Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_PLPcoTXoDRugvN4rYMPV8OWG20.cer
File:                     _PLPcoTXoDRugvN4rYMPV8OWG20.cer (raw, json)
Hash identifier:          iixKzbFcLuvMlIQ31X4kZbrpu4GBcYjYkUngejiqEaE=
Subject key identifier:   FC:F2:CF:72:84:D7:A0:34:6E:82:F3:78:AD:83:0F:57:C3:96:1B:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019421445DEB2D1D5D29A0F6E0713ADBCED2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/95/ddad9b-c9f1-431b-b093-b6835b732ad6/1/_PLPcoTXoDRugvN4rYMPV8OWG20.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/95/ddad9b-c9f1-431b-b093-b6835b732ad6/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 09:48:36 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 49722
                          IP: 91.215.224.0/22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:21:44:5d:eb:2d:1d:5d:29:a0:f6:e0:71:3a:db:ce:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 09:48:36 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fcf2cf7284d7a0346e82f378ad830f57c3961b6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7f:09:69:d3:eb:f5:9e:8a:4a:b8:bf:1c:0b:
                    5e:f3:b9:d4:9c:04:8c:70:ec:b9:3c:07:cd:12:d2:
                    1f:d9:f3:c4:46:7b:ca:69:5c:ce:c0:e0:3f:44:0b:
                    e8:6f:7e:00:d9:8d:2f:81:2e:b7:4a:41:b2:b7:a3:
                    7e:1f:0c:80:86:ab:52:47:ca:03:99:8e:0b:2a:9f:
                    aa:25:80:8c:ff:06:f8:bb:87:de:e3:03:1c:f6:0c:
                    92:22:a9:e4:ed:20:bd:d5:79:04:84:2e:34:22:5b:
                    ba:03:ee:30:4f:51:cb:94:c6:ab:da:81:9d:65:ef:
                    aa:66:09:21:4c:c3:de:0b:54:6a:41:5b:a1:5c:aa:
                    ac:a4:6d:7f:9c:d3:a4:2b:b7:5f:b7:96:1a:ff:5b:
                    6c:1c:11:c0:41:28:ed:73:da:c8:de:03:23:10:60:
                    cb:a1:e2:b6:86:08:1b:28:74:52:95:bd:9d:95:cc:
                    0a:3d:e9:a9:2d:4f:e4:3f:78:82:82:70:e6:4e:03:
                    d2:6c:b1:b8:d9:35:cc:26:3d:d3:ea:7d:15:53:fd:
                    ba:dc:6e:97:d2:21:12:74:48:10:0e:95:36:fa:ae:
                    54:b1:ad:eb:ee:3e:a2:34:cc:e0:d6:a4:65:eb:1e:
                    73:eb:31:55:c6:26:92:d3:ce:ec:a4:a9:c1:60:7d:
                    c3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:F2:CF:72:84:D7:A0:34:6E:82:F3:78:AD:83:0F:57:C3:96:1B:6D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/ddad9b-c9f1-431b-b093-b6835b732ad6/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/ddad9b-c9f1-431b-b093-b6835b732ad6/1/_PLPcoTXoDRugvN4rYMPV8OWG20.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.215.224.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  49722

    Signature Algorithm: sha256WithRSAEncryption
         56:6c:4f:94:12:1d:c8:66:7a:60:8e:14:40:ad:6d:54:83:91:
         ff:8a:a8:a2:7e:d0:f7:25:d7:68:2e:59:0d:82:79:f5:44:ca:
         b1:9d:a9:42:a7:94:d9:f7:96:2f:3b:75:7d:88:bc:3b:f1:5b:
         b9:a1:fb:a1:fa:17:c3:ae:35:c5:6b:96:c0:79:c5:58:e4:81:
         e6:b9:d4:32:1a:58:0e:17:46:55:0d:c1:21:9f:8f:0b:7e:a4:
         c8:d4:2f:f0:71:c1:87:07:90:9a:ac:5c:f2:d3:66:5e:1e:b5:
         e5:01:6f:41:76:6c:48:8b:15:92:28:ea:00:cc:a0:ca:72:3f:
         46:f7:3e:4f:5d:1a:99:9b:ea:a8:d8:f6:38:79:f1:e6:fd:18:
         8a:6c:12:30:0f:06:2c:f8:9f:65:49:71:eb:fe:87:00:a0:69:
         e7:fd:4e:89:41:a4:ca:0b:1d:62:ed:ee:f5:97:1f:19:9d:18:
         0d:b3:66:3b:f4:8e:e2:e2:85:c9:17:06:7b:24:6f:f5:55:c1:
         37:c9:62:6a:3b:5b:20:1d:4e:bc:b8:8d:fd:cd:ce:d0:c2:2b:
         03:dd:cc:95:82:04:bf:d8:75:24:1a:e3:6c:74:c4:55:2a:38:
         f9:92:5d:da:22:63:14:0b:5c:66:26:ad:b6:d1:ad:18:2b:5b:
         2c:9d:80:ef
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQhRF3rLR1dKaD24HE6287SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2YyY2Y3Mjg0ZDdhMDM0NmU4MmYzNzhhZDgzMGY1N2MzOTYxYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn8JadPr9Z6KSri/HAte87nUnASM
cOy5PAfNEtIf2fPERnvKaVzOwOA/RAvob34A2Y0vgS63SkGyt6N+HwyAhqtSR8oD
mY4LKp+qJYCM/wb4u4fe4wMc9gySIqnk7SC91XkEhC40Ilu6A+4wT1HLlMar2oGd
Ze+qZgkhTMPeC1RqQVuhXKqspG1/nNOkK7dft5Ya/1tsHBHAQSjtc9rI3gMjEGDL
oeK2hggbKHRSlb2dlcwKPempLU/kP3iCgnDmTgPSbLG42TXMJj3T6n0VU/263G6X
0iESdEgQDpU2+q5Usa3r7j6iNMzg1qRl6x5z6zFVxiaS087spKnBYH3DiQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFPzyz3KE16A0boLzeK2DD1fDlhttMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1L2RkYWQ5
Yi1jOWYxLTQzMWItYjA5My1iNjgzNWI3MzJhZDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvZGRhZDli
LWM5ZjEtNDMxYi1iMDkzLWI2ODM1YjczMmFkNi8xL19QTFBjb1RYb0RSdWd2TjRy
WU1QVjhPV0cyMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCW9fgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDCOjANBgkqhkiG9w0BAQsFAAOCAQEAVmxPlBIdyGZ6YI4UQK1tVIOR/4qoon7Q
9yXXaC5ZDYJ59UTKsZ2pQqeU2feWLzt1fYi8O/FbuaH7ofoXw641xWuWwHnFWOSB
5rnUMhpYDhdGVQ3BIZ+PC36kyNQv8HHBhweQmqxc8tNmXh615QFvQXZsSIsVkijq
AMygynI/Rvc+T10amZvqqNj2OHnx5v0YimwSMA8GLPifZUlx6/6HAKBp5/1OiUGk
ygsdYu3u9ZcfGZ0YDbNmO/SO4uKFyRcGeyRv9VXBN8liajtbIB1OvLiN/c3O0MIr
A93MlYIEv9h1JBrjbHTEVSo4+ZJd2iJjFAtcZiatttGtGCtbLJ2A7w==
-----END CERTIFICATE-----