Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fiR7mB00T2vEwetCMx0jKDgWE3w.cer
File:                     fiR7mB00T2vEwetCMx0jKDgWE3w.cer (raw, json)
Hash identifier:          ZM5EV//JO7c7zNEObv7foCyOeBcsPo/6SS0J4PETkBY=
Subject key identifier:   7E:24:7B:98:1D:34:4F:6B:C4:C1:EB:42:33:1D:23:28:38:16:13:7C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94CA997745E646C58627AC3D53497D2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/87/83fe09-b50f-42e0-995d-4daff4350001/1/fiR7mB00T2vEwetCMx0jKDgWE3w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/87/83fe09-b50f-42e0-995d-4daff4350001/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:31:33 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 47860

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4c:a9:97:74:5e:64:6c:58:62:7a:c3:d5:34:97:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7e247b981d344f6bc4c1eb42331d23283816137c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:09:ed:3d:8a:5e:77:76:1f:af:af:68:bc:ed:
                    25:66:64:42:d9:df:d9:d4:a1:71:f0:2b:0f:13:63:
                    30:da:a7:31:3c:f1:4c:48:22:d6:ea:53:cc:bf:5d:
                    20:b0:a7:45:35:d7:c4:b1:f1:dc:f3:bd:a6:36:b3:
                    41:d2:bd:f7:0b:a4:17:f2:fa:62:ba:81:4a:a7:34:
                    dc:52:ba:60:5a:4a:cf:d5:4d:91:56:45:41:9d:1e:
                    62:c0:6b:53:9c:da:4f:64:dc:23:9d:a9:ef:87:0d:
                    ef:2d:fa:5a:21:a2:01:d9:30:3d:b2:f2:9b:45:eb:
                    a0:63:ff:56:48:06:ef:fe:3f:d6:95:f1:96:18:e6:
                    fb:55:fb:30:2f:1b:81:34:4f:a9:94:52:91:62:2c:
                    3e:6f:54:27:a1:d8:ec:27:6b:2f:7c:60:13:2f:a0:
                    e8:4b:17:77:30:7a:ff:f4:36:0b:1d:24:0a:08:e2:
                    57:42:2d:89:b5:ca:3b:dd:f4:df:eb:ef:12:cb:5a:
                    80:af:e8:b6:0d:86:d4:5b:f8:fe:27:ad:73:b3:4c:
                    c8:ac:1e:80:85:33:7d:e3:dd:cc:a7:13:c9:dd:91:
                    2d:9f:9c:b0:d8:c5:9b:e9:5e:2f:b0:e0:af:9a:59:
                    0b:06:92:b1:93:19:d4:71:57:ab:66:aa:1f:7d:2e:
                    3f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:24:7B:98:1D:34:4F:6B:C4:C1:EB:42:33:1D:23:28:38:16:13:7C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/83fe09-b50f-42e0-995d-4daff4350001/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/83fe09-b50f-42e0-995d-4daff4350001/1/fiR7mB00T2vEwetCMx0jKDgWE3w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47860

    Signature Algorithm: sha256WithRSAEncryption
         30:b4:1f:bf:75:55:d6:39:8f:0c:b6:93:e0:d2:45:28:88:54:
         cb:aa:bb:28:fd:ee:94:61:ae:e5:be:bb:3a:2a:87:dc:45:4e:
         b8:23:b7:91:f1:99:0e:a6:b1:43:9b:9f:28:6a:8d:21:c3:bf:
         0f:dd:80:1c:2e:bd:38:34:91:33:13:bc:f2:1b:ae:98:80:91:
         e0:51:29:17:d7:32:dc:6f:de:c5:d6:39:b9:fa:da:8b:b2:4b:
         bf:50:9d:ba:ee:38:81:9f:33:ef:4d:cb:00:72:d2:cd:10:fc:
         01:8a:64:1c:b3:96:92:f2:f4:fd:01:d4:48:3d:52:84:45:ce:
         74:d7:6b:ec:95:e3:01:81:ff:e4:e5:db:17:35:f6:9d:d1:29:
         cf:22:ab:ed:85:ec:e0:ab:57:28:df:78:fa:44:19:e1:4e:1f:
         c4:15:43:47:e4:c0:76:ea:2e:6b:7d:10:dc:5a:ff:44:2c:e2:
         79:40:61:78:7d:d6:ed:a9:13:86:b6:b1:ad:1e:37:89:5a:09:
         e1:0b:ee:96:e4:e7:b1:00:37:e6:63:99:98:98:84:a0:28:63:
         40:28:01:e9:97:05:da:3f:14:a9:ff:44:af:07:e3:7b:43:a3:
         7c:ad:91:a7:ea:27:cc:61:61:e9:f4:02:45:46:bd:cd:74:5e:
         9f:31:6d:12
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzJTKmXdF5kbFhiesPVNJfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTI0N2I5ODFkMzQ0ZjZiYzRjMWViNDIzMzFkMjMyODM4MTYxMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwntPYped3Yfr69ovO0lZmRC2d/Z
1KFx8CsPE2Mw2qcxPPFMSCLW6lPMv10gsKdFNdfEsfHc872mNrNB0r33C6QX8vpi
uoFKpzTcUrpgWkrP1U2RVkVBnR5iwGtTnNpPZNwjnanvhw3vLfpaIaIB2TA9svKb
ReugY/9WSAbv/j/WlfGWGOb7VfswLxuBNE+plFKRYiw+b1QnodjsJ2svfGATL6Do
Sxd3MHr/9DYLHSQKCOJXQi2Jtco73fTf6+8Sy1qAr+i2DYbUW/j+J61zs0zIrB6A
hTN9493MpxPJ3ZEtn5yw2MWb6V4vsOCvmlkLBpKxkxnUcVerZqoffS4/aQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFH4ke5gdNE9rxMHrQjMdIyg4FhN8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3LzgzZmUw
OS1iNTBmLTQyZTAtOTk1ZC00ZGFmZjQzNTAwMDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvODNmZTA5
LWI1MGYtNDJlMC05OTVkLTRkYWZmNDM1MDAwMS8xL2ZpUjdtQjAwVDJ2RXdldENN
eDBqS0RnV0Uzdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC69DANBgkqhkiG9w0BAQsFAAOCAQEAMLQfv3VV1jmP
DLaT4NJFKIhUy6q7KP3ulGGu5b67OiqH3EVOuCO3kfGZDqaxQ5ufKGqNIcO/D92A
HC69ODSRMxO88huumICR4FEpF9cy3G/exdY5ufrai7JLv1Cduu44gZ8z703LAHLS
zRD8AYpkHLOWkvL0/QHUSD1ShEXOdNdr7JXjAYH/5OXbFzX2ndEpzyKr7YXs4KtX
KN94+kQZ4U4fxBVDR+TAduoua30Q3Fr/RCzieUBheH3W7akThraxrR43iVoJ4Qvu
luTnsQA35mOZmJiEoChjQCgB6ZcF2j8Uqf9Erwfje0OjfK2Rp+onzGFh6fQCRUa9
zXRenzFtEg==
-----END CERTIFICATE-----