Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
File:                     UaDZglED2dpHYe-pGmDqLKdY0AM.cer (raw, json)
Hash identifier:          eSQCkosnXCUEM220fHDeF+dNgaKFUKK6W0cxM+k2R5E=
Subject key identifier:   51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DB45790C1717B3078C354577449F03
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:59 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 45.156.96.0/22
                          IP: 2a0f:1c80::/29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:45:79:0c:17:17:b3:07:8c:35:45:77:44:9f:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:6e:c8:b2:da:30:4c:98:1a:08:f7:52:53:e0:
                    de:15:c2:47:88:d1:a8:2a:91:4a:04:5c:84:28:30:
                    01:3d:19:cd:31:3d:45:e2:20:bc:48:c1:74:fd:50:
                    2e:2d:cd:ee:0c:52:df:80:e8:1d:e6:81:77:95:ee:
                    18:b2:da:5f:b9:1c:b8:3f:c0:f5:1e:31:11:6b:14:
                    09:cd:63:84:36:24:4f:10:72:32:c4:42:19:20:00:
                    a2:02:70:e6:f4:bc:5a:7e:89:4e:f4:c9:77:69:c1:
                    8d:4a:85:f2:22:4e:ca:a7:a2:67:d6:b7:9f:a4:a4:
                    1e:4c:9b:4e:df:71:b5:c6:2b:f4:19:78:4d:6d:3f:
                    6a:f5:51:85:cf:5b:9c:69:5c:c5:ae:ea:96:89:c0:
                    93:d0:7e:93:27:11:be:78:e4:84:81:cc:e5:a9:4f:
                    8a:28:f5:26:98:0e:29:ce:23:35:8e:30:7c:02:7b:
                    95:94:1f:44:be:5c:2c:ae:2e:62:62:29:3a:f4:63:
                    d1:60:6e:ba:92:30:11:9e:d2:77:84:58:0b:2e:83:
                    ab:45:38:95:6b:51:5f:3b:b2:0a:e5:e1:a9:90:70:
                    e7:06:3d:e4:d6:16:25:8b:1a:ed:44:04:8b:f0:6b:
                    7d:6b:a4:f2:48:ec:15:df:e9:38:7f:ea:af:15:69:
                    7d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.96.0/22
                IPv6:
                  2a0f:1c80::/29

    Signature Algorithm: sha256WithRSAEncryption
         1f:25:7d:d8:b0:87:7a:d5:43:bd:fc:79:64:54:fd:59:88:61:
         de:fe:39:ca:01:0c:75:4e:d6:70:c6:f7:5d:a5:fb:81:66:68:
         19:5a:56:33:bb:1c:9a:b8:35:42:da:a1:f5:3b:21:0b:d0:f8:
         f9:d0:f4:71:de:a5:9a:65:9d:06:5f:f8:9f:07:6c:90:9f:be:
         b8:b6:ef:95:2b:10:5e:58:43:64:0d:b8:35:24:d7:82:0f:a6:
         f3:37:6c:d1:13:9b:5b:51:9c:78:7a:36:bf:e8:09:75:cc:54:
         03:e8:36:fd:a6:4c:70:e7:75:a8:cf:ca:9a:c3:22:a2:fe:b8:
         66:02:c9:2a:f1:78:49:c3:d1:df:e4:fa:c2:e4:fa:eb:b0:23:
         46:86:5a:f5:6b:af:a4:19:05:52:b8:d1:a4:17:8e:c0:b9:f2:
         19:eb:0b:0f:89:a1:98:dd:95:83:1c:51:cd:50:15:1d:2a:e4:
         9c:83:ff:65:5e:fa:7a:9b:62:be:99:c0:99:a9:6f:6e:c8:71:
         6a:b0:c8:de:3b:df:4d:98:68:a9:c7:44:fe:38:55:23:29:35:
         8b:31:f2:79:71:82:01:a1:05:f2:95:ad:20:b2:6c:8b:e7:f8:
         9b:9a:1c:f2:48:2a:9d:d9:1c:86:1e:4d:9d:2e:fe:ec:7f:e4:
         07:e5:5e:b0
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzC20V5DBcXsweMNUV3RJ8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWEwZDk4MjUxMDNkOWRhNDc2MWVmYTkxYTYwZWEyY2E3NThkMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA427IstowTJgaCPdSU+DeFcJHiNGo
KpFKBFyEKDABPRnNMT1F4iC8SMF0/VAuLc3uDFLfgOgd5oF3le4YstpfuRy4P8D1
HjERaxQJzWOENiRPEHIyxEIZIACiAnDm9LxafolO9Ml3acGNSoXyIk7Kp6Jn1ref
pKQeTJtO33G1xiv0GXhNbT9q9VGFz1ucaVzFruqWicCT0H6TJxG+eOSEgczlqU+K
KPUmmA4pziM1jjB8AnuVlB9Evlwsri5iYik69GPRYG66kjARntJ3hFgLLoOrRTiV
a1FfO7IK5eGpkHDnBj3k1hYlixrtRASL8Gt9a6TySOwV3+k4f+qvFWl90QIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFGg2YJRA9naR2HvqRpg6iynWNADMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U0L2I0ZjQ5
Yi03NWU1LTQ4NjQtOTA4ZS02YTNkZjAxYTMyMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQvYjRmNDli
LTc1ZTUtNDg2NC05MDhlLTZhM2RmMDFhMzIzNi8xL1VhRFpnbEVEMmRwSFllLXBH
bURxTEtkWTBBTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0EAgACMAcDBQMqDxyAMA0GCSqGSIb3
DQEBCwUAA4IBAQAfJX3YsId61UO9/HlkVP1ZiGHe/jnKAQx1TtZwxvddpfuBZmgZ
WlYzuxyauDVC2qH1OyEL0Pj50PRx3qWaZZ0GX/ifB2yQn764tu+VKxBeWENkDbg1
JNeCD6bzN2zRE5tbUZx4eja/6Al1zFQD6Db9pkxw53Woz8qawyKi/rhmAskq8XhJ
w9Hf5PrC5PrrsCNGhlr1a6+kGQVSuNGkF47AufIZ6wsPiaGY3ZWDHFHNUBUdKuSc
g/9lXvp6m2K+mcCZqW9uyHFqsMjeO99NmGipx0T+OFUjKTWLMfJ5cYIBoQXyla0g
smyL5/ibmhzySCqd2RyGHk2dLv7sf+QH5V6w
-----END CERTIFICATE-----