Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MW2V2INsHxFqce4h3sD_Zx4eBw0.cer
File:                     MW2V2INsHxFqce4h3sD_Zx4eBw0.cer (raw, json)
Hash identifier:          UnVqXSBljlBCzl4+vm2uiaX+bf/qj+THMnIrxqEj9P8=
Subject key identifier:   31:6D:95:D8:83:6C:1F:11:6A:71:EE:21:DE:C0:FF:67:1E:1E:07:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B9366785B4A0D8BB6F7F2432D0AC72
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/MW2V2INsHxFqce4h3sD_Zx4eBw0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:31:16 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207512
                          IP: 193.222.106.0/23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:36:67:85:b4:a0:d8:bb:6f:7f:24:32:d0:ac:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=316d95d8836c1f116a71ee21dec0ff671e1e070d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:9a:dd:ba:72:d8:87:5f:3b:93:41:e4:a7:26:
                    65:3e:9d:2b:0c:f2:17:53:29:46:3a:b5:ff:b7:37:
                    b9:f0:c2:95:24:40:6c:92:76:6d:d8:41:25:3c:bb:
                    0f:fc:e2:7b:4b:64:e3:40:dc:0d:ec:d0:de:a0:0c:
                    10:e5:93:9f:ff:ae:ff:44:7f:83:39:bd:dc:09:c3:
                    80:08:2f:d3:ab:80:33:1a:12:2d:5e:a0:80:ae:d5:
                    83:87:57:54:fd:38:0c:38:dc:21:88:a2:10:4c:ea:
                    28:9a:19:f1:f4:4a:6b:c8:db:de:67:9c:d0:cb:b2:
                    46:c5:a5:d9:8a:97:9d:0f:34:ab:6e:a9:48:fd:a2:
                    cf:fc:00:2a:91:1a:0a:65:e6:5d:6a:f7:ff:4f:54:
                    d9:32:07:11:f1:a5:bd:32:93:16:34:2d:42:5e:5f:
                    15:f1:55:86:70:d1:c9:20:65:b9:08:52:a9:c5:f2:
                    27:47:0e:72:29:67:c8:2f:29:57:ef:1b:1e:9c:a8:
                    71:34:21:b8:06:04:ca:39:44:5f:58:42:78:0e:63:
                    c4:07:94:2e:40:ef:ed:c5:ef:13:35:53:ea:0b:9c:
                    63:54:84:93:b7:9f:64:54:87:8b:4f:f3:9e:f1:56:
                    13:96:9e:9a:43:db:5c:57:d0:36:8c:7c:88:33:25:
                    50:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:6D:95:D8:83:6C:1F:11:6A:71:EE:21:DE:C0:FF:67:1E:1E:07:0D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/MW2V2INsHxFqce4h3sD_Zx4eBw0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.222.106.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207512

    Signature Algorithm: sha256WithRSAEncryption
         21:23:63:88:69:b4:e6:b1:38:97:d0:8b:e4:27:b0:42:37:ed:
         0c:cf:92:52:76:52:40:33:45:9a:d2:7b:d9:23:74:96:60:69:
         bf:9a:44:6a:86:e7:04:d0:55:1a:6d:42:e9:05:96:dd:28:3c:
         98:df:c1:eb:79:0e:62:64:85:9f:54:88:9d:28:dc:bc:8e:ea:
         d6:dd:e8:81:6f:19:4d:af:22:b4:39:fb:65:81:dd:bf:18:ba:
         eb:54:04:84:92:bf:3f:d2:82:61:57:e7:aa:cb:3d:c0:6a:0a:
         41:93:b9:e2:e0:ac:70:3f:47:5c:a5:67:7c:53:dd:1f:21:f3:
         27:e3:98:a6:63:00:df:4b:f0:3e:db:7f:85:7f:ca:3d:29:6e:
         f9:df:33:37:58:5b:8c:97:78:b8:3f:2b:5d:ab:21:e3:d2:7b:
         44:29:f0:36:7d:dc:97:f7:4d:e4:73:ca:b0:05:b8:72:63:7e:
         f3:63:d6:42:29:7e:84:22:8f:23:5f:e9:b6:9c:bf:91:fd:d2:
         cd:b2:56:b2:71:55:ef:e5:8d:7f:47:22:62:07:c5:98:ab:a0:
         b6:8b:34:35:3b:90:10:fb:d7:62:28:61:4e:f3:14:62:33:ef:
         31:5e:1e:5e:0b:79:73:39:c6:df:f0:b2:0a:c3:ae:6b:15:63:
         4d:55:6d:65
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzGuTZnhbSg2LtvfyQy0KxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZkOTVkODgzNmMxZjExNmE3MWVlMjFkZWMwZmY2NzFlMWUwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5prdunLYh187k0HkpyZlPp0rDPIX
UylGOrX/tze58MKVJEBsknZt2EElPLsP/OJ7S2TjQNwN7NDeoAwQ5ZOf/67/RH+D
Ob3cCcOACC/Tq4AzGhItXqCArtWDh1dU/TgMONwhiKIQTOoomhnx9EpryNveZ5zQ
y7JGxaXZipedDzSrbqlI/aLP/AAqkRoKZeZdavf/T1TZMgcR8aW9MpMWNC1CXl8V
8VWGcNHJIGW5CFKpxfInRw5yKWfILylX7xsenKhxNCG4BgTKOURfWEJ4DmPEB5Qu
QO/txe8TNVPqC5xjVISTt59kVIeLT/Oe8VYTlp6aQ9tcV9A2jHyIMyVQxwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDFtldiDbB8RanHuId7A/2ceHgcNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y4LzZkN2Q2
NS1mMjE1LTQyZjgtOWE1YS0xMjM3MjBiZmU3NDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgvNmQ3ZDY1
LWYyMTUtNDJmOC05YTVhLTEyMzcyMGJmZTc0Ni8xL01XMlYySU5zSHhGcWNlNGgz
c0RfWng0ZUJ3MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwd5qMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMqmDANBgkqhkiG9w0BAQsFAAOCAQEAISNjiGm05rE4l9CL5CewQjftDM+SUnZS
QDNFmtJ72SN0lmBpv5pEaobnBNBVGm1C6QWW3Sg8mN/B63kOYmSFn1SInSjcvI7q
1t3ogW8ZTa8itDn7ZYHdvxi661QEhJK/P9KCYVfnqss9wGoKQZO54uCscD9HXKVn
fFPdHyHzJ+OYpmMA30vwPtt/hX/KPSlu+d8zN1hbjJd4uD8rXash49J7RCnwNn3c
l/dN5HPKsAW4cmN+82PWQil+hCKPI1/ptpy/kf3SzbJWsnFV7+WNf0ciYgfFmKug
tos0NTuQEPvXYihhTvMUYjPvMV4eXgt5cznG3/CyCsOuaxVjTVVtZQ==
-----END CERTIFICATE-----