Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SHcGwrHYON95a_g_qn176rxcdvg.cer
File:                     SHcGwrHYON95a_g_qn176rxcdvg.cer (raw, json)
Hash identifier:          tGxcT1aYBgWZItngNw17zm04zI6x9BLD5oHbGWF9/8I=
Subject key identifier:   48:77:06:C2:B1:D8:38:DF:79:6B:F8:3F:AA:7D:7B:EA:BC:5C:76:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019425FD4339DC21A326C92C48744FB1BAB7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 07:49:02 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 209401
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:fd:43:39:dc:21:a3:26:c9:2c:48:74:4f:b1:ba:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 07:49:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=487706c2b1d838df796bf83faa7d7beabc5c76f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:6b:c4:49:59:a6:7f:08:c7:73:fe:34:84:0b:
                    09:c2:16:35:d2:ee:85:d0:37:7b:fc:7a:25:c9:21:
                    8f:5e:39:3c:f3:6a:b2:07:11:4b:01:e9:a3:f5:d5:
                    44:b6:24:a5:6a:b5:f4:42:0d:2b:a6:12:c4:73:98:
                    3e:56:d9:0f:f4:39:73:6a:d1:1e:56:9b:bd:88:57:
                    a0:6d:24:fb:06:51:ff:0a:bb:3c:86:d3:72:5f:48:
                    7d:32:43:66:d5:d3:0d:81:2c:b1:5e:45:e4:f4:e0:
                    7f:2e:4d:ec:8f:65:29:d9:f1:b0:c7:74:58:0d:1f:
                    7d:e4:d9:c8:36:b1:44:a9:df:46:7f:c6:2e:c8:11:
                    fa:b0:1b:c9:74:d0:1b:ec:94:3e:c4:71:72:d0:af:
                    6b:28:ff:85:74:0a:7d:64:9e:a7:74:51:69:35:0c:
                    99:74:f3:71:35:a2:02:38:c0:d1:af:c2:73:e4:4b:
                    7f:6b:9b:95:47:e3:74:51:2a:76:46:6c:98:4e:88:
                    ed:58:77:68:7b:0c:e4:ab:25:dd:c6:a0:c5:21:31:
                    ee:5a:66:b8:a2:c5:cc:4b:13:04:6b:8f:7f:1e:fe:
                    08:3d:d8:1d:39:91:d2:c9:eb:b2:ed:53:85:cf:e1:
                    d9:f9:c8:fc:dd:68:e8:cb:b2:a2:ca:b9:bf:21:66:
                    fb:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:77:06:C2:B1:D8:38:DF:79:6B:F8:3F:AA:7D:7B:EA:BC:5C:76:F8
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209401

    Signature Algorithm: sha256WithRSAEncryption
         26:1f:16:69:6a:c1:ea:75:94:bf:cc:aa:fd:ac:68:c2:d3:a1:
         94:fd:d6:17:e7:f6:ec:65:6f:07:fe:b8:9e:fe:e8:e9:ef:dd:
         88:7e:24:62:47:ec:ab:59:10:87:35:ea:a9:3a:f2:ec:23:c8:
         2f:26:5f:d0:30:be:5d:9c:fd:42:3d:24:8d:cb:03:1a:83:c7:
         7b:f5:61:15:6e:5b:0b:d2:be:30:52:d1:76:eb:0b:63:dd:f6:
         a9:b8:7f:ab:bf:90:cd:ac:78:db:4f:3c:bd:dd:9f:dd:58:d5:
         0a:45:ec:2e:e2:2e:7a:a8:b8:a4:c0:7d:e9:b5:a0:7f:95:f5:
         7b:cc:f3:9f:3b:7d:ee:1d:97:fa:1e:5e:6e:93:e3:a7:0a:84:
         02:7b:97:30:a4:d4:2a:91:80:ce:43:0d:f2:64:cf:a1:33:27:
         d5:2e:dd:4c:e4:03:50:44:48:5c:67:48:c5:39:84:c6:39:49:
         b7:5e:3d:e1:5b:b9:81:80:48:ea:91:ae:d9:e7:06:5a:e0:47:
         87:a3:a4:5d:0d:5d:d9:dd:2c:64:47:aa:a9:7e:c5:92:64:06:
         ca:1d:f7:0d:18:e4:bb:e8:c8:40:dd:68:53:fc:de:d7:87:6c:
         25:66:6b:4f:32:59:ca:cb:b3:2c:e8:50:3b:7f:67:44:5c:8f:
         f2:a1:48:61
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQl/UM53CGjJsksSHRPsbq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc3MDZjMmIxZDgzOGRmNzk2YmY4M2ZhYTdkN2JlYWJjNWM3NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WvESVmmfwjHc/40hAsJwhY10u6F
0Dd7/HolySGPXjk882qyBxFLAemj9dVEtiSlarX0Qg0rphLEc5g+VtkP9DlzatEe
Vpu9iFegbST7BlH/Crs8htNyX0h9MkNm1dMNgSyxXkXk9OB/Lk3sj2Up2fGwx3RY
DR995NnINrFEqd9Gf8YuyBH6sBvJdNAb7JQ+xHFy0K9rKP+FdAp9ZJ6ndFFpNQyZ
dPNxNaICOMDRr8Jz5Et/a5uVR+N0USp2RmyYTojtWHdoewzkqyXdxqDFITHuWma4
osXMSxMEa49/Hv4IPdgdOZHSyeuy7VOFz+HZ+cj83Wjoy7Kiyrm/IWb7mQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEh3BsKx2DjfeWv4P6p9e+q8XHb4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FjL2NmMTY5
My1lNjdjLTRmNzMtYWVlMS1lMDQ0MDcxZWYyZDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMvY2YxNjkz
LWU2N2MtNGY3My1hZWUxLWUwNDQwNzFlZjJkOS8xL1NIY0d3ckhZT045NWFfZ19x
bjE3NnJ4Y2R2Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMx+TANBgkqhkiG9w0BAQsFAAOCAQEAJh8WaWrB6nWU
v8yq/axowtOhlP3WF+f27GVvB/64nv7o6e/diH4kYkfsq1kQhzXqqTry7CPILyZf
0DC+XZz9Qj0kjcsDGoPHe/VhFW5bC9K+MFLRdusLY932qbh/q7+Qzax42088vd2f
3VjVCkXsLuIueqi4pMB96bWgf5X1e8zznzt97h2X+h5ebpPjpwqEAnuXMKTUKpGA
zkMN8mTPoTMn1S7dTOQDUERIXGdIxTmExjlJt1494Vu5gYBI6pGu2ecGWuBHh6Ok
XQ1d2d0sZEeqqX7FkmQGyh33DRjku+jIQN1oU/ze14dsJWZrTzJZysuzLOhQO39n
RFyP8qFIYQ==
-----END CERTIFICATE-----