Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VWEKWd3_vSTuSymemySxvwNvjkM.cer
File:                     VWEKWd3_vSTuSymemySxvwNvjkM.cer (raw, json)
Hash identifier:          GTSgaXNKXNAjRU1F17XXcggOMM2cyaJxIrV7J6OlRnQ=
Subject key identifier:   55:61:0A:59:DD:FF:BD:24:EE:4B:29:9E:9B:24:B1:BF:03:6F:8E:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942444B5B4E26B7CD2EAA0A6F93378B27A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/VWEKWd3_vSTuSymemySxvwNvjkM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 23:47:50 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 195.234.93.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:44:b5:b4:e2:6b:7c:d2:ea:a0:a6:f9:33:78:b2:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:47:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=55610a59ddffbd24ee4b299e9b24b1bf036f8e43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:15:f1:95:f4:81:7a:1e:07:89:e8:8b:40:b4:
                    0e:78:a7:93:fe:7e:31:fc:dd:f7:14:8d:e3:8c:22:
                    5f:60:4d:0c:3a:47:24:07:93:f2:1d:e2:bc:ad:2f:
                    d0:47:38:1d:31:05:11:26:02:b8:94:cb:a4:fd:ac:
                    52:9c:c8:05:7b:fc:74:fe:97:39:5c:fa:b7:80:c8:
                    96:8d:52:ee:23:cb:97:ae:f3:ef:29:d5:09:18:9b:
                    11:9f:52:a6:e8:cb:44:26:b0:0f:b0:10:b4:fa:4c:
                    80:c3:b6:47:c2:11:18:02:1c:c8:da:33:0b:69:d6:
                    18:c7:ea:17:05:7c:3e:f9:25:d4:86:ed:3f:cd:89:
                    a9:b5:05:65:98:08:75:ba:77:a1:2f:6b:ad:35:a3:
                    af:08:44:b0:84:39:f5:de:4e:45:99:4e:3c:85:11:
                    f7:07:4b:80:d0:77:e3:49:ee:9f:04:42:ad:97:79:
                    a7:a4:4c:06:e4:d0:77:f7:01:3c:36:36:60:31:62:
                    11:02:60:7d:08:69:76:a7:e0:46:4b:95:ec:8e:09:
                    77:0b:89:37:39:24:a0:a3:65:56:c0:4b:4b:d0:b1:
                    08:5a:12:c5:ba:4f:54:ca:2f:08:72:a1:c0:c1:d9:
                    d5:4e:40:49:7b:2e:75:d9:ed:1d:14:a9:3f:5b:c4:
                    da:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:61:0A:59:DD:FF:BD:24:EE:4B:29:9E:9B:24:B1:BF:03:6F:8E:43
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/17a3bd-754a-4593-b51e-9fb415b09b5e/1/VWEKWd3_vSTuSymemySxvwNvjkM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.234.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:f2:10:0c:46:75:fb:f2:08:d0:a6:0a:2f:75:fc:91:80:13:
         32:83:ef:a9:1a:fd:f3:99:77:1e:0a:8b:35:e5:a3:53:c2:96:
         fb:87:f9:be:75:56:a8:d8:98:a9:da:f8:6e:fe:89:74:76:fc:
         2b:b9:a1:17:29:b1:40:32:8b:4d:2f:e6:50:11:6a:bb:71:ce:
         43:60:8f:25:8e:e3:4c:ff:e5:a0:88:97:7f:fd:80:53:2a:d4:
         c6:e2:c2:3e:7d:c2:fd:7a:04:24:35:f4:a4:dd:54:c9:a3:c7:
         bd:09:3e:6a:88:d7:05:cf:c5:4b:28:1d:11:27:f1:d2:ff:ff:
         5b:29:59:5f:cb:3c:70:9c:a3:f9:7a:d2:cc:dd:a3:4b:10:36:
         30:f3:e9:e3:42:e3:71:60:4b:3b:51:e2:58:ca:33:f9:a7:b6:
         fb:e5:43:88:da:f8:f0:86:00:fa:d8:85:bb:2b:a4:5d:85:5b:
         ea:8b:61:4d:ec:46:3b:58:23:01:58:d0:6e:f5:6d:9d:71:24:
         81:32:2f:a0:d8:cb:b5:71:b5:a5:d7:d1:b5:75:54:5f:7c:47:
         09:21:ed:d9:46:3b:43:be:4a:1a:2a:9c:0c:e6:c4:13:50:e1:
         23:57:86:38:14:80:30:47:04:d8:b9:df:8a:53:13:5b:24:91:
         32:a2:b9:50
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQkRLW04mt80uqgpvkzeLJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTYxMGE1OWRkZmZiZDI0ZWU0YjI5OWU5YjI0YjFiZjAzNmY4ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhXxlfSBeh4HieiLQLQOeKeT/n4x
/N33FI3jjCJfYE0MOkckB5PyHeK8rS/QRzgdMQURJgK4lMuk/axSnMgFe/x0/pc5
XPq3gMiWjVLuI8uXrvPvKdUJGJsRn1Km6MtEJrAPsBC0+kyAw7ZHwhEYAhzI2jML
adYYx+oXBXw++SXUhu0/zYmptQVlmAh1unehL2utNaOvCESwhDn13k5FmU48hRH3
B0uA0HfjSe6fBEKtl3mnpEwG5NB39wE8NjZgMWIRAmB9CGl2p+BGS5Xsjgl3C4k3
OSSgo2VWwEtL0LEIWhLFuk9Uyi8IcqHAwdnVTkBJey512e0dFKk/W8TavwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFVhClnd/70k7kspnpsksb8Db45DMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVhLzE3YTNi
ZC03NTRhLTQ1OTMtYjUxZS05ZmI0MTViMDliNWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEvMTdhM2Jk
LTc1NGEtNDU5My1iNTFlLTlmYjQxNWIwOWI1ZS8xL1ZXRUtXZDNfdlNUdVN5bWVt
eVN4dndOdmprTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw+pdMA0GCSqGSIb3DQEBCwUAA4IBAQCZ8hAM
RnX78gjQpgovdfyRgBMyg++pGv3zmXceCos15aNTwpb7h/m+dVao2Jip2vhu/ol0
dvwruaEXKbFAMotNL+ZQEWq7cc5DYI8ljuNM/+WgiJd//YBTKtTG4sI+fcL9egQk
NfSk3VTJo8e9CT5qiNcFz8VLKB0RJ/HS//9bKVlfyzxwnKP5etLM3aNLEDYw8+nj
QuNxYEs7UeJYyjP5p7b75UOI2vjwhgD62IW7K6RdhVvqi2FN7EY7WCMBWNBu9W2d
cSSBMi+g2Mu1cbWl19G1dVRffEcJIe3ZRjtDvkoaKpwM5sQTUOEjV4Y4FIAwRwTY
ud+KUxNbJJEyorlQ
-----END CERTIFICATE-----