Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/R9SdQx4asoTjBY9m_Zn4pBp3RuM.cer
File:                     R9SdQx4asoTjBY9m_Zn4pBp3RuM.cer (raw, json)
Hash identifier:          SbglDP2BrGYudp75YMHL8NJIe18yJMXCRbP6bZqda9w=
Subject key identifier:   47:D4:9D:43:1E:1A:B2:84:E3:05:8F:66:FD:99:F8:A4:1A:77:46:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DB1C9F42A4A3169394A6134CBFFACF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b7/fc7f01-4355-44e7-9cab-69988a8176f1/1/R9SdQx4asoTjBY9m_Zn4pBp3RuM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b7/fc7f01-4355-44e7-9cab-69988a8176f1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:48 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 200426

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:1c:9f:42:a4:a3:16:93:94:a6:13:4c:bf:fa:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=47d49d431e1ab284e3058f66fd99f8a41a7746e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9f:7a:96:cc:b9:a6:63:e9:92:43:c9:b9:c9:
                    a4:98:b2:9d:99:de:0e:1b:ca:35:9a:db:09:09:29:
                    4f:c5:69:9c:66:99:8a:cb:f2:9e:d8:15:34:71:d4:
                    12:fc:d6:d8:f4:20:8d:47:7c:aa:af:53:0c:bd:39:
                    71:ee:0f:cc:e8:c0:2a:67:7d:53:de:8e:ef:b7:fe:
                    df:5c:f1:c9:9a:9f:29:38:4b:66:43:cf:de:1f:13:
                    d2:97:36:d8:b7:ce:bc:08:68:24:7b:7b:ed:7c:aa:
                    14:25:b2:f6:4d:80:89:1b:4f:6f:ad:4c:f2:aa:cc:
                    5a:10:52:f8:e5:e6:a4:72:f5:f7:e2:fc:9b:2b:ba:
                    73:75:f2:e2:3e:af:f5:7d:f3:c1:0d:25:13:ee:a9:
                    7a:5e:77:84:23:85:9a:24:30:bc:ae:fc:5c:1c:82:
                    2e:b7:85:6f:cb:2d:4e:ba:4b:40:0b:76:a1:db:4b:
                    3c:94:52:95:a2:09:40:ed:55:f4:97:47:be:1d:57:
                    1a:6c:e3:5a:81:5e:58:c1:d3:aa:8b:16:8b:ce:80:
                    88:22:87:ad:09:3b:8c:83:31:79:ae:2a:34:f0:2a:
                    d1:fe:6f:2a:4c:e5:8a:e9:00:54:1d:1a:62:74:92:
                    7e:3e:19:a0:75:14:23:3d:c6:c7:a8:e6:57:9d:20:
                    f5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:D4:9D:43:1E:1A:B2:84:E3:05:8F:66:FD:99:F8:A4:1A:77:46:E3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/fc7f01-4355-44e7-9cab-69988a8176f1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/fc7f01-4355-44e7-9cab-69988a8176f1/1/R9SdQx4asoTjBY9m_Zn4pBp3RuM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200426

    Signature Algorithm: sha256WithRSAEncryption
         26:6c:74:4a:05:3a:ee:b7:3a:ab:80:ef:cf:fa:fd:f0:b1:34:
         88:05:2f:85:59:68:74:fd:0d:4d:71:49:2f:02:16:d1:46:e5:
         fc:74:02:8e:8d:23:3e:6d:11:13:a0:5e:85:b2:0a:06:c3:48:
         96:0f:0e:ef:d5:30:5e:45:22:65:40:18:39:12:68:01:02:51:
         13:4d:2d:94:47:68:5e:d7:66:d7:50:65:25:de:af:4f:a9:0d:
         cc:32:99:89:32:3f:95:00:ad:be:a4:39:ab:98:c3:b7:9d:1a:
         db:b6:40:eb:e4:ee:b9:7f:7e:8b:5a:54:a8:ce:e4:09:a4:5c:
         f0:76:be:8d:c8:5e:85:0b:56:0c:0b:f8:e7:52:08:17:d2:e2:
         f3:ea:5b:cb:52:52:6e:90:b7:70:d7:14:54:88:38:20:9b:e0:
         f4:a6:4d:42:f3:b2:f6:39:be:f9:a7:32:6a:10:0b:8e:dc:fd:
         9a:eb:23:63:75:0f:c8:66:d0:b5:88:fc:67:1a:9f:88:51:22:
         1e:de:4b:04:72:68:f7:01:15:bb:19:c7:b5:b9:a8:02:09:0d:
         c3:9c:f4:19:34:10:63:50:dc:14:11:cd:58:80:8d:14:59:fa:
         ad:f2:00:23:fb:e8:43:19:57:41:7d:a1:b4:3d:63:9a:12:38:
         b1:f3:ca:22
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzC2xyfQqSjFpOUphNMv/rPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Q0OWQ0MzFlMWFiMjg0ZTMwNThmNjZmZDk5ZjhhNDFhNzc0NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z96lsy5pmPpkkPJucmkmLKdmd4O
G8o1mtsJCSlPxWmcZpmKy/Ke2BU0cdQS/NbY9CCNR3yqr1MMvTlx7g/M6MAqZ31T
3o7vt/7fXPHJmp8pOEtmQ8/eHxPSlzbYt868CGgke3vtfKoUJbL2TYCJG09vrUzy
qsxaEFL45eakcvX34vybK7pzdfLiPq/1ffPBDSUT7ql6XneEI4WaJDC8rvxcHIIu
t4Vvyy1OuktAC3ah20s8lFKVoglA7VX0l0e+HVcabONagV5YwdOqixaLzoCIIoet
CTuMgzF5rio08CrR/m8qTOWK6QBUHRpidJJ+PhmgdRQjPcbHqOZXnSD1TwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEfUnUMeGrKE4wWPZv2Z+KQad0bjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I3L2ZjN2Yw
MS00MzU1LTQ0ZTctOWNhYi02OTk4OGE4MTc2ZjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcvZmM3ZjAx
LTQzNTUtNDRlNy05Y2FiLTY5OTg4YTgxNzZmMS8xL1I5U2RReDRhc29UakJZOW1f
Wm40cEJwM1J1TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMO6jANBgkqhkiG9w0BAQsFAAOCAQEAJmx0SgU67rc6
q4Dvz/r98LE0iAUvhVlodP0NTXFJLwIW0Ubl/HQCjo0jPm0RE6BehbIKBsNIlg8O
79UwXkUiZUAYORJoAQJRE00tlEdoXtdm11BlJd6vT6kNzDKZiTI/lQCtvqQ5q5jD
t50a27ZA6+TuuX9+i1pUqM7kCaRc8Ha+jchehQtWDAv451IIF9Li8+pby1JSbpC3
cNcUVIg4IJvg9KZNQvOy9jm++acyahALjtz9musjY3UPyGbQtYj8ZxqfiFEiHt5L
BHJo9wEVuxnHtbmoAgkNw5z0GTQQY1DcFBHNWICNFFn6rfIAI/voQxlXQX2htD1j
mhI4sfPKIg==
-----END CERTIFICATE-----