Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
File:                     L5FDTuFsYTNOwnDfVox3oLXeBSo.cer (raw, json)
Hash identifier:          Rraq08K2D4py0QxfaSq0beX2bp6dt29xJZy4WtWkDGU=
Subject key identifier:   2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019422FBB98957A13CBD5E23707A847EDF0B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 17:48:29 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 193.134.102.0/23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:fb:b9:89:57:a1:3c:bd:5e:23:70:7a:84:7e:df:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 17:48:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2f91434ee16c61334ec270df568c77a0b5de052a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:51:95:19:7f:a6:01:69:f0:59:29:52:15:61:
                    12:6a:9e:5f:8a:18:5f:34:58:e3:a4:06:8b:ef:44:
                    56:90:1d:30:a4:cd:bd:34:70:60:92:f7:04:7e:9d:
                    c1:fd:ca:38:ec:de:54:ba:7e:6f:fc:32:ac:04:fd:
                    f5:b9:ea:1d:90:29:db:97:4e:65:c8:28:c9:52:27:
                    a6:c7:f1:e2:17:8e:cf:d2:23:eb:d7:c0:2a:96:23:
                    ae:7b:9a:8f:eb:ea:18:9b:38:92:62:d7:7b:32:a2:
                    a4:8a:f3:3b:e6:28:f7:52:37:d6:e6:bc:72:ad:15:
                    2a:7d:79:71:4a:c9:4f:25:94:b4:5d:e2:06:95:b2:
                    aa:ba:c1:73:42:19:98:6c:bc:73:bc:56:ca:a3:4f:
                    cc:fb:a7:0f:93:38:45:8d:3e:a0:b5:d6:a9:8a:02:
                    c3:61:79:ae:7b:1e:1a:16:a2:f5:46:f0:a4:73:03:
                    cf:8f:3c:1c:b1:cd:53:61:35:ab:6d:55:e7:5e:7c:
                    52:8d:56:a5:ce:2d:35:13:e4:b3:dc:1d:25:79:4e:
                    8d:2f:aa:8a:63:56:9b:3c:67:2c:bc:06:75:86:8f:
                    a0:bf:64:88:c6:32:af:35:68:58:9b:1f:32:56:a9:
                    67:aa:bb:b3:cd:ec:f6:8a:d0:96:d6:4e:f7:73:e7:
                    08:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.134.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:7a:5c:51:de:75:54:82:2e:be:08:85:43:20:05:39:c6:2a:
         f2:5d:4b:b6:3c:98:19:f8:24:75:b0:de:6b:9e:23:8c:f7:49:
         b0:71:e9:5e:76:80:96:54:72:63:e9:d8:e8:f8:2d:92:86:80:
         2a:3b:49:10:e2:d3:f2:61:e0:3e:53:58:32:2b:6b:e3:d1:8a:
         c3:c5:24:9e:d5:a0:43:d9:8b:d5:7e:fd:77:34:23:db:1f:d5:
         ae:33:47:0c:a7:a7:d2:97:26:00:2c:30:67:2e:f1:77:cf:6d:
         06:22:a3:59:4e:c2:7b:69:2e:3b:a0:61:b1:d9:ba:af:a7:d2:
         e3:97:38:9f:ee:f7:22:8b:18:53:43:01:bd:b6:33:ae:c9:17:
         96:04:a1:05:93:fa:1a:93:47:5f:f3:b5:2f:05:a1:31:1d:13:
         19:ca:ef:01:fd:f9:ec:d0:92:68:5a:d1:8f:32:62:c8:83:7d:
         34:6e:ef:f3:f6:3b:8e:b9:3d:69:e3:4b:cb:12:9d:25:0f:46:
         de:53:e4:ce:dc:87:a3:f2:8b:98:0c:2e:4b:85:e2:ac:2f:29:
         b6:4d:cd:ef:1a:95:e6:bb:ca:e7:c8:22:66:c9:ab:1b:39:2e:
         c2:d6:cb:b8:55:b2:b7:a8:9d:4b:f3:1f:0f:e2:43:2f:30:77:
         0a:e2:18:80
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQi+7mJV6E8vV4jcHqEft8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjkxNDM0ZWUxNmM2MTMzNGVjMjcwZGY1NjhjNzdhMGI1ZGUwNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lGVGX+mAWnwWSlSFWESap5fihhf
NFjjpAaL70RWkB0wpM29NHBgkvcEfp3B/co47N5Uun5v/DKsBP31ueodkCnbl05l
yCjJUiemx/HiF47P0iPr18AqliOue5qP6+oYmziSYtd7MqKkivM75ij3UjfW5rxy
rRUqfXlxSslPJZS0XeIGlbKqusFzQhmYbLxzvFbKo0/M+6cPkzhFjT6gtdapigLD
YXmuex4aFqL1RvCkcwPPjzwcsc1TYTWrbVXnXnxSjValzi01E+Sz3B0leU6NL6qK
Y1abPGcsvAZ1ho+gv2SIxjKvNWhYmx8yVqlnqruzzez2itCW1k73c+cItwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFC+RQ07hbGEzTsJw31aMd6C13gUqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2L2NkNDFi
YS0yZWE3LTQ3NGYtODk0MS01ZmRiMzIyOGZlMWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvY2Q0MWJh
LTJlYTctNDc0Zi04OTQxLTVmZGIzMjI4ZmUxZi8xL0w1RkRUdUZzWVROT3duRGZW
b3gzb0xYZUJTby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwYZmMA0GCSqGSIb3DQEBCwUAA4IBAQAIelxR
3nVUgi6+CIVDIAU5xiryXUu2PJgZ+CR1sN5rniOM90mwceledoCWVHJj6djo+C2S
hoAqO0kQ4tPyYeA+U1gyK2vj0YrDxSSe1aBD2YvVfv13NCPbH9WuM0cMp6fSlyYA
LDBnLvF3z20GIqNZTsJ7aS47oGGx2bqvp9Ljlzif7vciixhTQwG9tjOuyReWBKEF
k/oak0df87UvBaExHRMZyu8B/fns0JJoWtGPMmLIg300bu/z9juOuT1p40vLEp0l
D0beU+TO3Iej8ouYDC5LheKsLym2Tc3vGpXmu8rnyCJmyasbOS7C1su4VbK3qJ1L
8x8P4kMvMHcK4hiA
-----END CERTIFICATE-----