Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dp1cUsMVfllF5mO5LtRALGBhbjs.cer
File:                     dp1cUsMVfllF5mO5LtRALGBhbjs.cer (raw, json)
Hash identifier:          JvWmBNHlYZGj8b2VDz3wFlagF01KekcZnasuarSLISs=
Subject key identifier:   76:9D:5C:52:C3:15:7E:59:45:E6:63:B9:2E:D4:40:2C:60:61:6E:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0192B87679F9BECA92AC61B5C8C0DA54D8F1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/00/cc66b2-1267-4516-a39f-376b49d52d7e/1/dp1cUsMVfllF5mO5LtRALGBhbjs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/00/cc66b2-1267-4516-a39f-376b49d52d7e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 23 Oct 2024 08:20:25 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 193.161.144.0 -- 193.161.146.255
                          IP: 193.161.154.0/23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:b8:76:79:f9:be:ca:92:ac:61:b5:c8:c0:da:54:d8:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Oct 23 08:20:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=769d5c52c3157e5945e663b92ed4402c60616e3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:85:74:2a:ff:e7:6c:93:8b:8a:f9:4d:ea:5b:
                    50:56:18:d7:b5:1e:d8:34:ac:46:f0:5f:f5:78:de:
                    fc:7c:4d:67:ba:fe:3e:30:c8:13:bf:d7:ce:54:5e:
                    f8:ab:93:9a:f0:e3:ab:12:16:66:3c:6a:9d:63:81:
                    27:7c:69:b7:b0:b3:c9:ad:a3:74:0b:0f:00:77:d7:
                    b1:f6:87:1e:8b:0b:9e:d5:1c:fa:35:5b:42:cd:e0:
                    1f:1d:e7:5c:f5:bc:47:6e:76:17:05:19:db:e8:55:
                    16:a5:81:6e:e9:f3:a2:2f:e3:16:aa:a8:05:13:8c:
                    77:23:7b:1e:56:d7:77:03:df:d1:c9:c3:0b:51:c6:
                    c7:f3:57:70:5b:af:a0:ec:f8:14:a2:5b:f6:25:ef:
                    38:78:2e:c0:f7:e4:9f:df:56:18:98:49:1e:ea:cd:
                    e9:29:ee:45:f7:0e:bd:e6:05:75:ba:e5:7f:50:75:
                    a6:5a:df:fb:64:8a:a9:93:cd:d4:12:69:09:38:77:
                    1c:8c:ee:6b:05:2c:00:44:88:9f:1f:cb:31:0b:69:
                    cd:3c:99:48:0b:ce:9f:86:ef:be:b4:7a:77:dc:64:
                    71:9d:3e:74:75:60:67:fb:eb:1d:3a:a8:8a:5b:44:
                    dd:62:79:34:1d:ce:c6:c8:91:1d:6e:d5:82:ba:2a:
                    c6:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:9D:5C:52:C3:15:7E:59:45:E6:63:B9:2E:D4:40:2C:60:61:6E:3B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cc66b2-1267-4516-a39f-376b49d52d7e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cc66b2-1267-4516-a39f-376b49d52d7e/1/dp1cUsMVfllF5mO5LtRALGBhbjs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.161.144.0-193.161.146.255
                  193.161.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         27:1c:13:8a:7b:d4:60:2c:a4:40:6d:5f:23:bc:dc:5e:99:2e:
         45:00:7b:6a:14:f5:b3:5b:74:93:92:f0:58:85:4a:f6:11:ed:
         09:76:81:8a:69:dc:54:4e:aa:cc:de:17:b5:c0:4f:82:42:04:
         fe:2c:dd:bf:7d:8b:a3:a0:ae:50:42:8d:6b:b2:5e:64:ba:fe:
         53:21:2f:5e:d5:3d:24:97:65:8c:0e:8b:1b:75:53:7b:eb:e9:
         6c:a4:ff:f3:62:2a:99:59:16:e7:fe:25:95:15:54:37:d3:0f:
         42:60:22:74:2e:85:b1:09:54:10:a8:e6:f6:36:3d:ae:a7:cb:
         f0:ff:8e:7c:9e:10:7b:af:7b:36:8f:a3:ac:ec:8e:f3:7a:5c:
         2f:ef:35:b6:e5:95:36:28:a6:1b:fa:cb:b4:d9:d8:77:69:2f:
         2c:d9:3a:8b:02:24:29:dd:bf:15:40:48:7f:56:68:48:1f:9d:
         09:5b:72:1d:7a:0f:39:1a:b1:7a:e1:df:8c:30:1b:7f:74:6e:
         e4:d3:fd:38:27:39:20:85:18:ac:e8:a9:96:93:ab:82:b3:33:
         24:74:9e:66:9a:a6:36:8f:3b:78:8d:fa:cc:73:64:48:2e:46:
         8c:ed:58:3d:bc:01:51:dd:9e:e5:61:3d:38:d3:1d:0f:4e:ef:
         5a:02:d7:66
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZK4dnn5vsqSrGG1yMDaVNjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMDIzMDgyMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjlkNWM1MmMzMTU3ZTU5NDVlNjYzYjkyZWQ0NDAyYzYwNjE2ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoV0Kv/nbJOLivlN6ltQVhjXtR7Y
NKxG8F/1eN78fE1nuv4+MMgTv9fOVF74q5Oa8OOrEhZmPGqdY4EnfGm3sLPJraN0
Cw8Ad9ex9oceiwue1Rz6NVtCzeAfHedc9bxHbnYXBRnb6FUWpYFu6fOiL+MWqqgF
E4x3I3seVtd3A9/RycMLUcbH81dwW6+g7PgUolv2Je84eC7A9+Sf31YYmEke6s3p
Ke5F9w695gV1uuV/UHWmWt/7ZIqpk83UEmkJOHccjO5rBSwARIifH8sxC2nNPJlI
C86fhu++tHp33GRxnT50dWBn++sdOqiKW0TdYnk0Hc7GyJEdbtWCuirGUQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHadXFLDFX5ZReZjuS7UQCxgYW47MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2NjNjZi
Mi0xMjY3LTQ1MTYtYTM5Zi0zNzZiNDlkNTJkN2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvY2M2NmIy
LTEyNjctNDUxNi1hMzlmLTM3NmI0OWQ1MmQ3ZS8xL2RwMWNVc01WZmxsRjVtTzVM
dFJBTEdCaGJqcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUF
BwEHAQH/BB4wHDAaBAIAATAUMAwDBATBoZADBADBoZIDBAHBoZowDQYJKoZIhvcN
AQELBQADggEBACccE4p71GAspEBtXyO83F6ZLkUAe2oU9bNbdJOS8FiFSvYR7Ql2
gYpp3FROqszeF7XAT4JCBP4s3b99i6OgrlBCjWuyXmS6/lMhL17VPSSXZYwOixt1
U3vr6Wyk//NiKplZFuf+JZUVVDfTD0JgInQuhbEJVBCo5vY2Pa6ny/D/jnyeEHuv
ezaPo6zsjvN6XC/vNbbllTYophv6y7TZ2HdpLyzZOosCJCndvxVASH9WaEgfnQlb
ch16DzkasXrh34wwG390buTT/TgnOSCFGKzoqZaTq4KzMyR0nmaapjaPO3iN+sxz
ZEguRoztWD28AVHdnuVhPTjTHQ9O71oC12Y=
-----END CERTIFICATE-----