Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/J7VuslsFoIgmwmSP_xrPNrSU2BQ.cer
File:                     J7VuslsFoIgmwmSP_xrPNrSU2BQ.cer (raw, json)
Hash identifier:          iVTUBDa7M4HLMpryshp2+4MGB9ktId5uxcZteWyfV40=
Subject key identifier:   27:B5:6E:B2:5B:05:A0:88:26:C2:64:8F:FF:1A:CF:36:B4:94:D8:14
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427B61C8B8A9BACE47EC79007E31163A5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a2/599555-43f7-41fc-aa57-038f159563ff/1/J7VuslsFoIgmwmSP_xrPNrSU2BQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a2/599555-43f7-41fc-aa57-038f159563ff/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 15:50:33 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 214229
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b6:1c:8b:8a:9b:ac:e4:7e:c7:90:07:e3:11:63:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 15:50:33 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=27b56eb25b05a08826c2648fff1acf36b494d814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f0:b5:08:f6:63:e2:0b:0a:2c:da:21:cc:66:
                    51:dc:3f:3d:e5:77:a6:14:07:4f:e6:0a:70:ec:e4:
                    9c:a9:9c:29:09:f1:e6:40:17:f8:0d:3c:d7:69:e5:
                    28:77:bb:77:23:34:c0:ef:4a:68:2c:a9:16:e8:0a:
                    ee:76:a0:07:59:6e:32:e8:10:41:8c:ce:14:1d:ca:
                    5a:35:cc:d8:df:00:98:01:7b:07:e8:30:3f:15:81:
                    d3:1c:2b:32:b0:ea:25:80:09:31:f8:c0:1a:f5:9f:
                    91:27:93:8f:ea:75:a3:5e:1a:05:3c:af:d8:94:e6:
                    13:7e:dd:08:c7:cc:4d:ac:18:a8:2c:ff:f9:f3:94:
                    06:5f:63:47:5d:59:38:33:5d:48:de:03:32:a8:57:
                    34:66:6a:02:d0:78:86:dd:56:30:f2:6b:75:97:eb:
                    fc:69:b3:fe:95:96:b0:d9:ad:49:1f:c1:74:6a:ac:
                    e7:2e:a5:a1:d1:7c:d7:26:d2:9c:58:fb:d4:51:8d:
                    21:9b:25:2b:97:60:42:e3:b6:6b:a6:d1:0f:8e:91:
                    9c:98:97:17:c5:27:79:bf:76:1f:e9:2f:8e:ac:84:
                    12:10:69:ba:ec:c3:4c:a1:09:fb:25:ae:b3:5a:3a:
                    13:e6:75:63:3a:86:bb:e0:bd:f1:5b:ed:4b:61:39:
                    d3:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B5:6E:B2:5B:05:A0:88:26:C2:64:8F:FF:1A:CF:36:B4:94:D8:14
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/599555-43f7-41fc-aa57-038f159563ff/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/599555-43f7-41fc-aa57-038f159563ff/1/J7VuslsFoIgmwmSP_xrPNrSU2BQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214229

    Signature Algorithm: sha256WithRSAEncryption
         8b:a6:78:36:99:3c:eb:36:32:41:df:67:1a:e9:53:79:ac:de:
         64:fd:78:97:7b:13:9c:8f:eb:d9:26:9d:46:94:52:de:9d:ab:
         b1:8a:b0:96:97:51:9c:7a:71:85:f5:90:06:98:e5:0e:fd:17:
         bf:2e:2b:02:c0:64:8b:5b:b1:fb:3c:bd:bf:80:1c:9a:27:d8:
         f6:1e:7c:53:1b:5e:b5:35:c3:17:93:64:30:c3:df:e1:01:52:
         fc:4c:8d:65:43:16:9c:02:28:2e:a0:b3:6a:48:d3:d8:35:42:
         35:2f:cc:aa:d8:40:84:23:05:72:1a:b7:8c:25:42:13:38:3a:
         4e:88:0b:19:0d:b8:7a:f4:0f:22:54:ba:d3:8a:83:34:7e:f7:
         30:34:f3:76:c2:e1:3a:d9:87:58:7d:f0:d3:d2:99:91:30:39:
         a1:76:65:dd:e7:2d:1f:1b:95:f4:d5:51:a9:c1:60:4e:17:a4:
         38:d4:5b:66:3e:1e:b2:f7:a5:19:f0:53:d9:19:e7:68:a2:0c:
         85:4e:4e:49:0b:dd:da:0f:f8:f2:47:41:61:78:28:fa:0b:b0:
         cd:50:c5:73:bc:e8:c9:4a:27:e3:15:06:c9:4e:c6:78:b9:d1:
         a3:d6:58:7d:ff:59:cb:0e:30:2a:6b:e9:eb:ad:61:82:a6:a2:
         7b:ec:0c:4c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQnthyLipus5H7HkAfjEWOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I1NmViMjViMDVhMDg4MjZjMjY0OGZmZjFhY2YzNmI0OTRkODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/C1CPZj4gsKLNohzGZR3D895Xem
FAdP5gpw7OScqZwpCfHmQBf4DTzXaeUod7t3IzTA70poLKkW6ArudqAHWW4y6BBB
jM4UHcpaNczY3wCYAXsH6DA/FYHTHCsysOolgAkx+MAa9Z+RJ5OP6nWjXhoFPK/Y
lOYTft0Ix8xNrBioLP/585QGX2NHXVk4M11I3gMyqFc0ZmoC0HiG3VYw8mt1l+v8
abP+lZaw2a1JH8F0aqznLqWh0XzXJtKcWPvUUY0hmyUrl2BC47ZrptEPjpGcmJcX
xSd5v3Yf6S+OrIQSEGm67MNMoQn7Ja6zWjoT5nVjOoa74L3xW+1LYTnTawIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCe1brJbBaCIJsJkj/8azza0lNgUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EyLzU5OTU1
NS00M2Y3LTQxZmMtYWE1Ny0wMzhmMTU5NTYzZmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvNTk5NTU1
LTQzZjctNDFmYy1hYTU3LTAzOGYxNTk1NjNmZi8xL0o3VnVzbHNGb0lnbXdtU1Bf
eHJQTnJTVTJCUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNE1TANBgkqhkiG9w0BAQsFAAOCAQEAi6Z4Npk86zYy
Qd9nGulTeazeZP14l3sTnI/r2SadRpRS3p2rsYqwlpdRnHpxhfWQBpjlDv0Xvy4r
AsBki1ux+zy9v4AcmifY9h58UxtetTXDF5NkMMPf4QFS/EyNZUMWnAIoLqCzakjT
2DVCNS/MqthAhCMFchq3jCVCEzg6TogLGQ24evQPIlS604qDNH73MDTzdsLhOtmH
WH3w09KZkTA5oXZl3ectHxuV9NVRqcFgThekONRbZj4esvelGfBT2RnnaKIMhU5O
SQvd2g/48kdBYXgo+guwzVDFc7zoyUon4xUGyU7GeLnRo9ZYff9Zyw4wKmvp661h
gqaie+wMTA==
-----END CERTIFICATE-----