Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MW2V2INsHxFqce4h3sD_Zx4eBw0.cer
File:                     MW2V2INsHxFqce4h3sD_Zx4eBw0.cer (raw, json)
Hash identifier:          1cY7qu+9A54cZZPBAJLO+luO+P0GqQx0vsw0SLJ9Eks=
Subject key identifier:   31:6D:95:D8:83:6C:1F:11:6A:71:EE:21:DE:C0:FF:67:1E:1E:07:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019422FBB752525F3157E85B8C5AE964D9B1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/MW2V2INsHxFqce4h3sD_Zx4eBw0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 17:48:29 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 207512
                          IP: 193.222.106.0/23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:fb:b7:52:52:5f:31:57:e8:5b:8c:5a:e9:64:d9:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 17:48:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=316d95d8836c1f116a71ee21dec0ff671e1e070d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:9a:dd:ba:72:d8:87:5f:3b:93:41:e4:a7:26:
                    65:3e:9d:2b:0c:f2:17:53:29:46:3a:b5:ff:b7:37:
                    b9:f0:c2:95:24:40:6c:92:76:6d:d8:41:25:3c:bb:
                    0f:fc:e2:7b:4b:64:e3:40:dc:0d:ec:d0:de:a0:0c:
                    10:e5:93:9f:ff:ae:ff:44:7f:83:39:bd:dc:09:c3:
                    80:08:2f:d3:ab:80:33:1a:12:2d:5e:a0:80:ae:d5:
                    83:87:57:54:fd:38:0c:38:dc:21:88:a2:10:4c:ea:
                    28:9a:19:f1:f4:4a:6b:c8:db:de:67:9c:d0:cb:b2:
                    46:c5:a5:d9:8a:97:9d:0f:34:ab:6e:a9:48:fd:a2:
                    cf:fc:00:2a:91:1a:0a:65:e6:5d:6a:f7:ff:4f:54:
                    d9:32:07:11:f1:a5:bd:32:93:16:34:2d:42:5e:5f:
                    15:f1:55:86:70:d1:c9:20:65:b9:08:52:a9:c5:f2:
                    27:47:0e:72:29:67:c8:2f:29:57:ef:1b:1e:9c:a8:
                    71:34:21:b8:06:04:ca:39:44:5f:58:42:78:0e:63:
                    c4:07:94:2e:40:ef:ed:c5:ef:13:35:53:ea:0b:9c:
                    63:54:84:93:b7:9f:64:54:87:8b:4f:f3:9e:f1:56:
                    13:96:9e:9a:43:db:5c:57:d0:36:8c:7c:88:33:25:
                    50:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:6D:95:D8:83:6C:1F:11:6A:71:EE:21:DE:C0:FF:67:1E:1E:07:0D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6d7d65-f215-42f8-9a5a-123720bfe746/1/MW2V2INsHxFqce4h3sD_Zx4eBw0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.222.106.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207512

    Signature Algorithm: sha256WithRSAEncryption
         24:f2:4a:96:f9:d6:54:66:89:af:13:ac:c6:82:8c:3f:be:58:
         fc:cb:50:00:cf:4b:52:e0:74:4d:ff:72:51:ea:23:a7:f6:00:
         46:43:22:f0:21:0b:d9:48:87:f3:8c:48:09:00:d5:a5:8a:19:
         8a:95:66:91:95:79:83:85:e4:28:ce:76:c4:a0:d7:ae:ff:02:
         44:1d:5c:38:7e:32:ca:43:a3:04:2e:b9:90:d3:30:07:df:b2:
         42:15:2b:d8:cf:45:c3:d6:18:dc:16:6c:a8:96:5a:c5:3c:da:
         88:a0:7f:20:39:3b:7a:dc:fd:60:21:b7:af:15:24:0d:41:e7:
         10:16:37:c7:c8:18:10:bd:5e:8d:0b:bf:cb:6f:3a:9e:db:8c:
         3a:43:5d:6a:86:dc:e2:fc:9e:2e:c6:27:71:e9:93:7f:e4:d9:
         f8:61:0a:3c:d6:6c:ef:ce:18:dd:aa:b6:de:9e:c7:82:61:9e:
         57:19:76:bd:f2:43:06:ad:7d:8e:c6:c4:a1:65:12:58:13:47:
         60:26:0e:de:59:b7:99:1f:0e:99:96:86:4a:ad:23:de:77:ac:
         7f:85:d0:a4:44:23:5b:f8:55:35:2d:9f:67:48:f6:6a:b0:e9:
         3e:2a:0f:77:c8:b9:56:3f:1b:f4:59:0d:94:33:ba:ea:78:81:
         27:38:d1:89
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQi+7dSUl8xV+hbjFrpZNmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZkOTVkODgzNmMxZjExNmE3MWVlMjFkZWMwZmY2NzFlMWUwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5prdunLYh187k0HkpyZlPp0rDPIX
UylGOrX/tze58MKVJEBsknZt2EElPLsP/OJ7S2TjQNwN7NDeoAwQ5ZOf/67/RH+D
Ob3cCcOACC/Tq4AzGhItXqCArtWDh1dU/TgMONwhiKIQTOoomhnx9EpryNveZ5zQ
y7JGxaXZipedDzSrbqlI/aLP/AAqkRoKZeZdavf/T1TZMgcR8aW9MpMWNC1CXl8V
8VWGcNHJIGW5CFKpxfInRw5yKWfILylX7xsenKhxNCG4BgTKOURfWEJ4DmPEB5Qu
QO/txe8TNVPqC5xjVISTt59kVIeLT/Oe8VYTlp6aQ9tcV9A2jHyIMyVQxwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDFtldiDbB8RanHuId7A/2ceHgcNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y4LzZkN2Q2
NS1mMjE1LTQyZjgtOWE1YS0xMjM3MjBiZmU3NDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgvNmQ3ZDY1
LWYyMTUtNDJmOC05YTVhLTEyMzcyMGJmZTc0Ni8xL01XMlYySU5zSHhGcWNlNGgz
c0RfWng0ZUJ3MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwd5qMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMqmDANBgkqhkiG9w0BAQsFAAOCAQEAJPJKlvnWVGaJrxOsxoKMP75Y/MtQAM9L
UuB0Tf9yUeojp/YARkMi8CEL2UiH84xICQDVpYoZipVmkZV5g4XkKM52xKDXrv8C
RB1cOH4yykOjBC65kNMwB9+yQhUr2M9Fw9YY3BZsqJZaxTzaiKB/IDk7etz9YCG3
rxUkDUHnEBY3x8gYEL1ejQu/y286ntuMOkNdaobc4vyeLsYncemTf+TZ+GEKPNZs
784Y3aq23p7HgmGeVxl2vfJDBq19jsbEoWUSWBNHYCYO3lm3mR8OmZaGSq0j3nes
f4XQpEQjW/hVNS2fZ0j2arDpPioPd8i5Vj8b9FkNlDO66niBJzjRiQ==
-----END CERTIFICATE-----