Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JgGttY6Dyu5nXc94lUugiqkwGg4.cer
File:                     JgGttY6Dyu5nXc94lUugiqkwGg4.cer (raw, json)
Hash identifier:          iSuUgyo9MNnuecaLr87Jg7j7gLafuUAsM64JMIhpKbY=
Subject key identifier:   26:01:AD:B5:8E:83:CA:EE:67:5D:CF:78:95:4B:A0:8A:A9:30:1A:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942067CE9BA1ACF894A404F36E5EA116C9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/df/c699a3-7d51-4b38-809d-1529adb0c9d7/1/JgGttY6Dyu5nXc94lUugiqkwGg4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/df/c699a3-7d51-4b38-809d-1529adb0c9d7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 05:47:41 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 215980
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:67:ce:9b:a1:ac:f8:94:a4:04:f3:6e:5e:a1:16:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 05:47:41 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2601adb58e83caee675dcf78954ba08aa9301a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:d3:9f:96:56:f5:ff:3a:c5:80:39:5b:3e:11:
                    55:b3:b6:84:41:3c:5f:34:ae:3a:66:81:ab:90:1b:
                    f9:c8:30:f7:b5:b4:08:15:9f:4b:d1:a2:c9:ce:ba:
                    a0:9b:9c:1e:e3:44:af:74:0d:0f:25:c8:ad:55:99:
                    6f:02:cb:04:6e:8f:7c:cd:f0:9d:09:4c:c6:cd:a7:
                    06:fb:b4:5e:c9:74:b6:b5:27:62:a3:18:c0:68:cd:
                    1d:2f:d8:52:66:ab:38:10:2e:78:68:26:44:1e:ff:
                    1f:b7:88:37:f7:6b:7b:fc:f3:b9:71:c6:77:92:1c:
                    a9:3f:f7:77:bf:24:a3:06:9c:58:16:d0:ec:8a:8e:
                    40:ef:be:68:e8:5d:64:2b:7d:ea:f3:64:99:1e:0a:
                    77:50:7b:0e:c3:16:c4:02:85:7a:d5:b3:49:2b:82:
                    73:ed:f0:a1:84:62:37:1c:f2:60:0a:5f:1c:de:b1:
                    c8:47:7f:66:ad:d3:dd:26:04:be:94:09:d1:50:64:
                    20:35:8c:5c:65:8d:71:6e:5e:b8:69:4c:e6:8a:2e:
                    79:b0:c8:c4:ba:64:21:6e:0a:c2:a5:a6:c3:20:a6:
                    50:3f:1a:96:ba:47:2a:9d:12:bd:be:65:ec:29:32:
                    9b:a6:72:e1:0b:dc:ab:91:20:04:54:a7:cf:d9:ed:
                    55:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:01:AD:B5:8E:83:CA:EE:67:5D:CF:78:95:4B:A0:8A:A9:30:1A:0E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c699a3-7d51-4b38-809d-1529adb0c9d7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c699a3-7d51-4b38-809d-1529adb0c9d7/1/JgGttY6Dyu5nXc94lUugiqkwGg4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215980

    Signature Algorithm: sha256WithRSAEncryption
         67:1f:93:98:c8:37:41:d8:6f:04:43:8e:2d:3a:a1:85:c0:1c:
         84:c9:4b:ef:70:f3:96:70:a0:ae:3b:aa:1e:06:e4:6b:f5:13:
         14:d2:3c:b9:bc:56:b7:fe:49:7b:06:bc:1f:e3:01:e2:0a:82:
         76:b0:8f:10:6f:9c:76:64:ef:5a:54:dd:5d:a2:f8:4a:cf:49:
         b9:da:97:ec:62:b4:e6:b5:c0:24:f9:8f:58:a4:f4:92:01:19:
         94:38:7c:04:ee:fa:f8:77:40:ad:88:46:15:d6:d4:19:9b:34:
         6f:da:a7:cb:cd:29:db:d9:c4:62:07:f1:2d:e6:c6:0d:8a:8e:
         09:8a:b7:3b:b2:c1:2c:eb:2c:e4:d3:79:1f:80:d1:ba:68:c0:
         ea:40:08:c7:7f:e4:66:bc:9b:f4:5d:57:6c:e1:44:3f:01:03:
         61:3b:07:4c:47:51:15:8c:ad:dc:92:ac:c8:7c:50:61:f8:8a:
         79:47:90:48:48:81:09:67:6a:3a:c1:a7:c1:e6:d7:ca:82:61:
         ec:70:aa:9d:4c:67:48:6c:c1:c7:65:13:d5:92:09:a2:74:02:
         b4:5f:3b:4d:7a:cd:4f:20:c7:57:98:f6:11:34:1b:40:2d:26:
         b4:bf:52:29:60:34:ed:bb:cc:3c:4a:27:20:79:72:e3:3f:d8:
         37:75:be:e1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQgZ86boaz4lKQE825eoRbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjAxYWRiNThlODNjYWVlNjc1ZGNmNzg5NTRiYTA4YWE5MzAxYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9Ofllb1/zrFgDlbPhFVs7aEQTxf
NK46ZoGrkBv5yDD3tbQIFZ9L0aLJzrqgm5we40SvdA0PJcitVZlvAssEbo98zfCd
CUzGzacG+7ReyXS2tSdioxjAaM0dL9hSZqs4EC54aCZEHv8ft4g392t7/PO5ccZ3
khypP/d3vySjBpxYFtDsio5A775o6F1kK33q82SZHgp3UHsOwxbEAoV61bNJK4Jz
7fChhGI3HPJgCl8c3rHIR39mrdPdJgS+lAnRUGQgNYxcZY1xbl64aUzmii55sMjE
umQhbgrCpabDIKZQPxqWukcqnRK9vmXsKTKbpnLhC9yrkSAEVKfP2e1VKwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCYBrbWOg8ruZ13PeJVLoIqpMBoOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RmL2M2OTlh
My03ZDUxLTRiMzgtODA5ZC0xNTI5YWRiMGM5ZDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvYzY5OWEz
LTdkNTEtNGIzOC04MDlkLTE1MjlhZGIwYzlkNy8xL0pnR3R0WTZEeXU1blhjOTRs
VXVnaXFrd0dnNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNLrDANBgkqhkiG9w0BAQsFAAOCAQEAZx+TmMg3Qdhv
BEOOLTqhhcAchMlL73DzlnCgrjuqHgbka/UTFNI8ubxWt/5Jewa8H+MB4gqCdrCP
EG+cdmTvWlTdXaL4Ss9JudqX7GK05rXAJPmPWKT0kgEZlDh8BO76+HdArYhGFdbU
GZs0b9qny80p29nEYgfxLebGDYqOCYq3O7LBLOss5NN5H4DRumjA6kAIx3/kZryb
9F1XbOFEPwEDYTsHTEdRFYyt3JKsyHxQYfiKeUeQSEiBCWdqOsGnwebXyoJh7HCq
nUxnSGzBx2UT1ZIJonQCtF87TXrNTyDHV5j2ETQbQC0mtL9SKWA07bvMPEonIHly
4z/YN3W+4Q==
-----END CERTIFICATE-----