Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WujsvmlVEtpODwK23A572pYNwzo.cer
File:                     WujsvmlVEtpODwK23A572pYNwzo.cer (raw, json)
Hash identifier:          uerZTfZUGlkphxLk6mJsutsJ3grSPQ8MbK94WlNjqe4=
Subject key identifier:   5A:E8:EC:BE:69:55:12:DA:4E:0F:02:B6:DC:0E:7B:DA:96:0D:C3:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8015F98BD817A2C1ACA4B2BDE2F1E9E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bd/b27a3b-acf8-4668-989f-83cf46689375/1/WujsvmlVEtpODwK23A572pYNwzo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bd/b27a3b-acf8-4668-989f-83cf46689375/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 02:29:42 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216250

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:5f:98:bd:81:7a:2c:1a:ca:4b:2b:de:2f:1e:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ae8ecbe695512da4e0f02b6dc0e7bda960dc33a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:62:db:fb:9a:0b:1a:9b:88:88:b9:b2:41:bc:
                    62:22:a5:54:a1:f2:26:d3:8b:27:b1:1e:87:96:01:
                    f0:a8:95:44:de:e8:4d:02:83:8c:63:62:a7:64:01:
                    1a:0d:37:20:b0:52:a6:86:9d:6f:8c:1b:d2:4a:ac:
                    1e:e2:fe:41:95:fc:70:21:a6:0f:02:dd:a1:94:78:
                    bf:d4:9a:a1:0d:87:0f:bb:65:9c:e0:75:92:55:cb:
                    9a:47:84:24:fd:90:92:15:3f:49:e2:97:10:8a:32:
                    bd:b7:ef:78:9d:ae:a2:48:05:2e:08:c1:5f:ef:5d:
                    d9:f6:91:56:2e:c3:0e:d6:d2:ff:df:05:e8:de:60:
                    1f:7b:74:24:b8:a0:90:99:d1:ac:c5:7d:01:f1:5a:
                    c0:0d:76:79:d7:fd:44:35:3e:ba:14:b7:fc:25:4d:
                    17:59:00:08:5d:99:ed:27:91:1b:f7:e1:ce:76:a3:
                    98:05:8c:c6:7a:83:27:37:e7:e5:e1:25:d4:26:f2:
                    2a:71:4e:bc:07:52:ce:bb:ba:bb:5a:50:5b:1f:e9:
                    02:3d:a8:53:36:9e:c7:b6:a3:3d:c8:da:a4:9c:c1:
                    8c:1c:ba:47:7a:c5:1d:d3:4f:83:32:1a:0b:96:5c:
                    c7:95:4c:2a:00:d8:d1:75:da:90:56:1e:9f:e3:31:
                    d4:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E8:EC:BE:69:55:12:DA:4E:0F:02:B6:DC:0E:7B:DA:96:0D:C3:3A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b27a3b-acf8-4668-989f-83cf46689375/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b27a3b-acf8-4668-989f-83cf46689375/1/WujsvmlVEtpODwK23A572pYNwzo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216250

    Signature Algorithm: sha256WithRSAEncryption
         61:3f:06:fc:8b:13:a0:c8:db:ef:bf:b8:eb:2f:79:c2:6a:63:
         65:1c:fc:40:fb:fd:66:af:52:51:8d:a4:b5:ba:00:6e:ba:28:
         35:ac:3f:03:96:f8:12:36:86:99:13:da:4d:62:c7:c4:7b:49:
         c5:a4:4a:78:48:5d:ee:63:54:05:92:04:fd:fe:56:b9:51:6f:
         84:3c:cd:9b:93:e4:73:6f:f9:bb:5f:23:8b:d2:66:0f:4b:fa:
         f7:75:34:d7:fe:af:4a:e8:94:03:57:0c:c4:53:2b:92:ba:b4:
         01:27:8d:88:9e:7c:57:b8:61:1e:fc:f8:db:f2:6c:a2:88:16:
         15:75:b8:8d:e3:4c:29:48:fe:33:67:f4:60:1e:30:45:92:5a:
         28:46:81:1c:1e:38:4e:50:4f:88:81:b0:ca:31:c1:b6:be:ea:
         2d:49:1d:b1:e4:de:11:cb:3a:fa:34:50:b6:3d:b0:62:6a:ec:
         45:67:e3:bc:2f:58:55:ab:8d:bb:29:28:a0:eb:b5:a8:03:da:
         68:99:2d:dd:28:40:08:31:16:f5:6a:4e:9d:f7:d7:40:5c:ad:
         c2:2f:49:f4:a7:c6:86:da:57:b0:92:c7:95:89:07:ad:c3:54:
         84:62:66:59:27:03:31:70:b8:77:03:1d:c7:01:51:ee:9f:0d:
         70:5e:e7:d4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzIAV+YvYF6LBrKSyveLx6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWU4ZWNiZTY5NTUxMmRhNGUwZjAyYjZkYzBlN2JkYTk2MGRjMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2Lb+5oLGpuIiLmyQbxiIqVUofIm
04snsR6HlgHwqJVE3uhNAoOMY2KnZAEaDTcgsFKmhp1vjBvSSqwe4v5BlfxwIaYP
At2hlHi/1JqhDYcPu2Wc4HWSVcuaR4Qk/ZCSFT9J4pcQijK9t+94na6iSAUuCMFf
713Z9pFWLsMO1tL/3wXo3mAfe3QkuKCQmdGsxX0B8VrADXZ51/1ENT66FLf8JU0X
WQAIXZntJ5Eb9+HOdqOYBYzGeoMnN+fl4SXUJvIqcU68B1LOu7q7WlBbH+kCPahT
Np7HtqM9yNqknMGMHLpHesUd00+DMhoLllzHlUwqANjRddqQVh6f4zHUWwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFro7L5pVRLaTg8CttwOe9qWDcM6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JkL2IyN2Ez
Yi1hY2Y4LTQ2NjgtOTg5Zi04M2NmNDY2ODkzNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQvYjI3YTNi
LWFjZjgtNDY2OC05ODlmLTgzY2Y0NjY4OTM3NS8xL1d1anN2bWxWRXRwT0R3SzIz
QTU3MnBZTnd6by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNMujANBgkqhkiG9w0BAQsFAAOCAQEAYT8G/IsToMjb
77+46y95wmpjZRz8QPv9Zq9SUY2ktboAbrooNaw/A5b4EjaGmRPaTWLHxHtJxaRK
eEhd7mNUBZIE/f5WuVFvhDzNm5Pkc2/5u18ji9JmD0v693U01/6vSuiUA1cMxFMr
krq0ASeNiJ58V7hhHvz42/JsoogWFXW4jeNMKUj+M2f0YB4wRZJaKEaBHB44TlBP
iIGwyjHBtr7qLUkdseTeEcs6+jRQtj2wYmrsRWfjvC9YVauNuykooOu1qAPaaJkt
3ShACDEW9WpOnffXQFytwi9J9KfGhtpXsJLHlYkHrcNUhGJmWScDMXC4dwMdxwFR
7p8NcF7n1A==
-----END CERTIFICATE-----