Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bGuWjFE0NX35wri10EVd0C2jIEk.cer
File:                     bGuWjFE0NX35wri10EVd0C2jIEk.cer (raw, json)
Hash identifier:          6jtayffkszdnN8huphnB6s8y5jG7ELSkEBSV0KGnJQo=
Subject key identifier:   6C:6B:96:8C:51:34:35:7D:F9:C2:B8:B5:D0:45:5D:D0:2D:A3:20:49
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC86F2418CFC19EC68250E975FD856572
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1e/20f5b0-25e9-4150-82f4-d421044382d1/1/bGuWjFE0NX35wri10EVd0C2jIEk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1e/20f5b0-25e9-4150-82f4-d421044382d1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 04:29:36 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216199

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:24:18:cf:c1:9e:c6:82:50:e9:75:fd:85:65:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6c6b968c5134357df9c2b8b5d0455dd02da32049
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a5:e4:a4:a1:5c:f6:aa:55:3d:e2:cb:b3:c4:
                    5f:12:e3:8f:a3:bc:19:33:50:8f:1d:45:b6:7a:2d:
                    69:df:2e:8d:1e:f8:57:9b:e9:ca:1d:e5:18:62:b2:
                    56:52:6f:4d:a6:c1:f2:d0:dc:77:58:fe:d3:b3:e4:
                    53:94:57:7d:88:71:71:21:1e:ef:95:d2:58:29:82:
                    1a:c8:67:56:c0:72:48:93:61:5c:78:6a:13:52:3d:
                    68:92:5d:aa:0e:9b:c3:29:6b:f5:17:09:5e:8c:57:
                    ac:b8:b6:9f:ce:89:ec:24:17:cd:ee:24:6a:f9:3e:
                    a8:60:83:0f:0c:ad:53:27:ee:a7:37:70:e3:23:6e:
                    35:25:08:4e:9d:b6:69:cb:25:36:19:e3:6c:58:b0:
                    16:a3:f7:22:64:a6:cd:6f:27:e1:1c:a8:7e:7c:96:
                    ce:61:76:fd:5f:ff:14:62:33:a8:e7:5a:61:3c:cf:
                    90:6a:16:00:66:21:ba:b9:27:8c:d2:d8:09:b5:61:
                    54:2f:ff:cc:7a:dd:f9:b0:e2:90:0b:0d:e0:26:66:
                    27:9b:31:08:07:90:d8:68:60:8b:68:b0:85:8e:fd:
                    34:41:00:dd:82:ad:05:06:cf:75:03:73:89:29:1b:
                    64:16:76:e3:2a:7e:ce:31:47:19:61:33:bc:9a:bc:
                    ad:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:6B:96:8C:51:34:35:7D:F9:C2:B8:B5:D0:45:5D:D0:2D:A3:20:49
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/20f5b0-25e9-4150-82f4-d421044382d1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/20f5b0-25e9-4150-82f4-d421044382d1/1/bGuWjFE0NX35wri10EVd0C2jIEk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216199

    Signature Algorithm: sha256WithRSAEncryption
         72:8a:d6:b4:8c:a8:29:20:05:ac:48:59:5f:c4:57:4e:12:3a:
         0f:db:14:4e:8d:30:4e:f9:be:be:6b:37:12:65:46:78:0c:51:
         42:e1:0a:7f:99:c4:f8:f4:ca:94:0c:c3:69:76:94:26:1b:03:
         e3:4b:e4:da:04:7d:18:a2:b5:1c:bb:09:a2:d5:3a:ed:bd:cd:
         c9:44:34:a5:6d:ce:b3:a6:c3:a5:1f:eb:3a:55:d4:98:ec:0e:
         e8:5c:30:84:4d:08:db:e9:8a:ca:52:99:8a:07:5b:bb:ba:78:
         1d:dc:a5:4f:23:0d:84:a5:bc:26:f0:c4:12:35:4a:a0:b1:07:
         2a:61:34:a2:7a:f1:a0:8c:ee:21:07:cd:c7:b1:c4:db:93:2f:
         4c:d3:d2:a2:f7:b8:d7:a8:4d:8c:c2:1e:9a:35:b0:b2:b6:b9:
         4c:df:89:e3:22:fb:30:49:f1:24:de:d7:7c:81:cb:2e:cf:bd:
         f9:f0:59:32:5a:17:b3:75:d1:a1:0d:11:a3:39:81:ec:57:95:
         01:8e:50:52:91:e9:0f:0f:25:c7:75:fe:97:88:54:6c:5d:af:
         0c:ab:69:29:41:60:e7:07:02:32:dc:d4:37:b5:39:8c:78:04:
         0a:c7:06:cd:6b:2a:b2:28:91:d1:b6:36:2d:4f:1c:2b:09:82:
         ad:8a:97:2c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzIbyQYz8GexoJQ6XX9hWVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzZiOTY4YzUxMzQzNTdkZjljMmI4YjVkMDQ1NWRkMDJkYTMyMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6XkpKFc9qpVPeLLs8RfEuOPo7wZ
M1CPHUW2ei1p3y6NHvhXm+nKHeUYYrJWUm9NpsHy0Nx3WP7Ts+RTlFd9iHFxIR7v
ldJYKYIayGdWwHJIk2FceGoTUj1okl2qDpvDKWv1FwlejFesuLafzonsJBfN7iRq
+T6oYIMPDK1TJ+6nN3DjI241JQhOnbZpyyU2GeNsWLAWo/ciZKbNbyfhHKh+fJbO
YXb9X/8UYjOo51phPM+QahYAZiG6uSeM0tgJtWFUL//Met35sOKQCw3gJmYnmzEI
B5DYaGCLaLCFjv00QQDdgq0FBs91A3OJKRtkFnbjKn7OMUcZYTO8mrytnQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGxrloxRNDV9+cK4tdBFXdAtoyBJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFlLzIwZjVi
MC0yNWU5LTQxNTAtODJmNC1kNDIxMDQ0MzgyZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUvMjBmNWIw
LTI1ZTktNDE1MC04MmY0LWQ0MjEwNDQzODJkMS8xL2JHdVdqRkUwTlgzNXdyaTEw
RVZkMEMyaklFay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNMhzANBgkqhkiG9w0BAQsFAAOCAQEAcorWtIyoKSAF
rEhZX8RXThI6D9sUTo0wTvm+vms3EmVGeAxRQuEKf5nE+PTKlAzDaXaUJhsD40vk
2gR9GKK1HLsJotU67b3NyUQ0pW3Os6bDpR/rOlXUmOwO6FwwhE0I2+mKylKZigdb
u7p4HdylTyMNhKW8JvDEEjVKoLEHKmE0onrxoIzuIQfNx7HE25MvTNPSove416hN
jMIemjWwsra5TN+J4yL7MEnxJN7XfIHLLs+9+fBZMloXs3XRoQ0RozmB7FeVAY5Q
UpHpDw8lx3X+l4hUbF2vDKtpKUFg5wcCMtzUN7U5jHgECscGzWsqsiiR0bY2LU8c
KwmCrYqXLA==
-----END CERTIFICATE-----