Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d_4HosJ0vbeoiJmH4vgpV12t9R8.cer
File:                     d_4HosJ0vbeoiJmH4vgpV12t9R8.cer (raw, json)
Hash identifier:          cKLKV+DVb+wkAfDWcnygH8PXzyu9ema6t3WDMQzQfxI=
Subject key identifier:   77:FE:07:A2:C2:74:BD:B7:A8:88:99:87:E2:F8:29:57:5D:AD:F5:1F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194228E4418CF70C962112F7A6A537B6A70
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/57/97e0f7-9c9c-4eea-a650-22ccccd5b8b5/1/d_4HosJ0vbeoiJmH4vgpV12t9R8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/57/97e0f7-9c9c-4eea-a650-22ccccd5b8b5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 15:48:56 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 214026
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:8e:44:18:cf:70:c9:62:11:2f:7a:6a:53:7b:6a:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:48:56 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=77fe07a2c274bdb7a8889987e2f829575dadf51f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8c:04:69:69:d7:f4:d2:84:76:88:73:5a:c3:
                    cb:1d:1b:0a:6c:a3:c7:33:ec:1e:1c:b8:ab:58:c1:
                    1a:75:a2:31:49:97:97:69:f9:d1:97:fa:04:2e:b3:
                    f9:50:3a:96:23:31:a4:b8:e2:3b:00:cb:b9:f3:2d:
                    d3:bd:6f:25:80:b1:e4:87:a9:28:0e:0a:7a:48:79:
                    c7:8e:0c:c7:2f:57:3f:03:0c:bb:df:d2:1c:b9:68:
                    f2:9f:35:f9:92:8f:8c:62:63:b4:ef:e4:f0:39:89:
                    31:1c:7a:0c:26:63:bd:3f:f7:39:49:5d:bf:00:f2:
                    ad:6c:d6:0f:00:6f:d6:b2:c1:3b:5a:73:0a:13:22:
                    e5:df:f4:83:4b:f5:29:11:dd:d5:79:6e:48:3f:5d:
                    c7:21:f3:89:31:77:0a:e7:bf:8a:d6:b3:ce:8e:8d:
                    08:d2:98:09:24:33:d1:89:a1:eb:b2:a9:f4:d3:43:
                    a4:58:a8:f3:9a:76:fb:a4:61:ad:20:d2:f8:d8:a4:
                    4d:3a:27:ee:ca:a0:86:b9:f0:a9:1c:02:4a:4c:10:
                    b3:d7:1d:7f:91:6a:9d:d5:2c:7c:fb:01:be:80:42:
                    b7:96:22:08:c5:06:7f:4e:9a:fb:ae:a0:60:df:8b:
                    52:44:15:3a:f9:c6:7c:cf:0a:c8:9b:b2:23:08:a3:
                    a9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:FE:07:A2:C2:74:BD:B7:A8:88:99:87:E2:F8:29:57:5D:AD:F5:1F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/97e0f7-9c9c-4eea-a650-22ccccd5b8b5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/97e0f7-9c9c-4eea-a650-22ccccd5b8b5/1/d_4HosJ0vbeoiJmH4vgpV12t9R8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214026

    Signature Algorithm: sha256WithRSAEncryption
         b1:3a:3a:51:42:84:44:df:4d:da:28:1c:75:c2:94:ec:25:5c:
         97:b7:c6:c6:a8:50:ac:52:99:0f:b7:86:d6:61:3e:7c:fb:5e:
         58:cc:77:68:65:e4:f1:24:3e:fb:59:22:e3:7f:67:ec:58:d2:
         5d:23:3e:94:89:b7:b5:d1:a0:02:29:6c:6b:a4:a7:8f:cd:0a:
         2c:d6:f7:86:37:24:71:69:cc:6c:1a:bc:d2:d7:c0:af:bc:d6:
         34:2b:48:d1:24:d6:6e:52:27:5d:20:07:10:3a:8c:cb:e4:3b:
         9b:e0:55:d8:da:f0:5b:3b:9e:58:b9:26:9e:d2:94:8b:b4:b1:
         df:66:dd:7d:68:11:3b:39:df:6b:17:1d:ba:43:44:f9:4b:bc:
         20:c6:d0:e5:66:75:85:fa:4f:02:98:52:cc:3b:f5:9e:35:6b:
         be:3f:6c:3e:03:5b:2e:e7:34:85:ab:36:25:ba:2f:d3:cf:0f:
         68:a6:b9:99:1b:b4:a7:99:93:58:05:03:10:a1:0b:e9:ad:20:
         fb:98:c3:78:5d:f6:64:5d:c9:23:3b:7d:22:82:6e:af:e2:5e:
         5c:6d:6f:de:5f:44:7a:60:43:6b:ea:84:6a:e5:89:8b:6f:8e:
         cf:82:8f:79:b8:77:e4:9d:40:a6:85:b3:66:51:7f:56:64:de:
         66:bb:95:5e
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQijkQYz3DJYhEvempTe2pwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ZlMDdhMmMyNzRiZGI3YTg4ODk5ODdlMmY4Mjk1NzVkYWRmNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4wEaWnX9NKEdohzWsPLHRsKbKPH
M+weHLirWMEadaIxSZeXafnRl/oELrP5UDqWIzGkuOI7AMu58y3TvW8lgLHkh6ko
Dgp6SHnHjgzHL1c/Awy739IcuWjynzX5ko+MYmO07+TwOYkxHHoMJmO9P/c5SV2/
APKtbNYPAG/WssE7WnMKEyLl3/SDS/UpEd3VeW5IP13HIfOJMXcK57+K1rPOjo0I
0pgJJDPRiaHrsqn000OkWKjzmnb7pGGtINL42KRNOifuyqCGufCpHAJKTBCz1x1/
kWqd1Sx8+wG+gEK3liIIxQZ/Tpr7rqBg34tSRBU6+cZ8zwrIm7IjCKOpswIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHf+B6LCdL23qIiZh+L4KVddrfUfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU3Lzk3ZTBm
Ny05YzljLTRlZWEtYTY1MC0yMmNjY2NkNWI4YjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvOTdlMGY3
LTljOWMtNGVlYS1hNjUwLTIyY2NjY2Q1YjhiNS8xL2RfNEhvc0owdmJlb2lKbUg0
dmdwVjEydDlSOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNECjANBgkqhkiG9w0BAQsFAAOCAQEAsTo6UUKERN9N
2igcdcKU7CVcl7fGxqhQrFKZD7eG1mE+fPteWMx3aGXk8SQ++1ki439n7FjSXSM+
lIm3tdGgAilsa6Snj80KLNb3hjckcWnMbBq80tfAr7zWNCtI0STWblInXSAHEDqM
y+Q7m+BV2NrwWzueWLkmntKUi7Sx32bdfWgROznfaxcdukNE+Uu8IMbQ5WZ1hfpP
AphSzDv1njVrvj9sPgNbLuc0has2Jbov088PaKa5mRu0p5mTWAUDEKEL6a0g+5jD
eF32ZF3JIzt9IoJur+JeXG1v3l9EemBDa+qEauWJi2+Oz4KPebh35J1ApoWzZlF/
VmTeZruVXg==
-----END CERTIFICATE-----