Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Nyr2V8CeFivm5kq-BNIcXnet4g4.cer
File:                     Nyr2V8CeFivm5kq-BNIcXnet4g4.cer (raw, json)
Hash identifier:          p9Bvg+M/GpUWHdmV4CSylot8TKClI24tG0piQ+G51U0=
Subject key identifier:   37:2A:F6:57:C0:9E:16:2B:E6:E6:4A:BE:04:D2:1C:5E:77:AD:E2:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC79477B21CC143227E9C25DDFAFD93F4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/69/200489-152f-4424-b863-1c6f777d4349/1/Nyr2V8CeFivm5kq-BNIcXnet4g4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/69/200489-152f-4424-b863-1c6f777d4349/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:30:45 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 199116

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:77:b2:1c:c1:43:22:7e:9c:25:dd:fa:fd:93:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=372af657c09e162be6e64abe04d21c5e77ade20e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:08:93:d4:41:4c:16:9f:d5:b6:4e:d0:8b:df:
                    fe:98:32:a8:20:05:3a:de:7b:f3:c8:fb:d5:66:cf:
                    ce:55:64:c7:7b:a4:d0:ce:39:22:45:12:43:d8:86:
                    15:e3:5d:63:89:94:e5:43:03:d3:a9:99:00:e5:a3:
                    3f:70:c6:1b:51:b5:cb:64:dd:02:02:85:48:dd:ff:
                    6b:a3:20:d8:61:e6:cc:19:8f:03:b3:43:12:06:4c:
                    48:d4:20:97:e7:16:be:65:4a:6c:69:60:79:90:22:
                    ed:55:e9:d6:15:7d:5f:a9:d3:fe:b7:13:a6:2c:82:
                    17:31:4d:74:57:ae:27:aa:2b:1b:5b:90:0c:0e:d6:
                    0b:08:dd:53:ce:07:d5:f9:62:b6:c3:71:7b:56:e5:
                    e7:cc:8e:34:57:c9:fd:e8:db:ad:2a:23:8a:d2:5f:
                    34:d1:52:aa:7c:ca:7a:2c:1b:e0:ee:93:91:52:b3:
                    33:e9:5f:38:95:ea:14:99:61:b1:fd:3c:1e:b9:b5:
                    00:92:49:1a:e9:df:d1:c7:45:9c:f0:3d:ef:5c:7c:
                    29:0b:59:05:ae:9b:32:5a:b3:bd:07:a2:64:12:0c:
                    24:bd:b5:6f:5a:b9:0b:8e:ff:4c:19:b8:18:18:96:
                    5e:9c:9c:ca:f0:cc:eb:e4:26:f4:7d:78:19:2a:e8:
                    36:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:2A:F6:57:C0:9E:16:2B:E6:E6:4A:BE:04:D2:1C:5E:77:AD:E2:0E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/200489-152f-4424-b863-1c6f777d4349/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/200489-152f-4424-b863-1c6f777d4349/1/Nyr2V8CeFivm5kq-BNIcXnet4g4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199116

    Signature Algorithm: sha256WithRSAEncryption
         93:b8:e3:cc:fd:94:e1:be:d1:31:4b:97:79:34:d9:8a:22:27:
         73:23:5b:9c:80:b3:ef:43:da:c9:bd:70:94:ab:74:6c:d1:14:
         8a:c1:81:18:40:c2:22:1a:a7:9f:7e:2f:d1:2b:db:e7:9a:13:
         c6:4f:1e:63:9a:18:d8:3d:3a:8d:65:cd:ed:7c:37:5e:3a:d2:
         46:aa:7b:00:7b:7b:88:43:f4:2b:c7:a2:7a:a1:05:c0:af:69:
         1d:c6:ae:04:fe:9b:39:67:86:07:62:9c:65:5b:b9:4a:46:9a:
         4b:92:1d:7e:86:a6:0e:df:57:90:7f:53:69:a8:fe:de:79:28:
         e9:a7:b0:a9:ba:d3:cc:5f:22:ca:6d:30:4a:1c:bc:c5:fb:96:
         37:a0:14:1c:99:06:fa:b0:f4:89:e7:ff:db:e2:bd:80:cc:56:
         44:a1:a5:11:75:03:ad:fe:10:76:3d:01:1f:fe:35:4f:70:c7:
         02:1b:4b:b3:d2:ea:90:9a:3f:0c:66:45:89:f9:cb:55:8b:12:
         47:c5:50:cb:77:f1:a1:46:a6:cc:64:2b:79:78:80:c0:46:d3:
         71:4d:47:1e:b5:e4:2e:02:06:4e:4c:2b:f5:f9:64:4f:bf:f5:
         ef:8e:26:52:63:bf:8a:0b:e1:7a:f4:0d:e1:69:60:48:aa:b8:
         ce:01:04:fe
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHlHeyHMFDIn6cJd36/ZP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzJhZjY1N2MwOWUxNjJiZTZlNjRhYmUwNGQyMWM1ZTc3YWRlMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QiT1EFMFp/Vtk7Qi9/+mDKoIAU6
3nvzyPvVZs/OVWTHe6TQzjkiRRJD2IYV411jiZTlQwPTqZkA5aM/cMYbUbXLZN0C
AoVI3f9royDYYebMGY8Ds0MSBkxI1CCX5xa+ZUpsaWB5kCLtVenWFX1fqdP+txOm
LIIXMU10V64nqisbW5AMDtYLCN1TzgfV+WK2w3F7VuXnzI40V8n96NutKiOK0l80
0VKqfMp6LBvg7pORUrMz6V84leoUmWGx/TweubUAkkka6d/Rx0Wc8D3vXHwpC1kF
rpsyWrO9B6JkEgwkvbVvWrkLjv9MGbgYGJZenJzK8Mzr5Cb0fXgZKug2nwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDcq9lfAnhYr5uZKvgTSHF53reIOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5LzIwMDQ4
OS0xNTJmLTQ0MjQtYjg2My0xYzZmNzc3ZDQzNDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkvMjAwNDg5
LTE1MmYtNDQyNC1iODYzLTFjNmY3NzdkNDM0OS8xL055cjJWOENlRml2bTVrcS1C
TkljWG5ldDRnNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMJzDANBgkqhkiG9w0BAQsFAAOCAQEAk7jjzP2U4b7R
MUuXeTTZiiIncyNbnICz70Payb1wlKt0bNEUisGBGEDCIhqnn34v0Svb55oTxk8e
Y5oY2D06jWXN7Xw3XjrSRqp7AHt7iEP0K8eieqEFwK9pHcauBP6bOWeGB2KcZVu5
SkaaS5IdfoamDt9XkH9Taaj+3nko6aewqbrTzF8iym0wShy8xfuWN6AUHJkG+rD0
ief/2+K9gMxWRKGlEXUDrf4Qdj0BH/41T3DHAhtLs9LqkJo/DGZFifnLVYsSR8VQ
y3fxoUamzGQreXiAwEbTcU1HHrXkLgIGTkwr9flkT7/1744mUmO/igvhevQN4Wlg
SKq4zgEE/g==
-----END CERTIFICATE-----