Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec-LeUKRfpYPFyl9xhdHvLB2jhE.cer
File:                     ec-LeUKRfpYPFyl9xhdHvLB2jhE.cer (raw, json)
Hash identifier:          vRUT5NgxoX7rEeEhd1OFICcmM28eIPB3e0ORd/GLaP8=
Subject key identifier:   79:CF:8B:79:42:91:7E:96:0F:17:29:7D:C6:17:47:BC:B0:76:8E:11
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018DAD48200F327F89ABFC2DAE8449984874
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/ec-LeUKRfpYPFyl9xhdHvLB2jhE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 15 Feb 2024 15:00:01 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 217.18.90.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ad:48:20:0f:32:7f:89:ab:fc:2d:ae:84:49:98:48:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 15 15:00:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=79cf8b7942917e960f17297dc61747bcb0768e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ca:09:e7:70:85:ae:9d:c2:81:7a:e9:4d:af:
                    f2:04:4b:40:ac:c4:4d:47:41:17:d8:c3:77:17:d6:
                    00:70:15:39:c4:12:b4:63:94:11:c8:cf:18:a9:79:
                    3f:df:e1:cf:8d:7e:ca:37:ce:94:17:de:d8:55:31:
                    6a:18:36:c5:78:30:1b:4a:fc:bb:fc:3b:b8:69:84:
                    5a:90:6c:d7:6e:d0:7c:0d:e3:f2:53:13:c6:81:dc:
                    dc:2f:0a:88:b0:b5:1d:2c:56:79:81:11:ef:bd:e5:
                    63:ad:36:ac:39:07:37:98:d8:15:38:55:1a:be:b1:
                    72:26:6b:5f:31:d9:3e:63:47:06:7b:c4:45:20:5f:
                    b9:ed:82:99:fc:6c:75:10:c6:63:ab:9e:4e:11:95:
                    0c:d0:d2:fa:3d:7b:36:a5:62:14:24:f3:33:64:88:
                    76:3a:31:cc:0c:a5:89:bf:a8:bf:68:40:5f:b7:80:
                    c3:89:0c:b9:4b:5f:ba:eb:a8:2b:7c:3b:82:d6:f6:
                    95:09:44:3e:58:98:fa:c8:31:64:ee:3b:dc:42:f5:
                    a2:94:03:32:48:74:52:e8:c4:4c:d9:2c:50:79:00:
                    7b:d6:b0:24:03:c4:a8:87:dc:0c:a5:0a:c2:42:92:
                    f6:f4:0d:61:b3:66:c3:1f:19:19:9a:b3:c6:a4:b8:
                    71:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:CF:8B:79:42:91:7E:96:0F:17:29:7D:C6:17:47:BC:B0:76:8E:11
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/ec-LeUKRfpYPFyl9xhdHvLB2jhE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.18.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:bd:30:34:80:51:db:01:13:e4:4b:3e:33:79:2c:2f:53:f9:
         5e:1f:78:ff:b1:cf:c5:25:e4:1d:99:00:83:af:57:b5:e7:64:
         fe:e5:1a:cc:fc:8e:56:9b:f6:3f:67:b0:b8:f0:43:7a:22:7f:
         52:29:34:c3:b2:73:72:b4:ea:3b:76:f1:c7:30:00:84:72:38:
         39:3a:54:d2:94:4c:d5:7a:aa:e7:e0:58:fa:f3:c1:e0:43:43:
         ae:e4:d9:3b:cd:79:e9:4f:a7:5a:e8:16:af:4f:a6:b9:75:b6:
         f9:24:8f:82:85:8b:2d:de:53:23:4e:e1:93:5b:df:91:bf:57:
         65:f1:51:9b:60:84:5c:e4:79:a4:66:ca:4c:a1:99:d9:3b:cf:
         9b:18:90:d1:a2:20:ed:43:f7:cd:04:cb:8a:17:a0:55:e8:4a:
         bf:af:36:c4:cb:4c:0a:3f:c2:78:54:a8:c1:41:26:9a:d2:7a:
         10:1b:0c:b5:6c:60:97:43:2f:3c:9d:d9:fe:59:68:50:f6:36:
         d4:9c:97:3d:f0:bd:3b:89:9f:b9:3a:3e:61:88:5c:66:ad:62:
         e4:4d:06:4d:cf:d4:9d:81:26:04:0b:6d:e5:72:92:e8:6a:3f:
         ff:a8:4a:9d:50:68:54:f1:06:8f:59:be:7f:a8:3f:ed:fe:a9:
         33:36:d6:59
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY2tSCAPMn+Jq/wtroRJmEh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjE1MTUwMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWNmOGI3OTQyOTE3ZTk2MGYxNzI5N2RjNjE3NDdiY2IwNzY4ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8oJ53CFrp3CgXrpTa/yBEtArMRN
R0EX2MN3F9YAcBU5xBK0Y5QRyM8YqXk/3+HPjX7KN86UF97YVTFqGDbFeDAbSvy7
/Du4aYRakGzXbtB8DePyUxPGgdzcLwqIsLUdLFZ5gRHvveVjrTasOQc3mNgVOFUa
vrFyJmtfMdk+Y0cGe8RFIF+57YKZ/Gx1EMZjq55OEZUM0NL6PXs2pWIUJPMzZIh2
OjHMDKWJv6i/aEBft4DDiQy5S1+666grfDuC1vaVCUQ+WJj6yDFk7jvcQvWilAMy
SHRS6MRM2SxQeQB71rAkA8Soh9wMpQrCQpL29A1hs2bDHxkZmrPGpLhxbQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFHnPi3lCkX6WDxcpfcYXR7ywdo4RMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UwLzQ0NGQy
Mi00YjA1LTRiODMtYjhlNy03Nzk4MjBhNmM4MWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAvNDQ0ZDIy
LTRiMDUtNGI4My1iOGU3LTc3OTgyMGE2YzgxYy8xL2VjLUxlVUtSZnBZUEZ5bDl4
aGRIdkxCMmpoRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQA2RJaMA0GCSqGSIb3DQEBCwUAA4IBAQCUvTA0
gFHbARPkSz4zeSwvU/leH3j/sc/FJeQdmQCDr1e152T+5RrM/I5Wm/Y/Z7C48EN6
In9SKTTDsnNytOo7dvHHMACEcjg5OlTSlEzVeqrn4Fj688HgQ0Ou5Nk7zXnpT6da
6BavT6a5dbb5JI+ChYst3lMjTuGTW9+Rv1dl8VGbYIRc5HmkZspMoZnZO8+bGJDR
oiDtQ/fNBMuKF6BV6Eq/rzbEy0wKP8J4VKjBQSaa0noQGwy1bGCXQy88ndn+WWhQ
9jbUnJc98L07iZ+5Oj5hiFxmrWLkTQZNz9SdgSYEC23lcpLoaj//qEqdUGhU8QaP
Wb5/qD/t/qkzNtZZ
-----END CERTIFICATE-----