Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VrS_zQFkrXxmiK8iJGyC4Zld01E.cer
File:                     VrS_zQFkrXxmiK8iJGyC4Zld01E.cer (raw, json)
Hash identifier:          1ZUak1tkB+KxkBxK7ycLpauI9MwzYfmb2a6T1ovOa68=
Subject key identifier:   56:B4:BF:CD:01:64:AD:7C:66:88:AF:22:24:6C:82:E1:99:5D:D3:51
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019424B284FE2DF622D9CD0ED2FD958F310C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/VrS_zQFkrXxmiK8iJGyC4Zld01E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 01:47:46 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 185.123.124.0/22
                          IP: 2a06:af00::/29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:b2:84:fe:2d:f6:22:d9:cd:0e:d2:fd:95:8f:31:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 01:47:46 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=56b4bfcd0164ad7c6688af22246c82e1995dd351
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:75:14:42:45:87:7f:0c:19:a3:20:1c:11:35:
                    ba:9b:17:12:7f:ba:e1:8a:01:d4:af:cf:56:80:04:
                    23:22:18:e1:72:3a:08:d2:dc:e7:db:ba:3f:78:85:
                    de:b0:5b:ca:78:6a:04:43:c4:ae:a6:1e:d6:c0:67:
                    3f:3f:ad:c2:05:9b:1b:8a:f6:b1:a4:9a:9e:38:38:
                    5d:9f:1a:b1:ec:5b:9a:4c:4f:e2:e4:4f:66:99:7c:
                    b2:20:50:1f:bb:e0:0e:6f:96:fc:9c:d9:fe:f3:ac:
                    9b:2a:f1:46:d9:b0:37:29:b3:d3:c2:f7:0d:99:17:
                    95:92:ed:ad:9f:b6:2d:f7:60:16:21:f1:fb:97:8e:
                    81:a5:60:7b:92:b0:5e:25:24:30:28:53:f9:89:c1:
                    c0:3a:4f:cd:d2:7d:ed:07:2f:66:aa:43:12:1b:0d:
                    93:e7:bd:7d:bb:59:5b:02:12:99:6f:18:78:6d:b4:
                    6b:b8:3d:68:43:96:50:d6:e3:c9:59:62:8c:78:6a:
                    f7:f1:96:a1:1e:2f:33:5e:6c:70:77:2c:db:f6:c7:
                    3d:ee:12:74:fc:1a:89:c7:33:6a:9b:0a:e1:d5:37:
                    dc:f0:6d:8b:65:22:76:e4:92:a3:cc:b0:cd:dc:67:
                    c2:20:fe:4e:07:0f:69:ba:5b:a0:f4:c3:7e:69:06:
                    a5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:B4:BF:CD:01:64:AD:7C:66:88:AF:22:24:6C:82:E1:99:5D:D3:51
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/VrS_zQFkrXxmiK8iJGyC4Zld01E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.123.124.0/22
                IPv6:
                  2a06:af00::/29

    Signature Algorithm: sha256WithRSAEncryption
         80:93:23:79:f6:82:fa:3a:75:fe:a8:b9:bc:fb:37:f3:d2:8a:
         05:70:b0:2a:68:ef:59:64:d7:d3:8b:43:fa:50:34:62:be:30:
         a9:0b:d2:85:bd:7b:21:36:c8:6a:0a:e9:99:d2:dc:e3:d7:d8:
         85:e0:57:04:3e:ee:86:23:aa:e8:31:d3:b8:7c:0b:7d:49:a8:
         87:9c:73:bc:fa:d8:e6:06:2f:c6:24:5b:f8:96:e4:d4:9c:ff:
         07:ed:03:24:35:04:0f:40:91:30:20:ef:22:88:69:23:91:cd:
         c7:6c:f0:d0:ad:db:1d:fd:cd:45:28:ac:96:9c:74:6c:b7:43:
         f8:32:39:43:59:e3:6e:0d:a1:7f:5d:54:e0:44:c3:0a:d4:fe:
         5a:c8:e7:9d:7b:d8:a4:9c:b6:b1:da:dd:e3:88:f8:58:3a:65:
         86:43:4c:51:4b:c2:eb:52:97:16:ee:9f:32:ba:ce:bd:70:42:
         ad:62:e7:6e:88:8a:8d:ac:4d:9a:c3:8c:7a:76:65:44:61:41:
         0a:ce:d4:14:32:6d:f6:3b:76:df:b1:f1:c9:b6:42:10:7b:ac:
         fa:9f:ad:f1:49:86:6e:2a:e8:6b:a8:39:1a:0f:1b:28:d6:9e:
         b1:bb:aa:b3:33:67:0c:23:16:a7:7e:f4:a4:15:aa:de:59:50:
         82:2c:2b:77
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZQksoT+LfYi2c0O0v2VjzEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI0YmZjZDAxNjRhZDdjNjY4OGFmMjIyNDZjODJlMTk5NWRkMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnUUQkWHfwwZoyAcETW6mxcSf7rh
igHUr89WgAQjIhjhcjoI0tzn27o/eIXesFvKeGoEQ8Suph7WwGc/P63CBZsbivax
pJqeODhdnxqx7FuaTE/i5E9mmXyyIFAfu+AOb5b8nNn+86ybKvFG2bA3KbPTwvcN
mReVku2tn7Yt92AWIfH7l46BpWB7krBeJSQwKFP5icHAOk/N0n3tBy9mqkMSGw2T
5719u1lbAhKZbxh4bbRruD1oQ5ZQ1uPJWWKMeGr38ZahHi8zXmxwdyzb9sc97hJ0
/BqJxzNqmwrh1Tfc8G2LZSJ25JKjzLDN3GfCIP5OBw9pulug9MN+aQalvwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFa0v80BZK18ZoivIiRsguGZXdNRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxL2UwM2Uw
Zi1mM2E2LTRjNTUtYWRkZC0yNDE2NjVmNDlkMjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEvZTAzZTBm
LWYzYTYtNGM1NS1hZGRkLTI0MTY2NWY0OWQyNS8xL1ZyU196UUZrclh4bWlLOGlK
R3lDNFpsZDAxRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuXt8MA0EAgACMAcDBQMqBq8AMA0GCSqGSIb3
DQEBCwUAA4IBAQCAkyN59oL6OnX+qLm8+zfz0ooFcLAqaO9ZZNfTi0P6UDRivjCp
C9KFvXshNshqCumZ0tzj19iF4FcEPu6GI6roMdO4fAt9SaiHnHO8+tjmBi/GJFv4
luTUnP8H7QMkNQQPQJEwIO8iiGkjkc3HbPDQrdsd/c1FKKyWnHRst0P4MjlDWeNu
DaF/XVTgRMMK1P5ayOede9iknLax2t3jiPhYOmWGQ0xRS8LrUpcW7p8yus69cEKt
YuduiIqNrE2aw4x6dmVEYUEKztQUMm32O3bfsfHJtkIQe6z6n63xSYZuKuhrqDka
Dxso1p6xu6qzM2cMIxanfvSkFareWVCCLCt3
-----END CERTIFICATE-----