Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TAcVuueB9zM83MrdtwyKg09e0Nc.cer
File:                     TAcVuueB9zM83MrdtwyKg09e0Nc.cer (raw, json)
Hash identifier:          uNay/tk/BAMdbGHj8rZ1QU2lFwMp6Ig4JU2WJ1V/mOI=
Subject key identifier:   4C:07:15:BA:E7:81:F7:33:3C:DC:CA:DD:B7:0C:8A:83:4F:5E:D0:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC7266FB12F3480DE65B0668825E39416
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/e79c2b09-ebdd-4a6c-a975-24e1a2262f4f/1/4C0715BAE781F7333CDCCADDB70C8A834F5ED0D7.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/e79c2b09-ebdd-4a6c-a975-24e1a2262f4f/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:30:34 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 58339

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:6f:b1:2f:34:80:de:65:b0:66:88:25:e3:94:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:30:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4c0715bae781f7333cdccaddb70c8a834f5ed0d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:65:6d:4c:39:33:37:c8:ec:4e:b2:68:41:b2:
                    49:a0:3e:3b:23:d7:f5:ee:bd:17:5a:45:7b:6a:26:
                    42:25:d8:91:b7:61:5e:b2:6d:d0:57:bd:03:0b:ab:
                    1a:2c:13:c8:6f:bf:c0:41:b7:a9:db:d4:8c:63:1a:
                    04:44:c8:3c:bd:02:8f:b5:a3:af:a5:67:75:98:a0:
                    c5:da:2c:84:70:5a:20:ef:3a:6c:0f:0c:cd:49:dd:
                    69:cf:0f:cc:e2:22:b4:10:04:07:1d:a0:93:b7:6e:
                    db:69:50:a1:90:5f:c2:c8:9d:c3:cd:5c:fb:36:87:
                    13:ca:23:90:85:e4:d6:3b:ba:0e:6a:3c:41:88:37:
                    54:b8:95:ca:41:aa:00:c9:09:37:42:51:fb:00:48:
                    c0:6f:6f:fd:e1:b0:ab:0d:e3:be:b9:58:38:82:6d:
                    96:65:07:a8:9c:e0:e3:a3:f0:04:51:0e:21:2a:4c:
                    35:34:8c:70:a4:b6:c1:97:66:2d:b3:7f:87:3b:bb:
                    dc:43:4f:83:a0:1a:3d:b6:17:e8:0a:64:d6:97:98:
                    67:75:b5:71:43:fa:f6:5a:af:8f:0b:09:ba:09:d3:
                    47:5e:24:c7:b3:03:2f:3f:12:74:27:f9:ba:0d:59:
                    10:05:99:76:eb:bc:d0:e1:86:8a:dc:6d:c8:60:75:
                    72:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:07:15:BA:E7:81:F7:33:3C:DC:CA:DD:B7:0C:8A:83:4F:5E:D0:D7
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/e79c2b09-ebdd-4a6c-a975-24e1a2262f4f/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/e79c2b09-ebdd-4a6c-a975-24e1a2262f4f/1/4C0715BAE781F7333CDCCADDB70C8A834F5ED0D7.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58339

    Signature Algorithm: sha256WithRSAEncryption
         07:5a:0c:1b:82:a6:92:f2:44:52:14:fc:5d:7b:6e:ed:fc:0d:
         39:8f:74:2c:82:a0:08:b0:ff:20:f0:b4:cf:e8:d9:c8:42:a5:
         d0:42:42:20:90:3d:8e:18:ec:5b:bb:66:82:c1:c5:7b:9c:67:
         04:6d:37:fa:91:4c:ca:ec:fa:a4:8f:62:e7:1d:78:e7:3c:d9:
         bc:68:79:3d:28:9a:3c:ad:28:0a:55:7c:83:ba:e1:7d:f3:4e:
         4f:14:6a:38:72:f0:0a:e5:c4:e7:83:5d:a9:a4:59:69:b0:7d:
         5b:6d:a1:0a:03:57:97:5c:f1:25:66:02:a5:40:92:ff:89:af:
         de:c1:cc:70:04:e3:a3:a2:80:5d:14:d2:03:e1:ca:88:6b:b9:
         ca:46:c7:c6:30:db:1b:90:88:b4:26:da:b3:fc:04:8d:15:7d:
         ca:6f:1f:70:c6:d1:9a:12:85:e0:9f:cc:df:96:60:d2:4a:8b:
         cf:6b:f0:c2:44:ee:81:26:e8:5e:1b:99:ec:ce:68:6e:f0:85:
         b0:2d:6f:6f:d1:ad:7d:1f:4a:f7:3b:54:78:93:53:99:4d:34:
         d9:92:71:25:5e:d1:fe:1a:21:7b:75:9b:59:02:ef:f0:a6:55:
         57:47:a2:48:ef:76:a2:96:44:3b:90:4e:08:61:40:9c:c0:c9:
         d0:e3:4c:63
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYzHJm+xLzSA3mWwZogl45QWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzA3MTViYWU3ODFmNzMzM2NkY2NhZGRiNzBjOGE4MzRmNWVkMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22VtTDkzN8jsTrJoQbJJoD47I9f1
7r0XWkV7aiZCJdiRt2Fesm3QV70DC6saLBPIb7/AQbep29SMYxoERMg8vQKPtaOv
pWd1mKDF2iyEcFog7zpsDwzNSd1pzw/M4iK0EAQHHaCTt27baVChkF/CyJ3DzVz7
NocTyiOQheTWO7oOajxBiDdUuJXKQaoAyQk3QlH7AEjAb2/94bCrDeO+uVg4gm2W
ZQeonODjo/AEUQ4hKkw1NIxwpLbBl2Yts3+HO7vcQ0+DoBo9thfoCmTWl5hndbVx
Q/r2Wq+PCwm6CdNHXiTHswMvPxJ0J/m6DVkQBZl267zQ4YaK3G3IYHVyXQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFEwHFbrngfczPNzK3bcMioNPXtDXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2U3OWMy
YjA5LWViZGQtNGE2Yy1hOTc1LTI0ZTFhMjI2MmY0Zi8xLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTc5
YzJiMDktZWJkZC00YTZjLWE5NzUtMjRlMWEyMjYyZjRmLzEvNEMwNzE1QkFFNzgx
RjczMzNDRENDQUREQjcwQzhBODM0RjVFRDBENy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA4+Mw
DQYJKoZIhvcNAQELBQADggEBAAdaDBuCppLyRFIU/F17bu38DTmPdCyCoAiw/yDw
tM/o2chCpdBCQiCQPY4Y7Fu7ZoLBxXucZwRtN/qRTMrs+qSPYucdeOc82bxoeT0o
mjytKApVfIO64X3zTk8Uajhy8ArlxOeDXamkWWmwfVttoQoDV5dc8SVmAqVAkv+J
r97BzHAE46OigF0U0gPhyohrucpGx8Yw2xuQiLQm2rP8BI0VfcpvH3DG0ZoSheCf
zN+WYNJKi89r8MJE7oEm6F4bmezOaG7whbAtb2/RrX0fSvc7VHiTU5lNNNmScSVe
0f4aIXt1m1kC7/CmVVdHokjvdqKWRDuQTghhQJzAydDjTGM=
-----END CERTIFICATE-----
Generated at Fri May 3 13:44:52 2024 by rpki-client on console-ams.rpki-client.org