Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZEZaih6OQvGmDSeBmMMgrsDz99w.cer
File:                     ZEZaih6OQvGmDSeBmMMgrsDz99w.cer (raw, json)
Hash identifier:          HIXqmt8bDFDtDwXggsnEpMXMOo3fiHOvUkAnIwE/njA=
Subject key identifier:   64:46:5A:8A:1E:8E:42:F1:A6:0D:27:81:98:C3:20:AE:C0:F3:F7:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56E4EF0DAAE53A1056F73111C8B022C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f7/338d33-72c6-4802-aefe-70e60edbc1e7/1/ZEZaih6OQvGmDSeBmMMgrsDz99w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f7/338d33-72c6-4802-aefe-70e60edbc1e7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:29:49 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 202049
                          IP: 193.162.134.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:4e:f0:da:ae:53:a1:05:6f:73:11:1c:8b:02:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=64465a8a1e8e42f1a60d278198c320aec0f3f7dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c7:9a:49:55:5b:f5:18:2a:0b:15:ec:94:b9:
                    09:f8:4d:41:5e:a0:f8:b1:7b:bf:c6:86:b1:1c:a5:
                    82:68:4f:26:42:66:03:b1:1d:be:ea:fd:63:13:bb:
                    a7:5a:8d:a5:59:b3:ca:09:22:1a:42:6d:84:d5:e4:
                    da:ff:83:69:2b:ed:f6:f9:9e:f3:60:3d:da:17:5b:
                    4a:94:1e:7c:c3:85:11:e1:26:00:57:89:bb:3e:42:
                    3b:45:3f:17:53:8f:70:6f:ab:63:0b:9a:1b:01:f1:
                    fb:23:0f:0b:a9:f7:fc:93:ca:31:38:14:67:51:56:
                    08:b3:b6:a5:bb:29:a7:38:00:d3:2f:54:a7:5f:6d:
                    2a:19:35:cc:31:0b:88:5d:3e:3f:f1:a6:8b:68:65:
                    97:7a:f5:40:e8:3c:db:79:1e:c1:d3:d6:98:e7:01:
                    44:94:e1:80:5f:c2:13:e6:75:ea:62:39:ab:7d:d2:
                    91:15:32:e9:2a:78:bd:73:e3:99:bd:71:35:2e:e2:
                    b6:3c:2f:1d:01:50:40:cc:ca:89:5b:e9:da:04:88:
                    6c:7d:e0:50:0c:2b:5e:6f:45:17:77:6a:79:62:a7:
                    dd:c8:d8:56:bc:c2:d3:5a:56:d5:7d:90:f4:41:4b:
                    87:8b:95:ee:69:c5:c9:d3:72:50:5b:ba:45:fa:8d:
                    25:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:46:5A:8A:1E:8E:42:F1:A6:0D:27:81:98:C3:20:AE:C0:F3:F7:DC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/338d33-72c6-4802-aefe-70e60edbc1e7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/338d33-72c6-4802-aefe-70e60edbc1e7/1/ZEZaih6OQvGmDSeBmMMgrsDz99w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.162.134.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202049

    Signature Algorithm: sha256WithRSAEncryption
         54:00:30:7e:7d:7e:a5:79:c9:0e:62:67:35:a7:5a:70:9b:17:
         cf:af:2d:81:07:99:17:8e:b2:19:f3:30:d1:68:c1:be:bf:ba:
         a5:6f:14:c8:94:69:e0:2b:3d:94:ee:9d:fe:b4:8d:54:03:75:
         d0:29:b5:40:c9:f0:16:68:cb:a3:c2:0f:ce:2f:84:16:81:04:
         a5:ad:25:46:e0:4e:21:c4:57:c9:e6:b6:64:4c:46:ae:34:a6:
         5c:01:62:95:00:62:74:53:6b:23:2b:1b:5a:dd:63:69:c6:cf:
         87:d7:50:a2:9d:cd:84:0c:b7:78:20:c2:9d:13:e2:c1:a4:00:
         da:7c:4e:3a:32:d4:bd:cb:20:06:4a:e4:83:01:4f:ed:82:a0:
         a5:73:8f:88:a8:e2:de:ab:b7:5b:cb:4f:e5:72:36:64:01:12:
         d6:41:fd:8e:70:3e:9e:5a:d7:52:25:97:e2:f6:8e:e4:a7:d5:
         7e:9c:f5:4f:4a:bd:c4:d0:ec:88:06:99:7b:17:31:85:d5:a0:
         45:19:96:1c:4a:c2:cf:18:55:4d:f3:8c:68:24:41:cf:2d:a1:
         f5:d7:98:4d:74:3a:8f:79:ea:a1:37:b8:c0:5d:db:88:fb:45:
         f1:7b:e9:b9:80:09:b7:da:e0:19:db:f0:8e:e0:6f:d8:98:63:
         8e:63:e3:8b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzFbk7w2q5ToQVvcxEciwIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQ2NWE4YTFlOGU0MmYxYTYwZDI3ODE5OGMzMjBhZWMwZjNmN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqceaSVVb9RgqCxXslLkJ+E1BXqD4
sXu/xoaxHKWCaE8mQmYDsR2+6v1jE7unWo2lWbPKCSIaQm2E1eTa/4NpK+32+Z7z
YD3aF1tKlB58w4UR4SYAV4m7PkI7RT8XU49wb6tjC5obAfH7Iw8Lqff8k8oxOBRn
UVYIs7aluymnOADTL1SnX20qGTXMMQuIXT4/8aaLaGWXevVA6DzbeR7B09aY5wFE
lOGAX8IT5nXqYjmrfdKRFTLpKni9c+OZvXE1LuK2PC8dAVBAzMqJW+naBIhsfeBQ
DCteb0UXd2p5YqfdyNhWvMLTWlbVfZD0QUuHi5XuacXJ03JQW7pF+o0lmwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFGRGWooejkLxpg0ngZjDIK7A8/fcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y3LzMzOGQz
My03MmM2LTQ4MDItYWVmZS03MGU2MGVkYmMxZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcvMzM4ZDMz
LTcyYzYtNDgwMi1hZWZlLTcwZTYwZWRiYzFlNy8xL1pFWmFpaDZPUXZHbURTZUJt
TU1ncnNEejk5dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwaKGMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMVQTANBgkqhkiG9w0BAQsFAAOCAQEAVAAwfn1+pXnJDmJnNadacJsXz68tgQeZ
F46yGfMw0WjBvr+6pW8UyJRp4Cs9lO6d/rSNVAN10Cm1QMnwFmjLo8IPzi+EFoEE
pa0lRuBOIcRXyea2ZExGrjSmXAFilQBidFNrIysbWt1jacbPh9dQop3NhAy3eCDC
nRPiwaQA2nxOOjLUvcsgBkrkgwFP7YKgpXOPiKji3qu3W8tP5XI2ZAES1kH9jnA+
nlrXUiWX4vaO5KfVfpz1T0q9xNDsiAaZexcxhdWgRRmWHErCzxhVTfOMaCRBzy2h
9deYTXQ6j3nqoTe4wF3biPtF8XvpuYAJt9rgGdvwjuBv2JhjjmPjiw==
-----END CERTIFICATE-----