Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
File:                     YxB3zMSCuRtFmfUslKiJABOSSf8.cer (raw, json)
Hash identifier:          APYT0Q05GwC1u5Meu0uM0r/t9EHIzpa9LhVhDakoSH8=
Subject key identifier:   63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019760A1D08B21AF6A1FCD861B0A004E9446
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 11 Jun 2025 20:15:06 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 207099
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 16:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:a1:d0:8b:21:af:6a:1f:cd:86:1b:0a:00:4e:94:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 11 20:15:06 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=631077ccc482b91b4599f52c94a88900139249ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:bc:05:0d:86:bc:5d:8b:6e:b2:94:08:ed:30:
                    6a:34:44:5a:24:e2:e4:ec:87:13:9d:a3:30:bf:6d:
                    0e:13:3d:fc:4a:8b:d7:08:cf:59:d4:45:79:a5:12:
                    6a:82:d3:cd:09:0b:e3:f2:26:8d:ae:45:91:02:c6:
                    b6:c4:bf:4d:50:4f:fd:1b:a9:7a:db:16:70:10:03:
                    6d:18:fb:fe:10:f1:16:c1:0e:8e:6f:59:ab:f1:82:
                    81:73:1f:85:13:d3:53:57:d3:3b:f3:4d:a4:17:29:
                    8a:cc:a2:43:2d:34:f4:de:ea:5f:03:6d:27:2f:22:
                    a0:45:13:5f:ab:f0:26:6e:02:7d:42:21:96:e3:c1:
                    8e:aa:a7:87:8a:1d:e1:d1:eb:e4:93:35:ce:32:e5:
                    91:01:ce:cc:f0:46:40:18:02:30:53:c1:da:cf:ed:
                    05:66:fe:8d:41:b4:90:ac:96:45:a4:23:20:75:5e:
                    a7:42:9e:0a:0b:84:39:d2:4a:1f:9f:c5:50:1f:dc:
                    57:95:85:da:c0:b8:5a:9c:9f:14:42:a7:ae:b7:0a:
                    dd:60:f1:70:a5:cc:1c:3e:e8:12:92:67:63:6f:70:
                    c0:5f:52:91:4d:dc:0d:9d:91:ea:57:63:07:74:98:
                    8e:32:08:ab:33:67:8d:64:14:d1:9d:94:64:03:ff:
                    94:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207099

    Signature Algorithm: sha256WithRSAEncryption
         b1:c5:2b:e0:47:ac:fe:ba:c4:d0:6a:78:2a:b2:0f:0a:e1:47:
         35:68:54:20:42:34:42:3f:da:a7:b2:4d:3a:35:b4:c7:4e:b3:
         52:e0:bc:5b:c7:74:27:89:59:6f:92:23:e8:d1:d5:34:9d:05:
         93:10:9b:6f:6e:2a:2f:df:f0:5d:d9:e0:35:59:01:6e:a0:64:
         c8:5e:9a:0c:bd:d3:14:ef:d5:c5:1f:ed:e9:58:2c:8a:da:08:
         3d:f3:60:22:ec:05:da:5f:37:81:3f:44:c3:f2:2c:8c:68:6a:
         be:45:50:ea:56:2d:ab:43:34:72:d9:7c:8a:87:62:80:04:06:
         fa:cc:99:97:6f:af:65:79:69:82:f8:93:7a:6a:43:7b:77:07:
         f2:08:60:51:e7:f6:c0:da:81:bf:39:9f:ac:93:94:08:16:09:
         68:14:0b:08:2d:90:64:8b:e4:23:a8:41:02:d9:b3:f1:da:b3:
         9a:a8:a1:e7:e9:2a:18:14:8c:57:ac:78:f3:6c:12:b6:51:d7:
         e7:39:cd:ee:35:ae:c7:a8:44:a8:dc:90:6e:32:9c:b0:56:82:
         f1:da:32:a3:94:c4:d6:65:96:67:e4:b5:aa:e3:5d:a3:55:6e:
         3c:3e:2a:d4:1b:a9:77:bb:29:eb:7a:b9:d2:f4:a5:e0:d8:f2:
         3d:61:f0:42
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZdgodCLIa9qH82GGwoATpRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjExMjAxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzEwNzdjY2M0ODJiOTFiNDU5OWY1MmM5NGE4ODkwMDEzOTI0OWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLwFDYa8XYtuspQI7TBqNERaJOLk
7IcTnaMwv20OEz38SovXCM9Z1EV5pRJqgtPNCQvj8iaNrkWRAsa2xL9NUE/9G6l6
2xZwEANtGPv+EPEWwQ6Ob1mr8YKBcx+FE9NTV9M7802kFymKzKJDLTT03upfA20n
LyKgRRNfq/AmbgJ9QiGW48GOqqeHih3h0evkkzXOMuWRAc7M8EZAGAIwU8Haz+0F
Zv6NQbSQrJZFpCMgdV6nQp4KC4Q50kofn8VQH9xXlYXawLhanJ8UQqeutwrdYPFw
pcwcPugSkmdjb3DAX1KRTdwNnZHqV2MHdJiOMgirM2eNZBTRnZRkA/+UeQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGMQd8zEgrkbRZn1LJSoiQATkkn/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0LzgxNDI1
My1mMjFmLTRiYzgtYjc2OC04MDRiNzYwZGQ4NzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvODE0MjUz
LWYyMWYtNGJjOC1iNzY4LTgwNGI3NjBkZDg3OS8xL1l4QjN6TVNDdVJ0Rm1mVXNs
S2lKQUJPU1NmOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMo+zANBgkqhkiG9w0BAQsFAAOCAQEAscUr4Ees/rrE
0Gp4KrIPCuFHNWhUIEI0Qj/ap7JNOjW0x06zUuC8W8d0J4lZb5Ij6NHVNJ0FkxCb
b24qL9/wXdngNVkBbqBkyF6aDL3TFO/VxR/t6VgsitoIPfNgIuwF2l83gT9Ew/Is
jGhqvkVQ6lYtq0M0ctl8iodigAQG+syZl2+vZXlpgviTempDe3cH8ghgUef2wNqB
vzmfrJOUCBYJaBQLCC2QZIvkI6hBAtmz8dqzmqih5+kqGBSMV6x482wStlHX5znN
7jWux6hEqNyQbjKcsFaC8doyo5TE1mWWZ+S1quNdo1VuPD4q1Bupd7sp63q50vSl
4NjyPWHwQg==
-----END CERTIFICATE-----