Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.cer
File:                     MyKT0DmRYHiLMeQ4dg3DvR7Ygus.cer (raw, json)
Hash identifier:          4+gGKLKJ2NKJGyPo4TaNp0WII9UdjMd9LCOyIfi3P/I=
Subject key identifier:   33:22:93:D0:39:91:60:78:8B:31:E4:38:76:0D:C3:BD:1E:D8:82:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018FF1975712A971610E707BC0D4CC8AA8C3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 07 Jun 2024 07:26:18 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 196681
                          IP: 95.215.192.0/21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:f1:97:57:12:a9:71:61:0e:70:7b:c0:d4:cc:8a:a8:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun  7 07:26:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=332293d0399160788b31e438760dc3bd1ed882eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d1:97:25:50:25:1e:3c:64:23:9e:23:16:73:
                    6f:9b:89:54:de:8f:87:51:d3:b6:68:74:a5:57:33:
                    fb:63:e4:b3:b3:23:35:ba:8c:a1:90:a9:38:82:09:
                    a9:35:b0:d7:b0:2f:12:40:8d:b9:c3:79:9e:97:f8:
                    78:e4:bc:de:df:ad:98:0e:05:fe:83:0d:01:e1:4d:
                    82:8c:cf:4f:11:81:24:e3:78:1b:3b:2f:a2:bc:f2:
                    d1:7f:83:28:98:6c:1a:d0:4c:37:99:96:4f:e8:e1:
                    f3:fd:c8:ff:18:f7:6f:3e:30:8c:93:50:92:99:cd:
                    54:c0:3d:e4:c2:83:9e:f0:62:0c:ff:9c:2e:85:0a:
                    18:5a:0c:6d:02:38:43:9b:c9:d4:84:bc:6f:a3:04:
                    eb:f6:5f:7c:05:83:ae:96:d4:e3:57:be:12:28:70:
                    b4:7c:71:38:25:23:50:e9:67:49:3b:6d:10:f1:9c:
                    3f:d9:c9:03:d0:73:00:1d:6d:8d:3a:8d:2c:58:a0:
                    10:73:a7:09:5f:0a:31:ae:fe:52:ee:c9:22:ae:af:
                    29:8a:87:2b:07:8f:50:cb:2c:18:01:39:b4:55:51:
                    35:2e:aa:08:1d:32:73:57:b7:fa:89:dd:cd:dd:69:
                    91:36:fe:04:e5:81:4a:1e:57:d8:c3:fe:51:d6:65:
                    7c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:22:93:D0:39:91:60:78:8B:31:E4:38:76:0D:C3:BD:1E:D8:82:EB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.215.192.0/21

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  196681

    Signature Algorithm: sha256WithRSAEncryption
         4a:c8:07:48:79:f9:9a:02:5a:21:b2:14:12:b9:0a:0c:92:ce:
         8f:3f:40:7e:4f:e0:17:a3:0b:b5:37:1d:db:f2:73:0b:da:94:
         9e:ca:cd:2e:a6:0c:e3:62:a7:46:6f:98:b6:68:5f:6c:cc:5a:
         21:de:9f:17:e8:f2:a4:d8:60:ac:73:b9:da:bd:3b:0f:10:6c:
         ba:17:8b:ce:1a:ea:c3:dc:63:d4:9c:11:a5:f4:96:49:43:77:
         97:a0:cd:ea:23:69:ab:6d:e2:9b:d4:c9:f0:ff:1f:5e:f7:aa:
         d9:09:ae:b7:15:98:fc:58:ef:3e:8f:4d:51:3e:ce:09:a5:37:
         da:4c:09:4e:c5:c5:f6:db:bb:36:6c:17:86:52:a1:9d:4a:18:
         ab:60:f5:eb:71:24:be:03:e3:3c:f8:ac:a2:5f:c0:71:d3:b8:
         c0:88:99:1a:9d:8c:8f:3d:78:a0:7d:92:a2:b6:23:de:c1:a5:
         2e:bd:39:86:1b:17:83:44:0c:69:84:a4:2c:71:0c:42:6e:7d:
         f4:27:10:85:aa:1c:b3:6f:a2:23:36:61:ef:fa:e8:5b:56:3b:
         32:47:78:e8:7f:83:5a:a9:9b:20:e5:06:9b:03:1c:02:94:a2:
         de:67:4a:af:c0:1d:3e:e2:f6:ab:ae:c3:37:13:85:7a:85:1e:
         cf:32:3e:51
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAY/xl1cSqXFhDnB7wNTMiqjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjA3MDcyNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzIyOTNkMDM5OTE2MDc4OGIzMWU0Mzg3NjBkYzNiZDFlZDg4MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptGXJVAlHjxkI54jFnNvm4lU3o+H
UdO2aHSlVzP7Y+SzsyM1uoyhkKk4ggmpNbDXsC8SQI25w3mel/h45Lze362YDgX+
gw0B4U2CjM9PEYEk43gbOy+ivPLRf4MomGwa0Ew3mZZP6OHz/cj/GPdvPjCMk1CS
mc1UwD3kwoOe8GIM/5wuhQoYWgxtAjhDm8nUhLxvowTr9l98BYOultTjV74SKHC0
fHE4JSNQ6WdJO20Q8Zw/2ckD0HMAHW2NOo0sWKAQc6cJXwoxrv5S7skirq8piocr
B49QyywYATm0VVE1LqoIHTJzV7f6id3N3WmRNv4E5YFKHlfYw/5R1mV8FwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDMik9A5kWB4izHkOHYNw70e2ILrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1L2M4YjFl
NS03Yjk1LTRjYTctYjJiYS0yMjJmZTM0ODI2OGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvYzhiMWU1
LTdiOTUtNGNhNy1iMmJhLTIyMmZlMzQ4MjY4YS8xL015S1QwRG1SWUhpTE1lUTRk
ZzNEdlI3WWd1cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDX9fAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMASTANBgkqhkiG9w0BAQsFAAOCAQEASsgHSHn5mgJaIbIUErkKDJLOjz9Afk/g
F6MLtTcd2/JzC9qUnsrNLqYM42KnRm+YtmhfbMxaId6fF+jypNhgrHO52r07DxBs
uheLzhrqw9xj1JwRpfSWSUN3l6DN6iNpq23im9TJ8P8fXveq2QmutxWY/FjvPo9N
UT7OCaU32kwJTsXF9tu7NmwXhlKhnUoYq2D163EkvgPjPPisol/AcdO4wIiZGp2M
jz14oH2SorYj3sGlLr05hhsXg0QMaYSkLHEMQm599CcQhaocs2+iIzZh7/roW1Y7
Mkd46H+DWqmbIOUGmwMcApSi3mdKr8AdPuL2q67DNxOFeoUezzI+UQ==
-----END CERTIFICATE-----