Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer
File:                     dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer (raw, json)
Hash identifier:          fHkSkB/zjgRPA1zaSVqbmsq7TYypa2CrBLBqhf5Pocc=
Subject key identifier:   75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC34948AAF1D07D0994EEE04054B34F7A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:30:09 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 205913
                          IP: 185.202.76.0/22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:48:aa:f1:d0:7d:09:94:ee:e0:40:54:b3:4f:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=752b0d72bf0743bf2cdc78ba1f53e9a988f9af1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:69:4f:35:31:8b:96:ab:99:e4:c7:b0:31:5c:
                    49:9a:d8:5c:96:da:a6:98:3b:03:d7:68:a9:08:1d:
                    a3:b3:f7:90:10:cd:44:b6:dd:3d:78:7f:2d:34:01:
                    c4:e8:58:69:89:97:1e:0b:71:a3:a5:dc:77:10:ee:
                    5c:92:90:bf:56:5f:29:b5:47:6b:78:98:5f:90:71:
                    1a:94:e8:3e:66:e6:8b:a9:c9:39:cf:c2:2d:5f:50:
                    df:69:c3:1c:1a:1f:3e:a2:be:f6:c4:df:c5:e5:e6:
                    af:55:27:f8:f1:88:c1:97:25:60:61:f7:e0:13:65:
                    6c:77:9f:56:25:3e:77:b5:41:ce:3b:c1:fa:db:e9:
                    3a:04:0b:a9:34:8a:50:8e:1e:6b:10:ce:8f:83:0a:
                    19:d8:72:60:f7:a2:2e:3c:8f:5d:0a:17:29:3c:df:
                    ba:2b:41:a3:ef:79:5b:1e:5b:bf:7b:61:3d:95:c5:
                    15:ca:7f:29:43:db:e2:0c:23:26:27:74:c6:79:43:
                    1c:e5:13:90:7b:77:13:df:0f:90:9b:9f:be:83:49:
                    24:9a:d0:01:6b:8c:ca:bb:d5:f9:8d:06:66:be:2f:
                    15:f4:f9:61:43:22:fa:3b:0b:6f:e0:00:b2:17:5e:
                    47:7a:04:bd:d0:81:e7:e3:23:ca:5f:ad:d3:82:b7:
                    4a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.202.76.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205913

    Signature Algorithm: sha256WithRSAEncryption
         a0:de:5b:70:9e:e4:64:fc:0b:69:a8:35:12:b0:a7:56:8d:43:
         0e:48:ff:99:91:83:4a:85:d4:f4:d4:dc:27:63:77:e1:b5:7d:
         d3:31:69:7a:19:0b:78:80:c8:57:94:c8:96:8a:34:d6:ab:67:
         58:fb:cf:e5:e1:2b:12:54:07:4b:52:7f:04:4d:9a:02:d3:5c:
         71:19:f9:87:ba:26:0e:f3:a5:27:3c:ba:ce:d0:1b:59:53:0e:
         b9:58:e5:41:2b:c0:7a:59:78:ce:66:65:ab:8a:fd:80:44:ff:
         66:fe:07:a6:dc:06:bb:6b:51:0f:14:da:37:6c:9f:74:fd:7f:
         a6:35:c4:3f:19:22:02:36:8a:1d:94:64:7e:6c:1f:42:f9:2f:
         15:7e:12:c4:2b:47:3f:20:48:3d:3c:b7:2f:39:19:00:82:f9:
         5d:d1:09:cf:44:be:31:00:13:b3:ba:28:0f:8b:92:fc:6e:e9:
         b9:e2:d4:b5:ec:b6:34:b2:fc:4c:bf:94:6b:6d:16:b9:f7:5c:
         c6:af:42:fd:8f:6c:e8:28:4c:00:fe:c1:2b:8d:54:c0:3a:d2:
         f3:97:a0:f9:3f:25:a2:bf:10:0a:71:d1:cf:7a:aa:c9:b5:ea:
         31:c4:37:a2:57:c8:99:fb:f6:7c:3f:eb:c3:84:a5:4f:b2:4b:
         e1:6f:d8:49
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDSUiq8dB9CZTu4EBUs096MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJiMGQ3MmJmMDc0M2JmMmNkYzc4YmExZjUzZTlhOTg4ZjlhZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22lPNTGLlquZ5MewMVxJmthcltqm
mDsD12ipCB2js/eQEM1Ett09eH8tNAHE6FhpiZceC3Gjpdx3EO5ckpC/Vl8ptUdr
eJhfkHEalOg+ZuaLqck5z8ItX1DfacMcGh8+or72xN/F5eavVSf48YjBlyVgYffg
E2Vsd59WJT53tUHOO8H62+k6BAupNIpQjh5rEM6PgwoZ2HJg96IuPI9dChcpPN+6
K0Gj73lbHlu/e2E9lcUVyn8pQ9viDCMmJ3TGeUMc5ROQe3cT3w+Qm5++g0kkmtAB
a4zKu9X5jQZmvi8V9PlhQyL6Owtv4ACyF15HegS90IHn4yPKX63TgrdKWwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFHUrDXK/B0O/LNx4uh9T6amI+a8eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwLzNhYmE3
ZS0xZDUwLTQ3MmYtOGRiNy02OTEyMTkyMTM0ZTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvM2FiYTdl
LTFkNTAtNDcyZi04ZGI3LTY5MTIxOTIxMzRlOS8xL2RTc05jcjhIUTc4czNIaTZI
MVBwcVlqNXJ4NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCucpMMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMkWTANBgkqhkiG9w0BAQsFAAOCAQEAoN5bcJ7kZPwLaag1ErCnVo1DDkj/mZGD
SoXU9NTcJ2N34bV90zFpehkLeIDIV5TIloo01qtnWPvP5eErElQHS1J/BE2aAtNc
cRn5h7omDvOlJzy6ztAbWVMOuVjlQSvAell4zmZlq4r9gET/Zv4HptwGu2tRDxTa
N2yfdP1/pjXEPxkiAjaKHZRkfmwfQvkvFX4SxCtHPyBIPTy3LzkZAIL5XdEJz0S+
MQATs7ooD4uS/G7pueLUtey2NLL8TL+Ua20Wufdcxq9C/Y9s6ChMAP7BK41UwDrS
85eg+T8lor8QCnHRz3qqybXqMcQ3olfImfv2fD/rw4SlT7JL4W/YSQ==
-----END CERTIFICATE-----