Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UBA5dWzPMfZKiDRD4fFzKDTSuLI.cer
File:                     UBA5dWzPMfZKiDRD4fFzKDTSuLI.cer (raw, json)
Hash identifier:          q0STDChuffqUnSn1ZjrNOJEgHnx+lW8VmS2+ER3fhZo=
Subject key identifier:   50:10:39:75:6C:CF:31:F6:4A:88:34:43:E1:F1:73:28:34:D2:B8:B2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427464BCDC4A861FFF5538937E09FE31E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/30/0a719c-9ab9-49d9-acf0-cda26c36062a/1/UBA5dWzPMfZKiDRD4fFzKDTSuLI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/30/0a719c-9ab9-49d9-acf0-cda26c36062a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 13:48:25 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 200056
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:46:4b:cd:c4:a8:61:ff:f5:53:89:37:e0:9f:e3:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 13:48:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=501039756ccf31f64a883443e1f1732834d2b8b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:8e:98:ce:12:43:4f:09:68:0d:36:00:d1:fc:
                    bb:ca:3a:43:4d:d4:46:51:cc:28:93:3c:f7:3a:b7:
                    7f:d6:b8:73:87:17:62:b3:89:b5:84:ba:c4:6c:47:
                    82:fb:02:f8:2d:99:b3:bf:6b:40:0d:17:a4:3a:0e:
                    e5:27:2a:2d:fe:8f:50:50:e2:db:91:a6:e3:9c:58:
                    13:91:ff:1c:71:3d:b2:24:6a:6e:fb:50:e5:17:9e:
                    04:5c:92:dc:28:7c:b3:e8:c4:6d:a7:8b:c7:0a:f6:
                    46:1a:00:e1:29:08:1a:54:30:57:87:eb:f7:5e:6c:
                    37:32:a9:de:e0:82:37:72:10:c0:ec:84:c8:4c:01:
                    40:21:e0:74:99:b5:18:be:08:2f:4f:14:bb:f2:54:
                    b2:1a:d6:90:a0:66:4b:8e:0f:aa:80:8f:89:e8:95:
                    b3:5e:a0:fc:08:e1:4c:9e:cf:8f:52:f0:dc:a1:7e:
                    21:87:17:f6:95:13:a2:ef:cc:d4:27:21:e1:97:2d:
                    26:af:2d:f7:60:14:98:e4:3f:bd:a1:e4:38:cc:56:
                    f0:6a:56:7c:c0:0a:db:61:71:1b:a2:97:a2:6c:42:
                    03:c7:c5:33:67:81:70:3a:72:70:f7:ef:a2:f3:3f:
                    c0:b5:52:cf:70:86:eb:6d:7b:d2:49:46:c7:ee:ad:
                    a6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:10:39:75:6C:CF:31:F6:4A:88:34:43:E1:F1:73:28:34:D2:B8:B2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0a719c-9ab9-49d9-acf0-cda26c36062a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0a719c-9ab9-49d9-acf0-cda26c36062a/1/UBA5dWzPMfZKiDRD4fFzKDTSuLI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200056

    Signature Algorithm: sha256WithRSAEncryption
         2d:5c:dd:b4:a6:60:a3:43:5a:0e:e0:cd:a7:69:a4:b5:6f:5d:
         39:69:4a:1f:f7:4c:3a:11:cd:ff:26:71:77:1c:a5:62:17:2e:
         50:19:b9:d1:6c:06:85:c1:bc:bb:b4:46:75:88:c5:a5:22:f8:
         e1:31:4e:c6:82:45:aa:48:3d:ff:28:9e:12:b4:08:ba:bb:fc:
         d5:22:de:d8:0b:d1:97:cd:98:06:1d:64:e8:3d:25:f7:94:b9:
         40:ac:86:39:d2:95:07:bb:21:71:e7:27:78:e3:4f:39:68:18:
         91:ee:3f:2c:b3:a1:5a:a5:a9:41:11:2f:ea:dc:6b:86:3d:11:
         9d:02:b6:7e:44:b8:11:07:86:2c:69:6e:34:63:ec:7a:81:0c:
         02:33:bb:bd:46:59:53:18:51:00:2e:41:86:71:a8:59:93:27:
         ff:91:95:d5:37:4d:6a:6a:48:84:16:e4:a4:cf:a3:7e:3a:bd:
         46:fc:ce:02:0b:b8:1e:5e:49:2d:a0:21:09:df:9d:99:19:69:
         ba:4b:fa:5a:f7:06:93:c6:c5:29:95:e3:bf:53:48:47:54:d9:
         50:a2:25:fe:b4:47:cf:8c:e4:55:d5:dc:70:d1:bf:a5:f9:b9:
         da:38:2c:bc:39:86:23:cd:8b:59:b3:7e:8c:66:a6:74:6f:17:
         9d:f1:e9:3f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQnRkvNxKhh//VTiTfgn+MeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDEwMzk3NTZjY2YzMWY2NGE4ODM0NDNlMWYxNzMyODM0ZDJiOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I6YzhJDTwloDTYA0fy7yjpDTdRG
Ucwokzz3Ord/1rhzhxdis4m1hLrEbEeC+wL4LZmzv2tADRekOg7lJyot/o9QUOLb
kabjnFgTkf8ccT2yJGpu+1DlF54EXJLcKHyz6MRtp4vHCvZGGgDhKQgaVDBXh+v3
Xmw3Mqne4II3chDA7ITITAFAIeB0mbUYvggvTxS78lSyGtaQoGZLjg+qgI+J6JWz
XqD8COFMns+PUvDcoX4hhxf2lROi78zUJyHhly0mry33YBSY5D+9oeQ4zFbwalZ8
wArbYXEbopeibEIDx8UzZ4FwOnJw9++i8z/AtVLPcIbrbXvSSUbH7q2mdQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFAQOXVszzH2Sog0Q+Hxcyg00riyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzBhNzE5
Yy05YWI5LTQ5ZDktYWNmMC1jZGEyNmMzNjA2MmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMGE3MTlj
LTlhYjktNDlkOS1hY2YwLWNkYTI2YzM2MDYyYS8xL1VCQTVkV3pQTWZaS2lEUkQ0
ZkZ6S0RUU3VMSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMNeDANBgkqhkiG9w0BAQsFAAOCAQEALVzdtKZgo0Na
DuDNp2mktW9dOWlKH/dMOhHN/yZxdxylYhcuUBm50WwGhcG8u7RGdYjFpSL44TFO
xoJFqkg9/yieErQIurv81SLe2AvRl82YBh1k6D0l95S5QKyGOdKVB7shcecneONP
OWgYke4/LLOhWqWpQREv6txrhj0RnQK2fkS4EQeGLGluNGPseoEMAjO7vUZZUxhR
AC5BhnGoWZMn/5GV1TdNampIhBbkpM+jfjq9RvzOAgu4Hl5JLaAhCd+dmRlpukv6
WvcGk8bFKZXjv1NIR1TZUKIl/rRHz4zkVdXccNG/pfm52jgsvDmGI82LWbN+jGam
dG8XnfHpPw==
-----END CERTIFICATE-----