:be:08:2c:0c:be:63:53:4e:bd:13:e8:96:
                    32:6e:da:42:92:07:17:7e:06:5c:d1:d5:ce:cb:c0:
                    2d:e6:19:15:aa:ed:a9:b7:91:1f:b1:bd:e6:c5:e1:
                    3a:5a:40:c7:18:e3:00:08:dc:63:9f:d1:bf:6c:47:
                    d7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:13:00:75:96:49:38:02:FB:93:A3:26:73:1F:D3:32:9E:AE:2D:AC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.226.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58186

    Signature Algorithm: sha256WithRSAEncryption
         0b:47:f5:4c:06:15:51:99:3e:2a:39:0a:ff:3f:09:e3:6a:40:
         1f:0e:5a:a0:23:09:48:0e:db:cb:5d:17:ff:4d:a6:6c:90:9a:
         9e:8c:64:8b:fb:70:9b:45:f0:4e:9b:ab:01:49:00:12:e9:7a:
         94:f8:9a:0a:c3:f1:f3:31:b4:eb:85:eb:4b:88:5c:a9:6d:d2:
         40:07:0c:26:bc:44:83:56:32:87:49:2b:97:0d:de:b7:78:c9:
         13:8b:5c:a8:f3:20:2e:bf:21:07:65:2e:69:92:95:a8:23:b6:
         05:79:02:f6:ee:1f:e9:9f:1a:fc:fb:ea:0c:5d:a5:e6:e9:33:
         aa:d7:b5:d7:f1:dd:5a:e3:94:53:fe:81:72:67:70:2c:15:81:
         3f:43:4b:5a:e5:cc:d3:8a:b4:b3:c4:7a:4e:20:29:76:cb:fc:
         7f:4a:d2:31:3a:87:34:8b:5a:04:60:9e:dd:45:65:63:78:31:
         bb:82:0c:65:cd:c4:a2:23:7d:2d:08:29:dc:3b:20:5a:15:e1:
         5e:5d:98:57:66:cb:e0:cc:67:d8:f4:27:6b:a0:4d:5d:83:11:
         d7:1d:b5:87:f6:95:e0:bc:66:b9:d2:36:6f:a2:dc:5e:a9:df:
         53:b2:77:13:3f:ab:66:cb:29:2e:26:aa:41:3d:84:86:95:e4:
         3c:e4:1f:b9
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzHky4tL+NFGks6yZdFs4G9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjEzMDA3NTk2NDkzODAyZmI5M2EzMjY3MzFmZDMzMjllYWUyZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kf8rdYF+0IOKn1DFpQaHly0ak+V
onoZOzXmvCDce3rYpuVhHTGLL7Fn4WIKIUbcT8a6uPrCgHFpmfdBqq+NVxHwSn+F
q8kgFc00cItH4bRKC4IiwihsJeHlAlvhPxwrGHQB5nWsM2dgPifQWOu30rTqkwBw
sE5Uoza4YImoHaH0ZC/Hwvb62yNj0AtnsPcflroIqdL4lgjdl99SqfRejiV0ScCb
GW1v2wRp1WMfnldWh03XIRovb7lGVIn4/pOm3D0VaSG+CCwMvmNTTr0T6JYybtpC
kgcXfgZc0dXOy8At5hkVqu2pt5Efsb3mxeE6WkDHGOMACNxjn9G/bEfXFQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFCITAHWWSTgC+5OjJnMf0zKeri2sMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2L2E4MDk2
My0zMDg5LTRhYzQtYWY0Zi0zYzg3MTc0MTRkODAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvYTgwOTYz
LTMwODktNGFjNC1hZjRmLTNjODcxNzQxNGQ4MC8xL0loTUFkWlpKT0FMN2s2TW1j
eF9UTXA2dUxhdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW8DiMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDjSjANBgkqhkiG9w0BAQsFAAOCAQEAC0f1TAYVUZk+KjkK/z8J42pAHw5aoCMJ
SA7by10X/02mbJCanoxki/twm0XwTpurAUkAEul6lPiaCsPx8zG064XrS4hcqW3S
QAcMJrxEg1Yyh0krlw3et3jJE4tcqPMgLr8hB2UuaZKVqCO2BXkC9u4f6Z8a/Pvq
DF2l5ukzqte11/HdWuOUU/6BcmdwLBWBP0NLWuXM04q0s8R6TiApdsv8f0rSMTqH
NItaBGCe3UVlY3gxu4IMZc3EoiN9LQgp3DsgWhXhXl2YV2bL4Mxn2PQna6BNXYMR
1x21h/aV4LxmudI2b6LcXqnfU7J3Ez+rZsspLiaqQT2EhpXkPOQfuQ==
-----END CERTIFICATE-----