Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Illqyngn2jIPE1xhMpnjWi4iJUM.cer
File:                     Illqyngn2jIPE1xhMpnjWi4iJUM.cer (raw, json)
Hash identifier:          3mO+OtEn85kyKCmC1g6Kr7kD34aoiRDUngJxJu4HanQ=
Subject key identifier:   22:59:6A:CA:78:27:DA:32:0F:13:5C:61:32:99:E3:5A:2E:22:25:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B79832C4F8A976567B3296147F7370
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e3/d2208e-de32-49de-9457-435ee1de5b9f/1/Illqyngn2jIPE1xhMpnjWi4iJUM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e3/d2208e-de32-49de-9457-435ee1de5b9f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:29:30 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200226

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 25 Apr 2024 14:05:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:98:32:c4:f8:a9:76:56:7b:32:96:14:7f:73:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=22596aca7827da320f135c613299e35a2e222543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:2f:e7:5e:a0:0d:07:51:f5:39:dd:b6:e9:f9:
                    7c:fe:9d:60:7d:49:37:17:d9:2b:92:30:59:16:ef:
                    ed:29:9d:3f:81:bc:ee:10:cf:18:02:27:87:54:08:
                    51:19:0c:39:d6:d2:ad:9e:04:28:5f:6e:7f:83:b9:
                    18:eb:fd:99:0a:ff:81:29:6d:e3:dd:0e:92:ad:5e:
                    31:ff:df:b4:fb:35:93:56:0b:e7:c1:a4:33:5a:00:
                    5a:1c:46:ea:49:73:75:4c:9c:74:1b:92:23:b2:0a:
                    95:36:35:8e:e5:7e:2a:27:be:de:39:54:31:0f:01:
                    33:01:bf:34:08:6e:08:e0:36:c0:06:38:87:91:fe:
                    10:3e:ef:92:93:d4:85:47:c8:56:92:d5:b1:fe:7f:
                    c5:f5:6b:7f:46:25:e5:a3:88:1e:e3:23:a1:74:93:
                    8e:9b:2a:0e:34:15:34:62:10:79:65:ab:b4:8e:4c:
                    15:8c:79:3c:06:1e:e3:9e:50:88:fc:ca:54:c4:ac:
                    4f:5f:b1:34:43:20:38:6d:89:b1:00:f4:eb:db:91:
                    61:4f:5c:25:16:aa:5b:13:de:5c:04:4e:13:31:2d:
                    5e:e2:ee:e7:29:08:6b:6e:f8:30:68:6f:09:bc:fb:
                    ad:8a:73:18:af:6b:03:ae:5f:87:3e:6f:5b:29:62:
                    9b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:59:6A:CA:78:27:DA:32:0F:13:5C:61:32:99:E3:5A:2E:22:25:43
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d2208e-de32-49de-9457-435ee1de5b9f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d2208e-de32-49de-9457-435ee1de5b9f/1/Illqyngn2jIPE1xhMpnjWi4iJUM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200226

    Signature Algorithm: sha256WithRSAEncryption
         54:cf:a1:98:2e:4a:fa:0c:16:f0:c3:8f:b2:ae:4e:a8:88:29:
         97:5c:b1:f6:ae:61:4e:70:40:52:23:9d:f8:f1:08:b8:12:65:
         ea:1b:b5:94:21:53:43:c5:1a:43:19:73:a8:87:1f:77:2f:a4:
         a7:46:3a:b3:94:94:1b:0d:0a:c7:57:7e:2d:a4:3f:0d:6c:4f:
         61:4e:18:ae:4b:3e:1c:28:fe:5f:96:51:5e:a1:e8:76:67:94:
         b6:a5:69:0a:15:f1:2f:9b:72:bf:ee:3c:d1:4b:2d:df:8c:8d:
         96:1b:03:83:aa:fd:b5:ce:8a:c1:d1:3c:9a:49:0d:87:cd:04:
         34:7c:97:05:91:99:91:2d:ed:a3:4c:36:f9:9b:40:b4:62:f9:
         82:06:51:49:ff:03:12:ae:a6:f5:55:19:a3:27:0d:c7:22:3f:
         cf:19:75:07:ff:9a:4d:ea:f7:b7:91:8e:81:eb:71:99:5e:5d:
         ed:45:24:7b:22:a2:e5:22:a7:97:39:0c:4f:8b:95:18:46:bb:
         bb:ce:72:d3:83:c9:2a:c1:0e:c0:6a:4f:cc:f7:f6:2e:4e:0b:
         cd:67:6a:98:c1:6f:50:6f:56:27:e2:ec:c4:ce:5f:b8:d7:f4:
         f7:a4:76:5d:0d:47:f6:26:c9:63:42:e1:a6:0d:de:5b:c3:96:
         c6:15:d5:1b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzGt5gyxPipdlZ7MpYUf3NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU5NmFjYTc4MjdkYTMyMGYxMzVjNjEzMjk5ZTM1YTJlMjIyNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/S/nXqANB1H1Od226fl8/p1gfUk3
F9krkjBZFu/tKZ0/gbzuEM8YAieHVAhRGQw51tKtngQoX25/g7kY6/2ZCv+BKW3j
3Q6SrV4x/9+0+zWTVgvnwaQzWgBaHEbqSXN1TJx0G5IjsgqVNjWO5X4qJ77eOVQx
DwEzAb80CG4I4DbABjiHkf4QPu+Sk9SFR8hWktWx/n/F9Wt/RiXlo4ge4yOhdJOO
myoONBU0YhB5Zau0jkwVjHk8Bh7jnlCI/MpUxKxPX7E0QyA4bYmxAPTr25FhT1wl
FqpbE95cBE4TMS1e4u7nKQhrbvgwaG8JvPutinMYr2sDrl+HPm9bKWKbgQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCJZasp4J9oyDxNcYTKZ41ouIiVDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UzL2QyMjA4
ZS1kZTMyLTQ5ZGUtOTQ1Ny00MzVlZTFkZTViOWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvZDIyMDhl
LWRlMzItNDlkZS05NDU3LTQzNWVlMWRlNWI5Zi8xL0lsbHF5bmduMmpJUEUxeGhN
cG5qV2k0aUpVTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMOIjANBgkqhkiG9w0BAQsFAAOCAQEAVM+hmC5K+gwW
8MOPsq5OqIgpl1yx9q5hTnBAUiOd+PEIuBJl6hu1lCFTQ8UaQxlzqIcfdy+kp0Y6
s5SUGw0Kx1d+LaQ/DWxPYU4Yrks+HCj+X5ZRXqHodmeUtqVpChXxL5tyv+480Ust
34yNlhsDg6r9tc6KwdE8mkkNh80ENHyXBZGZkS3to0w2+ZtAtGL5ggZRSf8DEq6m
9VUZoycNxyI/zxl1B/+aTer3t5GOgetxmV5d7UUkeyKi5SKnlzkMT4uVGEa7u85y
04PJKsEOwGpPzPf2Lk4LzWdqmMFvUG9WJ+LsxM5fuNf096R2XQ1H9ibJY0Lhpg3e
W8OWxhXVGw==
-----END CERTIFICATE-----