Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_m-zjWufNfVcZIPDeGmR__jVJ0I.cer
File:                     _m-zjWufNfVcZIPDeGmR__jVJ0I.cer (raw, json)
Hash identifier:          hAmOmZ/fjoNgt5Mr+Fc6i0Xy/IMKEScc9KUH07gVDfs=
Subject key identifier:   FE:6F:B3:8D:6B:9F:35:F5:5C:64:83:C3:78:69:91:FF:F8:D5:27:42
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2AC117141CEFA2C40B7317DD3743B7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1e/24908e-4819-4874-a1ed-f059cdc77989/1/_m-zjWufNfVcZIPDeGmR__jVJ0I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1e/24908e-4819-4874-a1ed-f059cdc77989/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:34:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 38939

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:c1:17:14:1c:ef:a2:c4:0b:73:17:dd:37:43:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:34:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fe6fb38d6b9f35f55c6483c3786991fff8d52742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:dd:2d:f4:8b:65:dd:4c:55:c8:72:59:31:09:
                    02:5e:11:28:ec:f5:b2:17:22:76:e0:34:96:43:f1:
                    13:66:bb:b1:f7:34:ea:d3:d5:9c:01:ca:5e:12:2f:
                    3a:0d:94:9e:59:1d:16:77:dd:7a:ec:e5:27:87:1b:
                    30:d2:5a:f8:63:d6:bd:70:e5:76:a3:69:2f:dc:e8:
                    da:6a:13:33:ab:5a:34:3b:9f:fe:72:ff:72:79:87:
                    c3:6b:31:8f:e0:24:b9:74:ef:52:54:d5:0c:67:5f:
                    a3:09:2a:83:13:f4:d1:4e:1d:1a:5a:35:8a:10:f2:
                    e4:5d:33:38:c4:2d:e1:08:a0:bf:8a:b7:49:a8:be:
                    65:b4:b2:90:9d:1d:85:be:ad:38:e7:e3:c6:2f:e2:
                    9f:b4:fd:f3:52:3f:f2:75:c8:7b:a7:c5:ae:e7:6a:
                    4c:be:60:1b:93:8c:bb:91:75:c5:c3:f1:15:5e:74:
                    0b:7c:65:34:84:18:85:78:55:09:8d:3e:ac:cc:db:
                    aa:5c:e8:00:af:30:d4:62:db:ec:c8:19:29:3c:c5:
                    e6:5e:c3:41:41:d9:a2:01:a5:7f:7b:8e:93:bb:5b:
                    96:a2:6d:5d:e9:db:84:1a:58:16:0e:5f:12:89:5f:
                    13:f3:2b:4d:f6:39:92:9a:bc:87:78:18:21:cb:6f:
                    79:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:6F:B3:8D:6B:9F:35:F5:5C:64:83:C3:78:69:91:FF:F8:D5:27:42
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/24908e-4819-4874-a1ed-f059cdc77989/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/24908e-4819-4874-a1ed-f059cdc77989/1/_m-zjWufNfVcZIPDeGmR__jVJ0I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38939

    Signature Algorithm: sha256WithRSAEncryption
         56:84:30:63:d0:86:9e:0f:be:b6:c6:19:be:f8:7d:74:46:01:
         d4:41:bd:8c:73:68:9c:61:4f:5e:ce:6a:47:89:49:c8:7d:7d:
         61:bd:63:e8:c8:e4:dc:19:b1:57:d1:7c:50:75:c9:66:45:f0:
         38:6d:83:13:a1:99:90:4e:4d:9e:95:20:9d:24:2e:f0:40:fa:
         f1:d0:0f:80:dd:b6:87:fe:97:0c:e2:5e:28:8e:11:7c:5c:81:
         a4:e6:e5:fb:44:f2:5c:7a:95:21:b7:73:24:53:27:6f:63:c3:
         e8:4d:71:20:7c:93:23:c5:2d:ce:01:e9:28:b5:84:ef:86:a8:
         fd:5f:43:9e:b2:26:a8:7a:b5:45:90:02:fb:82:58:b0:44:44:
         69:dc:cd:66:66:ed:fb:3d:81:a2:1e:e5:0c:12:7b:9d:5d:b7:
         e7:01:6f:40:90:68:ab:3e:18:64:09:7f:84:5c:4d:21:20:96:
         d7:bd:07:80:66:5f:7e:94:eb:82:0c:fb:8a:24:71:59:fc:65:
         a4:c2:29:a7:e2:e9:f1:42:46:fe:8f:15:2b:8b:50:01:69:22:
         df:b4:a8:1b:f0:39:f2:2b:c6:fb:fc:7a:f2:89:0c:cb:df:5f:
         cd:a5:29:e8:d0:f9:a8:c4:1c:33:f6:64:cd:0f:c4:05:b2:c1:
         77:33:69:5a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzKKsEXFBzvosQLcxfdN0O3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTZmYjM4ZDZiOWYzNWY1NWM2NDgzYzM3ODY5OTFmZmY4ZDUyNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd0t9Itl3UxVyHJZMQkCXhEo7PWy
FyJ24DSWQ/ETZrux9zTq09WcAcpeEi86DZSeWR0Wd9167OUnhxsw0lr4Y9a9cOV2
o2kv3OjaahMzq1o0O5/+cv9yeYfDazGP4CS5dO9SVNUMZ1+jCSqDE/TRTh0aWjWK
EPLkXTM4xC3hCKC/irdJqL5ltLKQnR2Fvq045+PGL+KftP3zUj/ydch7p8Wu52pM
vmAbk4y7kXXFw/EVXnQLfGU0hBiFeFUJjT6szNuqXOgArzDUYtvsyBkpPMXmXsNB
QdmiAaV/e46Tu1uWom1d6duEGlgWDl8SiV8T8ytN9jmSmryHeBghy295SwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFP5vs41rnzX1XGSDw3hpkf/41SdCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFlLzI0OTA4
ZS00ODE5LTQ4NzQtYTFlZC1mMDU5Y2RjNzc5ODkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUvMjQ5MDhl
LTQ4MTktNDg3NC1hMWVkLWYwNTljZGM3Nzk4OS8xL19tLXpqV3VmTmZWY1pJUERl
R21SX19qVkowSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCYGzANBgkqhkiG9w0BAQsFAAOCAQEAVoQwY9CGng++
tsYZvvh9dEYB1EG9jHNonGFPXs5qR4lJyH19Yb1j6Mjk3BmxV9F8UHXJZkXwOG2D
E6GZkE5NnpUgnSQu8ED68dAPgN22h/6XDOJeKI4RfFyBpObl+0TyXHqVIbdzJFMn
b2PD6E1xIHyTI8UtzgHpKLWE74ao/V9DnrImqHq1RZAC+4JYsEREadzNZmbt+z2B
oh7lDBJ7nV235wFvQJBoqz4YZAl/hFxNISCW170HgGZffpTrggz7iiRxWfxlpMIp
p+Lp8UJG/o8VK4tQAWki37SoG/A58ivG+/x68okMy99fzaUp6ND5qMQcM/ZkzQ/E
BbLBdzNpWg==
-----END CERTIFICATE-----