Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VWEKWd3_vSTuSymemySxvwNvjkM.cer
File:                     VWEKWd3_vSTuSymemySxvwNvjkM.cer (raw, json)
Hash identifier:          ZFZaZWvezb1eAp8WyjD6SkwPJ/+FzefblHRiPA24A+g=
Subject key identifier:   55:61:0A:59:DD:FF:BD:24:EE:4B:29:9E:9B:24:B1:BF:03:6F:8E:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DB41FAA5136662A84FAC2E8C936BAE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/VWEKWd3_vSTuSymemySxvwNvjkM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:58 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 195.234.93.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:41:fa:a5:13:66:62:a8:4f:ac:2e:8c:93:6b:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=55610a59ddffbd24ee4b299e9b24b1bf036f8e43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:15:f1:95:f4:81:7a:1e:07:89:e8:8b:40:b4:
                    0e:78:a7:93:fe:7e:31:fc:dd:f7:14:8d:e3:8c:22:
                    5f:60:4d:0c:3a:47:24:07:93:f2:1d:e2:bc:ad:2f:
                    d0:47:38:1d:31:05:11:26:02:b8:94:cb:a4:fd:ac:
                    52:9c:c8:05:7b:fc:74:fe:97:39:5c:fa:b7:80:c8:
                    96:8d:52:ee:23:cb:97:ae:f3:ef:29:d5:09:18:9b:
                    11:9f:52:a6:e8:cb:44:26:b0:0f:b0:10:b4:fa:4c:
                    80:c3:b6:47:c2:11:18:02:1c:c8:da:33:0b:69:d6:
                    18:c7:ea:17:05:7c:3e:f9:25:d4:86:ed:3f:cd:89:
                    a9:b5:05:65:98:08:75:ba:77:a1:2f:6b:ad:35:a3:
                    af:08:44:b0:84:39:f5:de:4e:45:99:4e:3c:85:11:
                    f7:07:4b:80:d0:77:e3:49:ee:9f:04:42:ad:97:79:
                    a7:a4:4c:06:e4:d0:77:f7:01:3c:36:36:60:31:62:
                    11:02:60:7d:08:69:76:a7:e0:46:4b:95:ec:8e:09:
                    77:0b:89:37:39:24:a0:a3:65:56:c0:4b:4b:d0:b1:
                    08:5a:12:c5:ba:4f:54:ca:2f:08:72:a1:c0:c1:d9:
                    d5:4e:40:49:7b:2e:75:d9:ed:1d:14:a9:3f:5b:c4:
                    da:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:61:0A:59:DD:FF:BD:24:EE:4B:29:9E:9B:24:B1:BF:03:6F:8E:43
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/VWEKWd3_vSTuSymemySxvwNvjkM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.234.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:be:3d:06:81:91:4f:28:52:ff:85:8d:f2:2d:27:43:5f:5d:
         0c:05:f4:ba:62:39:67:e2:b8:36:cd:30:ec:fd:42:7e:82:77:
         0d:68:9e:2b:61:aa:21:2b:4d:bc:cf:a3:7f:56:ff:6b:0a:3a:
         09:9c:4b:eb:4c:ed:02:d8:b9:9b:a2:16:f6:2f:86:08:07:68:
         a5:11:a1:f2:3d:3d:b6:7c:b1:81:73:7f:d3:07:18:7a:c8:a3:
         df:f2:25:3e:9b:ea:5b:66:85:90:05:a9:5b:ec:76:5f:47:c6:
         42:ff:70:56:88:79:1a:ad:25:6a:ad:67:22:78:b3:dc:74:39:
         50:1d:24:39:cf:50:de:16:da:93:fd:dc:d6:f8:79:a9:60:de:
         dd:15:21:26:09:89:a4:97:f9:a3:1b:94:c8:e6:f4:66:66:93:
         4c:3c:81:3f:8d:53:02:0e:ec:41:86:7a:50:6c:ac:ac:52:4d:
         fa:5f:33:36:63:64:d9:cf:4e:7a:20:37:ab:45:23:b3:2f:37:
         57:fb:59:f1:10:0c:b0:2f:6a:ed:d9:3f:1f:3f:8e:8e:9c:c3:
         a3:97:31:e4:3d:ab:90:fd:df:9b:5e:e4:d0:ff:a8:87:66:f5:
         fb:d4:99:4c:bc:3b:a3:9d:91:f6:69:89:45:47:0f:ff:2b:d8:
         9a:b3:95:b6
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzC20H6pRNmYqhPrC6Mk2uuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTYxMGE1OWRkZmZiZDI0ZWU0YjI5OWU5YjI0YjFiZjAzNmY4ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhXxlfSBeh4HieiLQLQOeKeT/n4x
/N33FI3jjCJfYE0MOkckB5PyHeK8rS/QRzgdMQURJgK4lMuk/axSnMgFe/x0/pc5
XPq3gMiWjVLuI8uXrvPvKdUJGJsRn1Km6MtEJrAPsBC0+kyAw7ZHwhEYAhzI2jML
adYYx+oXBXw++SXUhu0/zYmptQVlmAh1unehL2utNaOvCESwhDn13k5FmU48hRH3
B0uA0HfjSe6fBEKtl3mnpEwG5NB39wE8NjZgMWIRAmB9CGl2p+BGS5Xsjgl3C4k3
OSSgo2VWwEtL0LEIWhLFuk9Uyi8IcqHAwdnVTkBJey512e0dFKk/W8TavwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFVhClnd/70k7kspnpsksb8Db45DMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVhLzE3YTNi
ZC03NTRhLTQ1OTMtYjUxZS05ZmI0MTViMDliNWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEvMTdhM2Jk
LTc1NGEtNDU5My1iNTFlLTlmYjQxNWIwOWI1ZS8xL1ZXRUtXZDNfdlNUdVN5bWVt
eVN4dndOdmprTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw+pdMA0GCSqGSIb3DQEBCwUAA4IBAQAvvj0G
gZFPKFL/hY3yLSdDX10MBfS6Yjln4rg2zTDs/UJ+gncNaJ4rYaohK028z6N/Vv9r
CjoJnEvrTO0C2Lmbohb2L4YIB2ilEaHyPT22fLGBc3/TBxh6yKPf8iU+m+pbZoWQ
Balb7HZfR8ZC/3BWiHkarSVqrWcieLPcdDlQHSQ5z1DeFtqT/dzW+HmpYN7dFSEm
CYmkl/mjG5TI5vRmZpNMPIE/jVMCDuxBhnpQbKysUk36XzM2Y2TZz056IDerRSOz
LzdX+1nxEAywL2rt2T8fP46OnMOjlzHkPauQ/d+bXuTQ/6iHZvX71JlMvDujnZH2
aYlFRw//K9ias5W2
-----END CERTIFICATE-----