Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/deEJHTju5ZeWM68nco7pUjGv9tM.cer
File:                     deEJHTju5ZeWM68nco7pUjGv9tM.cer (raw, json)
Hash identifier:          xvoeAebodmBAjT8W0p3qsCrNeZvsD+AUOiVzsvTZuIk=
Subject key identifier:   75:E1:09:1D:38:EE:E5:97:96:33:AF:27:72:8E:E9:52:31:AF:F6:D3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019421B1F9F389A8357D8FD8FE442C29FCA3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/deEJHTju5ZeWM68nco7pUjGv9tM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 11:48:19 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 214456
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 09 Mar 2025 12:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:21:b1:f9:f3:89:a8:35:7d:8f:d8:fe:44:2c:29:fc:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 11:48:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=75e1091d38eee5979633af27728ee95231aff6d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:36:30:b1:ab:6e:46:0d:92:f6:fa:40:8d:41:
                    92:10:d0:10:7c:e4:d4:9a:76:c5:e7:fc:f2:17:6c:
                    2f:8e:3f:d3:86:82:27:02:e5:69:88:71:ba:72:cc:
                    15:4d:d9:30:46:54:0d:66:1c:bd:93:13:83:03:53:
                    69:0f:a7:6d:34:cd:99:50:d5:3b:36:f9:c2:39:2e:
                    90:f9:98:1c:e8:eb:15:62:a8:9f:ab:9e:0f:ac:19:
                    f7:f9:90:5f:a8:33:8f:2a:53:28:e0:a3:f2:10:53:
                    9b:53:9a:95:2a:4e:2b:4c:67:4b:18:a3:76:f5:d4:
                    a4:a3:70:25:13:57:53:86:57:69:51:5f:b3:8f:41:
                    ed:42:40:00:6e:ed:72:b1:e1:3f:84:cd:e2:75:2e:
                    ef:5d:d0:b0:82:73:2c:e4:df:be:07:69:ae:2a:81:
                    65:62:92:51:68:9c:f7:13:f3:f1:9a:25:8e:83:51:
                    2b:6b:c7:c7:fb:44:16:81:eb:c0:c6:a2:95:e1:eb:
                    cd:18:e2:c2:80:93:0f:ec:b4:a5:8d:f9:ad:ad:f6:
                    3b:f4:82:6f:76:6a:89:eb:76:fa:10:c9:cf:d0:4f:
                    2a:95:4a:49:6a:48:0b:50:07:72:60:5a:25:86:a7:
                    91:9a:2d:da:53:f7:14:78:2c:10:e9:d8:88:9e:d0:
                    fd:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:E1:09:1D:38:EE:E5:97:96:33:AF:27:72:8E:E9:52:31:AF:F6:D3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/deEJHTju5ZeWM68nco7pUjGv9tM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214456

    Signature Algorithm: sha256WithRSAEncryption
         6d:d4:07:64:ee:cb:1d:68:54:70:48:a0:94:ef:ad:09:a2:f2:
         cf:0b:41:c2:96:b8:1a:3f:da:67:74:07:ab:b2:7a:26:25:27:
         cd:08:72:97:88:b2:c3:a5:85:b3:95:b4:81:69:c0:6d:85:39:
         c1:d4:c5:ae:b8:ce:e7:df:15:91:bc:ab:ed:c4:f0:6d:f2:6c:
         37:6f:13:c3:44:c5:a5:df:7e:c6:43:ad:27:80:57:a2:68:f0:
         86:7b:af:c0:73:5e:0d:b0:5c:a9:47:ef:cf:66:e4:7a:c3:22:
         c8:70:0f:51:5b:5d:c3:3f:98:e5:0f:ff:2b:14:f6:45:bd:ed:
         62:3c:7b:ba:75:f3:03:b4:00:ab:57:96:b7:9b:93:05:17:32:
         f6:02:98:fb:ed:07:f0:b2:e5:85:8d:66:af:ab:97:cd:1c:1e:
         3c:3b:ab:7a:55:b3:a6:bd:9c:12:7e:d2:c6:31:29:76:5a:ed:
         25:c4:df:8a:7e:d3:da:90:f7:59:13:ac:08:11:5d:83:39:d5:
         50:1c:55:6a:2b:e6:13:52:6c:4e:69:72:99:5d:8f:58:cb:4c:
         42:38:ea:c6:f2:57:16:ff:8f:0f:ba:e8:29:ef:e8:34:3c:f5:
         da:5d:4b:c8:22:23:56:6e:42:e4:a8:39:d4:72:67:4d:ff:10:
         a0:67:1d:02
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQhsfnziag1fY/Y/kQsKfyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWUxMDkxZDM4ZWVlNTk3OTYzM2FmMjc3MjhlZTk1MjMxYWZmNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojYwsatuRg2S9vpAjUGSENAQfOTU
mnbF5/zyF2wvjj/ThoInAuVpiHG6cswVTdkwRlQNZhy9kxODA1NpD6dtNM2ZUNU7
NvnCOS6Q+Zgc6OsVYqifq54PrBn3+ZBfqDOPKlMo4KPyEFObU5qVKk4rTGdLGKN2
9dSko3AlE1dThldpUV+zj0HtQkAAbu1yseE/hM3idS7vXdCwgnMs5N++B2muKoFl
YpJRaJz3E/PxmiWOg1Era8fH+0QWgevAxqKV4evNGOLCgJMP7LSljfmtrfY79IJv
dmqJ63b6EMnP0E8qlUpJakgLUAdyYFolhqeRmi3aU/cUeCwQ6diIntD9JwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHXhCR047uWXljOvJ3KO6VIxr/bTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg0L2ZiY2U0
YS1iNmEyLTQ0ZTUtODNmYS0wZDY3MWQ0NzAwNzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQvZmJjZTRh
LWI2YTItNDRlNS04M2ZhLTBkNjcxZDQ3MDA3OC8xL2RlRUpIVGp1NVplV002OG5j
bzdwVWpHdjl0TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNFuDANBgkqhkiG9w0BAQsFAAOCAQEAbdQHZO7LHWhU
cEiglO+tCaLyzwtBwpa4Gj/aZ3QHq7J6JiUnzQhyl4iyw6WFs5W0gWnAbYU5wdTF
rrjO598Vkbyr7cTwbfJsN28Tw0TFpd9+xkOtJ4BXomjwhnuvwHNeDbBcqUfvz2bk
esMiyHAPUVtdwz+Y5Q//KxT2Rb3tYjx7unXzA7QAq1eWt5uTBRcy9gKY++0H8LLl
hY1mr6uXzRwePDurelWzpr2cEn7SxjEpdlrtJcTfin7T2pD3WROsCBFdgznVUBxV
aivmE1JsTmlymV2PWMtMQjjqxvJXFv+PD7roKe/oNDz12l1LyCIjVm5C5Kg51HJn
Tf8QoGcdAg==
-----END CERTIFICATE-----