Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/g7d8noEHbPS0zv7V7vIQf3UsNjA.cer
File:                     g7d8noEHbPS0zv7V7vIQf3UsNjA.cer (raw, json)
Hash identifier:          KnQJq5zAEyzizwbO8WdUQosmyu1H7k/VUcmTCkwNwwk=
Subject key identifier:   83:B7:7C:9E:81:07:6C:F4:B4:CE:FE:D5:EE:F2:10:7F:75:2C:36:30
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0196A5BCE0FEA2BEA3AD4547B9FCFEF29E8F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/20/3dc4dd-80bb-4df5-af58-b7adf04e423d/1/g7d8noEHbPS0zv7V7vIQf3UsNjA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/20/3dc4dd-80bb-4df5-af58-b7adf04e423d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 06 May 2025 13:15:41 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 193.193.190.0/23
                          IP: 194.9.182.0/23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a5:bc:e0:fe:a2:be:a3:ad:45:47:b9:fc:fe:f2:9e:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May  6 13:15:41 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=83b77c9e81076cf4b4cefed5eef2107f752c3630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ce:c1:fe:0b:33:6e:15:01:1c:9c:6d:15:9c:
                    74:4d:6f:df:21:f9:90:8c:e6:c0:a8:aa:64:ca:45:
                    48:8e:dc:4b:0e:ec:ad:90:49:3a:0d:5b:98:d9:f2:
                    51:49:81:83:1f:68:85:4b:1f:ac:d2:c8:c9:71:36:
                    de:ff:11:9c:53:38:db:d1:83:d9:c2:4a:5c:98:67:
                    55:ec:d3:c3:ba:5a:1d:17:51:a2:20:1d:44:85:80:
                    ec:b5:1a:c4:2a:f1:6f:a7:cd:56:b6:e5:8a:90:0b:
                    4d:af:24:64:b5:c9:4d:ff:f8:c7:8a:c8:26:9e:c6:
                    7c:75:23:4e:41:c3:10:b7:8c:cb:f5:00:56:1a:55:
                    e6:70:8b:e8:af:9a:f0:42:da:8a:e4:cc:fa:be:ec:
                    2d:61:18:fb:e5:3a:e6:1a:f8:99:36:87:f8:e7:97:
                    eb:b7:3c:47:53:3b:02:b2:55:5b:2a:c3:1e:80:f7:
                    29:5a:b7:4f:8d:9f:c2:ac:58:9c:3b:8c:4f:2a:a7:
                    29:b7:59:bf:a1:78:c8:27:bf:45:77:f6:b7:d5:9a:
                    9e:b6:d8:39:7f:8d:11:2f:21:be:0c:cc:21:9e:1b:
                    72:3f:9f:8b:84:27:31:ab:12:43:df:bb:5a:8e:8d:
                    50:44:ed:32:aa:b4:81:5c:b5:71:c7:f5:95:4b:cf:
                    02:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B7:7C:9E:81:07:6C:F4:B4:CE:FE:D5:EE:F2:10:7F:75:2C:36:30
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3dc4dd-80bb-4df5-af58-b7adf04e423d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3dc4dd-80bb-4df5-af58-b7adf04e423d/1/g7d8noEHbPS0zv7V7vIQf3UsNjA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.193.190.0/23
                  194.9.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:ce:29:42:ea:82:72:64:fe:52:3a:7d:c0:99:ea:d5:9f:a1:
         23:db:b5:7c:37:08:1e:a1:b3:84:07:12:f6:7c:5f:c8:ad:47:
         87:80:a8:83:c3:68:81:45:ba:f2:21:4d:27:ed:fc:00:14:0f:
         d5:55:c9:6d:ba:5a:44:ba:1b:bd:33:b4:c0:41:33:7c:60:20:
         bd:62:bc:d0:d1:03:6e:95:20:9c:22:c3:57:f0:5d:3c:51:f7:
         30:21:ee:92:29:80:49:a4:8a:a1:04:29:cf:db:ac:c9:fe:d1:
         39:78:e1:db:65:df:05:90:37:1f:6d:49:48:36:5b:f0:94:13:
         45:dc:1c:c3:de:67:40:98:81:0e:14:12:10:8a:cb:90:40:64:
         0d:1b:19:cc:ed:1b:4c:4c:97:77:c0:22:b6:c2:f8:49:6a:39:
         a2:2a:84:e5:bd:ec:b3:9e:02:42:bf:61:4e:a8:85:9e:a5:98:
         3f:d1:9c:99:96:c6:c7:dc:ca:36:ba:b3:af:1c:59:7d:0c:65:
         fd:09:40:14:ac:77:2d:48:b0:98:8c:26:57:a1:3e:fd:a5:c5:
         d1:99:02:dc:f1:d9:f1:31:62:71:75:52:ee:4a:25:bf:c1:77:
         cc:00:e5:09:0e:b3:54:09:3e:bf:ba:87:ba:21:f5:d1:25:9c:
         2c:21:b2:10
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZalvOD+or6jrUVHufz+8p6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTA2MTMxNTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I3N2M5ZTgxMDc2Y2Y0YjRjZWZlZDVlZWYyMTA3Zjc1MmMzNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM7B/gszbhUBHJxtFZx0TW/fIfmQ
jObAqKpkykVIjtxLDuytkEk6DVuY2fJRSYGDH2iFSx+s0sjJcTbe/xGcUzjb0YPZ
wkpcmGdV7NPDulodF1GiIB1EhYDstRrEKvFvp81WtuWKkAtNryRktclN//jHisgm
nsZ8dSNOQcMQt4zL9QBWGlXmcIvor5rwQtqK5Mz6vuwtYRj75TrmGviZNof455fr
tzxHUzsCslVbKsMegPcpWrdPjZ/CrFicO4xPKqcpt1m/oXjIJ79Fd/a31Zqettg5
f40RLyG+DMwhnhtyP5+LhCcxqxJD37tajo1QRO0yqrSBXLVxx/WVS88CiQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFIO3fJ6BB2z0tM7+1e7yEH91LDYwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIwLzNkYzRk
ZC04MGJiLTRkZjUtYWY1OC1iN2FkZjA0ZTQyM2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvM2RjNGRk
LTgwYmItNGRmNS1hZjU4LWI3YWRmMDRlNDIzZC8xL2c3ZDhub0VIYlBTMHp2N1Y3
dklRZjNVc05qQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQBwcG+AwQBwgm2MA0GCSqGSIb3DQEBCwUAA4IB
AQBJzilC6oJyZP5SOn3AmerVn6Ej27V8NwgeobOEBxL2fF/IrUeHgKiDw2iBRbry
IU0n7fwAFA/VVcltulpEuhu9M7TAQTN8YCC9YrzQ0QNulSCcIsNX8F08UfcwIe6S
KYBJpIqhBCnP26zJ/tE5eOHbZd8FkDcfbUlINlvwlBNF3BzD3mdAmIEOFBIQisuQ
QGQNGxnM7RtMTJd3wCK2wvhJajmiKoTlveyzngJCv2FOqIWepZg/0ZyZlsbH3Mo2
urOvHFl9DGX9CUAUrHctSLCYjCZXoT79pcXRmQLc8dnxMWJxdVLuSiW/wXfMAOUJ
DrNUCT6/uoe6IfXRJZwsIbIQ
-----END CERTIFICATE-----