Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
File:                     V-K4ajPJ-XIUU22MopGdfzw4AM4.cer (raw, json)
Hash identifier:          aGO9p7QwhZiNRTVwjwXT70Q6mNnW/nQef65kTiu+jNY=
Subject key identifier:   57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C1346C551D0408B412DD1A0EF2CC899
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 00:19:56 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 185.42.72.0/22
                          IP: 2a01:5be0::/32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Mar 2026 21:05:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:46:c5:51:d0:40:8b:41:2d:d1:a0:ef:2c:c8:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:19:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:33:b6:61:c0:8c:66:ee:3a:53:3b:59:d1:2a:
                    05:99:d3:52:8e:73:29:35:97:d6:a1:64:f0:e0:85:
                    97:0d:6c:87:b3:87:17:66:49:fc:cd:e5:90:58:24:
                    0f:f1:23:70:89:81:bb:af:b7:ed:f9:65:9e:9c:7e:
                    59:a3:ea:54:3d:e4:94:67:a4:50:70:27:cc:89:0c:
                    b3:37:a2:43:16:6d:75:99:66:49:8b:1c:23:aa:ad:
                    08:2e:c6:40:17:ff:e0:8e:e3:56:2c:41:22:31:83:
                    fb:01:3e:b9:86:0c:f5:33:80:61:c8:b1:58:bc:1b:
                    4a:b5:65:ab:5e:85:7f:24:eb:5c:38:10:ff:4b:b6:
                    43:45:c0:57:23:0a:f3:c5:85:af:68:be:9d:21:67:
                    cc:fe:86:76:ae:ee:cd:3b:f4:ff:09:c5:5a:fd:12:
                    74:49:94:10:ff:38:b6:63:03:03:0a:21:50:76:3d:
                    02:08:bc:7c:b3:7f:f3:2b:83:f0:d9:9c:eb:e0:68:
                    86:99:1b:72:ca:6e:12:52:37:7c:65:15:25:89:67:
                    7c:02:80:ea:8c:c7:53:cf:0c:b4:f2:8c:04:78:50:
                    58:72:41:8c:8f:ba:f5:53:df:27:02:dd:c8:e1:e3:
                    c0:87:2d:64:86:40:77:1e:e4:76:9f:4b:62:cb:9f:
                    b1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.42.72.0/22
                IPv6:
                  2a01:5be0::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:e6:a2:43:71:fa:e6:25:05:b9:8b:1d:f1:03:cd:69:2f:6c:
         62:02:db:b5:a7:29:4d:41:8a:46:ef:f7:d4:44:82:aa:a8:bb:
         36:a9:0a:39:94:63:14:64:93:b3:ed:49:a7:90:33:77:39:60:
         45:32:e0:7e:af:09:5d:9a:f3:19:e3:c3:bf:dd:14:cb:59:4e:
         fb:71:9b:d4:b1:b4:da:22:a7:f6:88:3c:05:39:f6:ea:5f:ad:
         ae:15:f1:ba:3b:9f:76:f4:c6:cc:70:57:43:f9:48:2a:b6:26:
         bf:c5:a2:7c:40:bf:e2:64:75:1e:c5:2c:3b:80:34:72:cf:0f:
         11:6b:15:6b:7a:3c:98:e9:08:64:96:b9:19:21:bc:6e:95:86:
         78:53:60:d8:f9:c3:3a:84:e7:69:d1:51:a6:ca:13:c5:fb:08:
         a2:a4:fd:5f:c4:73:ad:6f:8a:3b:13:83:1e:c8:35:3e:5c:4c:
         5f:de:7b:85:0e:94:fd:c1:58:60:b5:ec:ed:4c:85:6f:06:29:
         3d:8a:5f:ef:7a:dc:1f:96:73:28:f1:ac:54:39:0a:93:0f:8a:
         a6:82:67:f0:72:91:7e:6f:69:e4:6c:16:23:55:14:6a:c9:9b:
         da:25:5c:67:e6:99:74:46:54:02:a4:c9:6a:e1:00:da:61:6a:
         b7:6f:89:75
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZt8E0bFUdBAi0Et0aDvLMiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDAxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2UyYjg2YTMzYzlmOTcyMTQ1MzZkOGNhMjkxOWQ3ZjNjMzgwMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDO2YcCMZu46UztZ0SoFmdNSjnMp
NZfWoWTw4IWXDWyHs4cXZkn8zeWQWCQP8SNwiYG7r7ft+WWenH5Zo+pUPeSUZ6RQ
cCfMiQyzN6JDFm11mWZJixwjqq0ILsZAF//gjuNWLEEiMYP7AT65hgz1M4BhyLFY
vBtKtWWrXoV/JOtcOBD/S7ZDRcBXIwrzxYWvaL6dIWfM/oZ2ru7NO/T/CcVa/RJ0
SZQQ/zi2YwMDCiFQdj0CCLx8s3/zK4Pw2Zzr4GiGmRtyym4SUjd8ZRUliWd8AoDq
jMdTzwy08owEeFBYckGMj7r1U98nAt3I4ePAhy1khkB3HuR2n0tiy5+xUQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFfiuGozyflyFFNtjKKRnX88OADOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyLzYxNDlh
NS1jOGRlLTRjNjEtYmViNy0yMjAxMjAzYTBiYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvNjE0OWE1
LWM4ZGUtNGM2MS1iZWI3LTIyMDEyMDNhMGJhYi8xL1YtSzRhalBKLVhJVVUyMk1v
cEdkZnp3NEFNNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuSpIMA0EAgACMAcDBQAqAVvgMA0GCSqGSIb3
DQEBCwUAA4IBAQAI5qJDcfrmJQW5ix3xA81pL2xiAtu1pylNQYpG7/fURIKqqLs2
qQo5lGMUZJOz7UmnkDN3OWBFMuB+rwldmvMZ48O/3RTLWU77cZvUsbTaIqf2iDwF
OfbqX62uFfG6O5929MbMcFdD+Ugqtia/xaJ8QL/iZHUexSw7gDRyzw8RaxVrejyY
6QhklrkZIbxulYZ4U2DY+cM6hOdp0VGmyhPF+wiipP1fxHOtb4o7E4MeyDU+XExf
3nuFDpT9wVhgteztTIVvBik9il/vetwflnMo8axUOQqTD4qmgmfwcpF+b2nkbBYj
VRRqyZvaJVxn5pl0RlQCpMlq4QDaYWq3b4l1
-----END CERTIFICATE-----