Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
File:                     V-K4ajPJ-XIUU22MopGdfzw4AM4.cer (raw, json)
Hash identifier:          Zr2vQpbTxyKmdlh2RM5qkVCRLlFECZ9Ob0NbMvgs/kU=
Subject key identifier:   57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56EC79A7487ACB4294C64A9AE8C7BA4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:30:20 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.42.72.0/22
                          IP: 2a01:5be0::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:c7:9a:74:87:ac:b4:29:4c:64:a9:ae:8c:7b:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:30:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:33:b6:61:c0:8c:66:ee:3a:53:3b:59:d1:2a:
                    05:99:d3:52:8e:73:29:35:97:d6:a1:64:f0:e0:85:
                    97:0d:6c:87:b3:87:17:66:49:fc:cd:e5:90:58:24:
                    0f:f1:23:70:89:81:bb:af:b7:ed:f9:65:9e:9c:7e:
                    59:a3:ea:54:3d:e4:94:67:a4:50:70:27:cc:89:0c:
                    b3:37:a2:43:16:6d:75:99:66:49:8b:1c:23:aa:ad:
                    08:2e:c6:40:17:ff:e0:8e:e3:56:2c:41:22:31:83:
                    fb:01:3e:b9:86:0c:f5:33:80:61:c8:b1:58:bc:1b:
                    4a:b5:65:ab:5e:85:7f:24:eb:5c:38:10:ff:4b:b6:
                    43:45:c0:57:23:0a:f3:c5:85:af:68:be:9d:21:67:
                    cc:fe:86:76:ae:ee:cd:3b:f4:ff:09:c5:5a:fd:12:
                    74:49:94:10:ff:38:b6:63:03:03:0a:21:50:76:3d:
                    02:08:bc:7c:b3:7f:f3:2b:83:f0:d9:9c:eb:e0:68:
                    86:99:1b:72:ca:6e:12:52:37:7c:65:15:25:89:67:
                    7c:02:80:ea:8c:c7:53:cf:0c:b4:f2:8c:04:78:50:
                    58:72:41:8c:8f:ba:f5:53:df:27:02:dd:c8:e1:e3:
                    c0:87:2d:64:86:40:77:1e:e4:76:9f:4b:62:cb:9f:
                    b1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.42.72.0/22
                IPv6:
                  2a01:5be0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8b:9d:b6:53:25:69:e1:cf:ce:d9:41:44:96:03:29:1f:d8:36:
         0e:d9:58:17:f3:a3:c9:6e:1d:a5:93:f0:cc:c0:b8:0a:97:f6:
         ec:a7:ae:38:24:d1:15:05:a2:96:40:93:ec:83:52:f9:fa:84:
         ac:66:ba:e6:59:49:2e:ca:dd:c6:22:d7:2f:d4:53:c7:83:da:
         6c:bf:9f:a5:12:d7:0a:09:c1:9f:0c:88:74:43:6b:f3:26:ad:
         c0:d6:34:1e:86:e5:07:fc:cc:42:00:b0:d8:8b:5b:59:4d:ce:
         9c:1f:0c:e4:63:1c:f6:5f:6c:7b:e3:c7:48:1b:bd:d9:ae:4a:
         fb:a4:32:2b:71:96:d9:b6:27:c1:7c:e8:b7:ee:8f:39:cf:44:
         08:71:64:f3:22:a0:7f:d5:58:85:14:18:52:63:11:82:f0:36:
         bc:ef:08:02:38:d7:4f:1e:fa:9f:08:e7:da:70:a5:d4:52:d6:
         dc:e0:b1:88:eb:94:8f:da:e8:93:6a:b1:e3:79:19:81:d1:7b:
         f3:c2:e8:c7:44:fc:87:bf:36:f4:53:a9:e6:50:11:25:31:b5:
         09:0d:57:2f:25:52:5a:82:fe:5c:ea:05:aa:36:35:5d:68:8b:
         da:14:b8:fe:ec:29:bd:95:b7:3c:da:6a:f7:fe:2d:17:8a:7d:
         7d:b1:85:4d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzFbseadIestClMZKmujHukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2UyYjg2YTMzYzlmOTcyMTQ1MzZkOGNhMjkxOWQ3ZjNjMzgwMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDO2YcCMZu46UztZ0SoFmdNSjnMp
NZfWoWTw4IWXDWyHs4cXZkn8zeWQWCQP8SNwiYG7r7ft+WWenH5Zo+pUPeSUZ6RQ
cCfMiQyzN6JDFm11mWZJixwjqq0ILsZAF//gjuNWLEEiMYP7AT65hgz1M4BhyLFY
vBtKtWWrXoV/JOtcOBD/S7ZDRcBXIwrzxYWvaL6dIWfM/oZ2ru7NO/T/CcVa/RJ0
SZQQ/zi2YwMDCiFQdj0CCLx8s3/zK4Pw2Zzr4GiGmRtyym4SUjd8ZRUliWd8AoDq
jMdTzwy08owEeFBYckGMj7r1U98nAt3I4ePAhy1khkB3HuR2n0tiy5+xUQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFfiuGozyflyFFNtjKKRnX88OADOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyLzYxNDlh
NS1jOGRlLTRjNjEtYmViNy0yMjAxMjAzYTBiYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvNjE0OWE1
LWM4ZGUtNGM2MS1iZWI3LTIyMDEyMDNhMGJhYi8xL1YtSzRhalBKLVhJVVUyMk1v
cEdkZnp3NEFNNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuSpIMA0EAgACMAcDBQAqAVvgMA0GCSqGSIb3
DQEBCwUAA4IBAQCLnbZTJWnhz87ZQUSWAykf2DYO2VgX86PJbh2lk/DMwLgKl/bs
p644JNEVBaKWQJPsg1L5+oSsZrrmWUkuyt3GItcv1FPHg9psv5+lEtcKCcGfDIh0
Q2vzJq3A1jQehuUH/MxCALDYi1tZTc6cHwzkYxz2X2x748dIG73Zrkr7pDIrcZbZ
tifBfOi37o85z0QIcWTzIqB/1ViFFBhSYxGC8Da87wgCONdPHvqfCOfacKXUUtbc
4LGI65SP2uiTarHjeRmB0XvzwujHRPyHvzb0U6nmUBElMbUJDVcvJVJagv5c6gWq
NjVdaIvaFLj+7Cm9lbc82mr3/i0Xin19sYVN
-----END CERTIFICATE-----