Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JGv0aYcy2l-8fCAC9jlnxo9W22w.cer
File:                     JGv0aYcy2l-8fCAC9jlnxo9W22w.cer (raw, json)
Hash identifier:          4/96wfMnuigG5/Dfn/bLPQbGB6Ax9Kb1FRDAYTrd5B0=
Subject key identifier:   24:6B:F4:69:87:32:DA:5F:BC:7C:20:02:F6:39:67:C6:8F:56:DB:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0195A5122197F495C86DE1F3F76C835ED400
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/JGv0aYcy2l-8fCAC9jlnxo9W22w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 17 Mar 2025 17:06:23 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 216392
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 16 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:a5:12:21:97:f4:95:c8:6d:e1:f3:f7:6c:83:5e:d4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 17 17:06:23 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=246bf4698732da5fbc7c2002f63967c68f56db6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:57:ec:b9:cf:b1:22:de:21:f4:3e:8e:16:47:
                    14:96:01:84:34:c5:10:2b:c7:ef:26:f1:d8:81:23:
                    30:c3:c3:84:75:ef:a5:bd:9a:16:ff:08:82:16:6a:
                    20:e7:ab:ea:84:bf:01:85:ae:d7:38:62:78:30:3c:
                    44:24:85:16:bb:a9:0f:36:62:91:27:a0:e7:0f:53:
                    0b:c9:e9:de:1e:df:c3:61:09:82:dc:72:8d:7e:91:
                    ab:71:ec:ba:d1:92:0c:18:98:2b:41:7b:81:27:08:
                    b0:b3:18:e0:bc:bd:8b:66:44:74:9e:cf:dd:50:4f:
                    35:21:fc:f9:41:08:f7:de:1e:ec:b0:54:64:78:95:
                    a0:71:9b:bc:2a:bc:ed:49:82:85:26:62:25:48:38:
                    90:3d:25:08:2d:0a:0f:07:2b:ca:8f:da:08:c0:88:
                    80:f4:57:1e:cf:c5:4d:cd:1f:10:a8:0a:e6:d6:ec:
                    60:84:ea:3d:98:ee:3a:90:f4:e5:e9:a6:a3:78:9d:
                    8f:20:4e:3e:f0:83:06:b4:93:3e:bf:a6:e7:f7:fd:
                    5b:f4:b0:07:28:70:d2:81:0b:d9:32:2f:94:17:c7:
                    ad:30:f4:58:14:43:95:3a:1a:84:0e:c8:86:1d:cf:
                    d6:bb:05:9e:a3:9e:6b:9d:7d:17:b3:04:33:81:57:
                    db:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6B:F4:69:87:32:DA:5F:BC:7C:20:02:F6:39:67:C6:8F:56:DB:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/JGv0aYcy2l-8fCAC9jlnxo9W22w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216392

    Signature Algorithm: sha256WithRSAEncryption
         26:f6:91:88:04:88:1f:e6:d4:db:89:86:d4:93:d2:f1:cb:de:
         7d:ad:a8:62:0d:40:74:c0:cc:5b:cb:86:9c:66:33:ea:86:c8:
         ed:7f:a3:15:c9:fb:98:a8:46:54:75:65:3d:d2:6c:29:cb:41:
         fb:ff:3c:17:3d:52:2a:e8:71:34:5e:01:fd:8e:8a:53:41:71:
         61:b9:b6:92:05:ed:45:4b:1a:8c:8b:18:4a:ac:fb:79:87:41:
         cf:3b:78:be:e8:62:49:63:64:46:5a:f8:55:8a:99:4a:95:d9:
         37:0d:8a:7e:29:6e:b7:85:2d:7d:0a:d6:47:a7:8a:0e:ad:91:
         69:05:19:4e:ed:a6:d3:17:7c:ba:a9:8f:cf:45:53:ab:68:1d:
         88:e0:73:73:c6:f9:b6:3f:98:e3:22:e5:a5:5f:2a:5b:e4:2f:
         77:d2:a4:72:06:71:45:2e:90:55:ce:dc:21:c7:4e:fd:3b:d5:
         30:ef:f1:ac:74:00:28:98:78:4c:91:63:00:c3:94:03:73:ce:
         a6:93:f7:87:93:f6:84:6f:01:5b:27:ad:ae:ec:65:2c:1c:77:
         39:a4:7d:80:f1:a1:7a:c2:52:01:62:11:3c:2b:90:e8:d9:5c:
         08:1d:74:fc:1c:38:a5:4b:4d:77:80:b8:79:1b:d7:ac:9b:ec:
         2f:e9:9b:ab
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZWlEiGX9JXIbeHz92yDXtQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMzE3MTcwNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZiZjQ2OTg3MzJkYTVmYmM3YzIwMDJmNjM5NjdjNjhmNTZkYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1fsuc+xIt4h9D6OFkcUlgGENMUQ
K8fvJvHYgSMww8OEde+lvZoW/wiCFmog56vqhL8Bha7XOGJ4MDxEJIUWu6kPNmKR
J6DnD1MLyeneHt/DYQmC3HKNfpGrcey60ZIMGJgrQXuBJwiwsxjgvL2LZkR0ns/d
UE81Ifz5QQj33h7ssFRkeJWgcZu8KrztSYKFJmIlSDiQPSUILQoPByvKj9oIwIiA
9Fcez8VNzR8QqArm1uxghOo9mO46kPTl6aajeJ2PIE4+8IMGtJM+v6bn9/1b9LAH
KHDSgQvZMi+UF8etMPRYFEOVOhqEDsiGHc/WuwWeo55rnX0XswQzgVfb2wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCRr9GmHMtpfvHwgAvY5Z8aPVttsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4LzJmOTY2
Ni05MDRhLTQ2MjItOTA2Ni1mNTEyMmJhYzE0YWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvMmY5NjY2
LTkwNGEtNDYyMi05MDY2LWY1MTIyYmFjMTRhYS8xL0pHdjBhWWN5MmwtOGZDQUM5
amxueG85VzIydy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNNSDANBgkqhkiG9w0BAQsFAAOCAQEAJvaRiASIH+bU
24mG1JPS8cvefa2oYg1AdMDMW8uGnGYz6obI7X+jFcn7mKhGVHVlPdJsKctB+/88
Fz1SKuhxNF4B/Y6KU0FxYbm2kgXtRUsajIsYSqz7eYdBzzt4vuhiSWNkRlr4VYqZ
SpXZNw2Kfilut4UtfQrWR6eKDq2RaQUZTu2m0xd8uqmPz0VTq2gdiOBzc8b5tj+Y
4yLlpV8qW+Qvd9KkcgZxRS6QVc7cIcdO/TvVMO/xrHQAKJh4TJFjAMOUA3POppP3
h5P2hG8BWyetruxlLBx3OaR9gPGhesJSAWIRPCuQ6NlcCB10/Bw4pUtNd4C4eRvX
rJvsL+mbqw==
-----END CERTIFICATE-----