Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_JNLA3cwXsv-ODshuHR0EGoeTdg.cer
File:                     _JNLA3cwXsv-ODshuHR0EGoeTdg.cer (raw, json)
Hash identifier:          gW7SJVuZMSbJqNp+2KRELQZsEExqHeKi4gK79lPbobQ=
Subject key identifier:   FC:93:4B:03:77:30:5E:CB:FE:38:3B:21:B8:74:74:10:6A:1E:4D:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC727541F9C1B569BB11DB2D0A9E8BF82
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a1/587051-ca84-431a-98bb-9de7f935fc01/1/_JNLA3cwXsv-ODshuHR0EGoeTdg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a1/587051-ca84-431a-98bb-9de7f935fc01/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:31:32 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 49461

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:54:1f:9c:1b:56:9b:b1:1d:b2:d0:a9:e8:bf:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:31:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fc934b0377305ecbfe383b21b87474106a1e4dd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e5:4f:ae:43:bf:bf:6f:b2:81:8a:47:ab:35:
                    09:fb:75:0e:11:0a:28:c2:7c:52:69:e0:e4:cd:7b:
                    c0:44:f8:37:5a:6f:e7:4b:7b:6c:f4:48:8a:79:33:
                    e2:34:c5:83:28:ee:1f:91:86:21:90:cf:77:a4:5b:
                    ff:97:68:07:0f:15:3b:95:00:71:67:11:62:3e:05:
                    76:a1:f4:50:e0:03:58:c0:f0:9e:db:18:a7:11:23:
                    8a:60:4b:a4:2e:6a:39:78:db:b2:16:91:64:69:28:
                    22:33:db:69:a9:a0:19:59:09:d1:ae:d6:2d:eb:27:
                    4e:2c:9c:9a:5e:bc:da:24:e8:47:aa:d0:c1:de:a9:
                    f1:66:cd:f6:7d:59:e0:74:29:8c:92:61:43:56:71:
                    3c:84:5d:a9:e1:88:99:68:32:5a:12:00:05:38:b4:
                    e4:38:31:c1:1e:6f:20:e7:ee:f8:21:66:7f:89:1b:
                    09:6f:74:80:e0:21:1b:62:6a:49:70:56:d4:3e:12:
                    3d:58:84:81:39:64:22:07:6a:69:b8:e0:82:b5:1f:
                    49:1f:3c:45:1e:4d:6a:d2:9e:47:12:f8:1f:ab:0c:
                    9f:82:9b:22:01:0b:d0:95:30:b9:e3:3a:03:14:08:
                    d2:8e:ab:f5:a7:e9:47:ae:08:20:10:a5:1c:56:43:
                    14:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:93:4B:03:77:30:5E:CB:FE:38:3B:21:B8:74:74:10:6A:1E:4D:D8
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/587051-ca84-431a-98bb-9de7f935fc01/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/587051-ca84-431a-98bb-9de7f935fc01/1/_JNLA3cwXsv-ODshuHR0EGoeTdg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  49461

    Signature Algorithm: sha256WithRSAEncryption
         92:7b:ec:f9:a3:2a:78:c9:36:a5:81:f6:c4:00:61:d9:9b:36:
         7b:88:dd:d6:8c:61:b4:e7:42:0a:98:10:d5:0c:e8:0e:c2:15:
         6a:84:15:1f:79:ea:7f:90:af:f9:2a:95:b2:b5:0d:f9:e3:85:
         0f:26:10:c8:cc:99:e4:53:7a:3e:49:73:66:a9:c0:e4:f3:49:
         ae:1d:ce:8b:66:20:12:7d:e4:ab:28:29:1e:36:d3:e9:9b:77:
         49:98:ad:80:d1:40:73:86:e3:66:c9:09:99:25:35:14:f6:ee:
         8d:26:f6:0f:79:4c:7f:a0:4c:1a:ce:84:b7:05:dd:54:6e:8c:
         71:0f:67:77:33:45:2e:0d:d2:63:99:c1:4a:25:24:df:64:0c:
         b4:8b:a4:f7:65:54:b3:2e:fe:36:75:1f:d3:a2:29:07:f3:48:
         1b:f7:15:2d:02:d9:63:cc:ba:17:b5:41:99:df:0a:a6:f3:16:
         9c:92:a9:69:79:98:d8:71:58:2a:e0:a0:28:51:11:c4:3a:e2:
         07:cf:80:05:98:8a:5b:e2:ab:d8:db:1e:32:c0:3f:91:e4:53:
         90:1c:aa:ce:ad:66:90:10:fc:91:a6:f8:b2:53:d1:ca:22:a3:
         46:e1:5d:5b:ed:22:d8:d4:52:d1:86:0d:f3:1a:3e:ef:db:7c:
         15:7d:3a:e4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHJ1QfnBtWm7EdstCp6L+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzkzNGIwMzc3MzA1ZWNiZmUzODNiMjFiODc0NzQxMDZhMWU0ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteVPrkO/v2+ygYpHqzUJ+3UOEQoo
wnxSaeDkzXvARPg3Wm/nS3ts9EiKeTPiNMWDKO4fkYYhkM93pFv/l2gHDxU7lQBx
ZxFiPgV2ofRQ4ANYwPCe2xinESOKYEukLmo5eNuyFpFkaSgiM9tpqaAZWQnRrtYt
6ydOLJyaXrzaJOhHqtDB3qnxZs32fVngdCmMkmFDVnE8hF2p4YiZaDJaEgAFOLTk
ODHBHm8g5+74IWZ/iRsJb3SA4CEbYmpJcFbUPhI9WISBOWQiB2ppuOCCtR9JHzxF
Hk1q0p5HEvgfqwyfgpsiAQvQlTC54zoDFAjSjqv1p+lHrgggEKUcVkMUYQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPyTSwN3MF7L/jg7Ibh0dBBqHk3YMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExLzU4NzA1
MS1jYTg0LTQzMWEtOThiYi05ZGU3ZjkzNWZjMDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvNTg3MDUx
LWNhODQtNDMxYS05OGJiLTlkZTdmOTM1ZmMwMS8xL19KTkxBM2N3WHN2LU9Ec2h1
SFIwRUdvZVRkZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDBNTANBgkqhkiG9w0BAQsFAAOCAQEAknvs+aMqeMk2
pYH2xABh2Zs2e4jd1oxhtOdCCpgQ1QzoDsIVaoQVH3nqf5Cv+SqVsrUN+eOFDyYQ
yMyZ5FN6PklzZqnA5PNJrh3Oi2YgEn3kqygpHjbT6Zt3SZitgNFAc4bjZskJmSU1
FPbujSb2D3lMf6BMGs6EtwXdVG6McQ9ndzNFLg3SY5nBSiUk32QMtIuk92VUsy7+
NnUf06IpB/NIG/cVLQLZY8y6F7VBmd8KpvMWnJKpaXmY2HFYKuCgKFERxDriB8+A
BZiKW+Kr2NseMsA/keRTkByqzq1mkBD8kab4slPRyiKjRuFdW+0i2NRS0YYN8xo+
79t8FX065A==
-----END CERTIFICATE-----