Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QvcyJBt5d1jmmeyoslQ2voGf4k0.cer
File:                     QvcyJBt5d1jmmeyoslQ2voGf4k0.cer (raw, json)
Hash identifier:          y63hEZ25diT4mYQcrl+bVk4fKnyXmSKxWAmo0MJiHJ4=
Subject key identifier:   42:F7:32:24:1B:79:77:58:E6:99:EC:A8:B2:54:36:BE:81:9F:E2:4D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC2363282E690576C0F513DA6F98A9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c2/f5eb04-7b76-473b-818d-c2d74348fe84/1/QvcyJBt5d1jmmeyoslQ2voGf4k0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c2/f5eb04-7b76-473b-818d-c2d74348fe84/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:29:47 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 202248

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:23:63:28:2e:69:05:76:c0:f5:13:da:6f:98:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:29:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=42f732241b797758e699eca8b25436be819fe24d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:af:c3:88:6d:e9:06:a9:97:a4:b7:df:7f:b8:
                    e6:66:95:fd:b9:dc:2a:29:d7:36:12:d8:e4:83:f4:
                    e7:82:f1:60:94:9a:69:8f:ba:67:46:b4:fb:cb:a7:
                    c6:03:51:47:93:38:54:2e:e0:d4:89:ee:89:0f:d4:
                    65:71:39:f0:ea:b8:85:4d:1a:03:aa:5a:04:35:97:
                    c0:51:2c:64:00:0a:4f:87:1a:11:eb:f3:8f:9b:34:
                    46:00:a5:6b:04:cb:7e:00:cf:53:6e:10:b9:02:a9:
                    b8:d2:de:b3:3f:79:2b:3d:bb:4d:92:cf:fe:09:3d:
                    00:88:6a:83:7b:2d:e7:32:41:5d:0f:2e:a4:9d:e8:
                    44:7e:45:fa:7b:f5:f6:f7:a8:c9:e3:81:af:92:ed:
                    df:38:52:b9:5a:02:fc:aa:a5:64:32:c7:10:9b:04:
                    73:9d:33:4b:f6:d6:90:30:8d:e6:c7:8d:1b:fb:0c:
                    07:c0:33:90:c2:f1:30:62:cc:7b:05:83:35:79:b8:
                    d4:c1:e2:83:0c:9c:27:5d:87:9d:ef:9f:10:59:aa:
                    76:41:61:95:7b:68:44:d9:0f:c8:4b:ad:97:0c:81:
                    73:62:e4:ee:04:bb:b6:3e:63:73:7f:a0:3b:3a:b0:
                    cc:61:e5:cb:a6:5b:c9:22:cd:8a:a8:53:0d:dc:e5:
                    eb:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:F7:32:24:1B:79:77:58:E6:99:EC:A8:B2:54:36:BE:81:9F:E2:4D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/f5eb04-7b76-473b-818d-c2d74348fe84/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/f5eb04-7b76-473b-818d-c2d74348fe84/1/QvcyJBt5d1jmmeyoslQ2voGf4k0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202248

    Signature Algorithm: sha256WithRSAEncryption
         0f:49:4f:a2:be:b2:ce:27:18:bf:8f:4d:f0:ea:a9:4b:22:63:
         42:de:87:5b:f5:53:9c:9c:4b:6c:06:90:27:54:55:e8:19:9a:
         07:2d:01:b7:3c:77:94:cd:59:d0:8c:19:65:2e:8f:ae:a3:c9:
         30:35:26:87:84:3a:04:c9:b3:2c:ed:3b:77:39:36:fd:8e:db:
         d2:7d:65:65:a1:a9:f5:1f:7d:b2:24:4b:ba:ea:90:f3:d2:4b:
         d8:b4:8d:6a:b9:7c:7a:15:fa:70:d1:57:ae:4e:54:c2:9e:2d:
         c0:1d:7e:41:61:a0:18:f5:b0:2f:e3:5c:37:7f:02:22:a3:42:
         19:12:cd:0b:6e:7c:6f:49:1e:7d:8d:8a:0a:b7:d7:4b:1e:e9:
         27:1e:da:68:3c:a8:4c:c8:74:3e:ea:16:74:2c:90:35:4f:79:
         4a:75:8b:5b:38:af:24:b6:46:42:fc:d3:2e:a3:bc:c4:cb:c4:
         fa:0e:ce:89:a2:c8:c6:7e:b7:3a:c2:66:cf:39:46:39:fd:1f:
         2e:d2:80:32:23:ca:54:57:e1:88:52:44:64:b3:98:eb:61:70:
         1c:de:d0:32:4b:4e:35:8c:2f:d4:26:90:7a:2f:a1:a0:c8:cf:
         26:4f:30:41:67:58:d9:4b:bb:c8:e5:90:97:94:e4:72:3b:2c:
         6d:3d:01:86
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzF3CNjKC5pBXbA9RPab5ipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY3MzIyNDFiNzk3NzU4ZTY5OWVjYThiMjU0MzZiZTgxOWZlMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6/DiG3pBqmXpLfff7jmZpX9udwq
Kdc2Etjkg/TngvFglJppj7pnRrT7y6fGA1FHkzhULuDUie6JD9RlcTnw6riFTRoD
qloENZfAUSxkAApPhxoR6/OPmzRGAKVrBMt+AM9TbhC5Aqm40t6zP3krPbtNks/+
CT0AiGqDey3nMkFdDy6knehEfkX6e/X296jJ44Gvku3fOFK5WgL8qqVkMscQmwRz
nTNL9taQMI3mx40b+wwHwDOQwvEwYsx7BYM1ebjUweKDDJwnXYed758QWap2QWGV
e2hE2Q/IS62XDIFzYuTuBLu2PmNzf6A7OrDMYeXLplvJIs2KqFMN3OXrowIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEL3MiQbeXdY5pnsqLJUNr6Bn+JNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MyL2Y1ZWIw
NC03Yjc2LTQ3M2ItODE4ZC1jMmQ3NDM0OGZlODQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIvZjVlYjA0
LTdiNzYtNDczYi04MThkLWMyZDc0MzQ4ZmU4NC8xL1F2Y3lKQnQ1ZDFqbW1leW9z
bFEydm9HZjRrMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMWCDANBgkqhkiG9w0BAQsFAAOCAQEAD0lPor6yzicY
v49N8OqpSyJjQt6HW/VTnJxLbAaQJ1RV6BmaBy0Btzx3lM1Z0IwZZS6PrqPJMDUm
h4Q6BMmzLO07dzk2/Y7b0n1lZaGp9R99siRLuuqQ89JL2LSNarl8ehX6cNFXrk5U
wp4twB1+QWGgGPWwL+NcN38CIqNCGRLNC258b0kefY2KCrfXSx7pJx7aaDyoTMh0
PuoWdCyQNU95SnWLWzivJLZGQvzTLqO8xMvE+g7OiaLIxn63OsJmzzlGOf0fLtKA
MiPKVFfhiFJEZLOY62FwHN7QMktONYwv1CaQei+hoMjPJk8wQWdY2Uu7yOWQl5Tk
cjssbT0Bhg==
-----END CERTIFICATE-----