Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i29IgAONVauY18tm38-ol7e6Eeg.cer
File:                     i29IgAONVauY18tm38-ol7e6Eeg.cer (raw, json)
Hash identifier:          d/iBsne1O8BCJU4xfvF17R3Lk5jQwbTAzB6dKuYrIXg=
Subject key identifier:   8B:6F:48:80:03:8D:55:AB:98:D7:CB:66:DF:CF:A8:97:B7:BA:11:E8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018FAA8AF0B5E4034F575E1505E9483B9813
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f4/d0c38d-9f02-418b-96b2-fb3111dbd1ca/1/i29IgAONVauY18tm38-ol7e6Eeg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f4/d0c38d-9f02-418b-96b2-fb3111dbd1ca/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 24 May 2024 12:19:43 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 203045
                          IP: 2001:678:140::/48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Sep 2024 14:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:aa:8a:f0:b5:e4:03:4f:57:5e:15:05:e9:48:3b:98:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May 24 12:19:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8b6f4880038d55ab98d7cb66dfcfa897b7ba11e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:e0:09:9a:b3:dc:96:f6:3c:45:96:00:38:85:
                    55:47:c8:d0:1f:8b:8e:bb:76:5e:85:57:c8:5d:06:
                    97:44:fb:c1:51:c7:97:f7:40:d5:f0:9f:fe:e9:9c:
                    ef:54:04:30:d7:41:4a:8c:2e:b9:f6:3f:b4:ee:9c:
                    1b:d7:b3:7e:c7:9a:ab:fa:f4:45:37:4d:e6:20:87:
                    03:c9:e8:67:0b:7c:0b:38:f9:9a:0b:5c:67:73:45:
                    10:68:14:61:c5:48:96:5c:86:b7:08:c2:ec:16:6a:
                    cc:ee:fb:a6:46:b4:1a:a8:20:97:b2:69:be:f4:cb:
                    31:ae:3b:dd:45:25:bf:cc:c0:89:1b:97:99:b1:14:
                    ef:55:ce:18:75:ad:59:55:2b:91:89:76:87:31:2c:
                    0b:5e:a7:67:5c:71:00:eb:18:25:b2:51:e0:2a:95:
                    4c:2c:9e:3f:3f:83:8a:44:b6:4b:4a:33:06:4f:c6:
                    00:8f:2d:a6:7d:e3:83:a7:80:1c:2c:34:56:51:ac:
                    01:df:67:ac:4a:5f:5f:a5:75:96:14:69:14:92:40:
                    9d:32:0d:09:e1:f8:7d:a4:85:8f:6b:62:31:dc:4c:
                    12:01:ff:f6:3c:11:fa:78:0c:7d:a3:85:ec:d1:64:
                    8f:69:8e:ca:2e:b5:34:c4:d6:8c:19:8c:b4:28:55:
                    2c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:6F:48:80:03:8D:55:AB:98:D7:CB:66:DF:CF:A8:97:B7:BA:11:E8
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d0c38d-9f02-418b-96b2-fb3111dbd1ca/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d0c38d-9f02-418b-96b2-fb3111dbd1ca/1/i29IgAONVauY18tm38-ol7e6Eeg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:140::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203045

    Signature Algorithm: sha256WithRSAEncryption
         63:e3:55:74:49:38:c4:03:0c:61:26:e5:e8:dc:cd:35:6c:15:
         6f:84:92:49:7e:d9:46:be:3c:31:c2:aa:bc:24:e0:ea:20:66:
         7f:23:37:88:55:e3:84:8b:37:5b:af:59:33:06:09:af:f1:4a:
         41:67:d4:71:1f:e0:32:aa:6f:96:26:7a:72:d2:22:25:9f:bc:
         b1:19:b0:de:8f:c7:0a:6d:b9:0b:87:bf:bf:4d:93:7e:21:fb:
         b6:8e:7b:db:d0:51:a3:36:e4:d8:c4:39:4e:76:c9:df:2f:96:
         c6:f4:3a:99:76:6c:e1:da:32:6a:52:58:7a:97:8d:ef:4a:d5:
         eb:2a:cf:b2:fa:cc:0d:8e:95:21:8a:aa:7f:fb:5d:46:cd:7d:
         8b:db:53:cd:ef:91:39:8a:06:b0:9b:64:75:0f:d6:06:97:f8:
         15:08:76:a4:3b:33:61:90:d9:9e:a2:28:a7:46:93:21:da:4d:
         c3:a5:27:ba:2c:86:55:05:e9:bf:d2:ad:12:a5:8c:a7:0a:28:
         dc:90:61:5f:39:d0:aa:28:bc:74:f6:72:2d:1e:da:70:d4:72:
         d7:bc:28:31:8f:18:bf:9b:23:67:d5:24:47:85:3d:60:3c:3f:
         09:26:19:0b:10:c7:8f:7d:ca:a1:26:fb:a5:3c:1f:5a:f1:db:
         23:f8:a0:61
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY+qivC15ANPV14VBelIO5gTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTI0MTIxOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjZmNDg4MDAzOGQ1NWFiOThkN2NiNjZkZmNmYTg5N2I3YmExMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OAJmrPclvY8RZYAOIVVR8jQH4uO
u3ZehVfIXQaXRPvBUceX90DV8J/+6ZzvVAQw10FKjC659j+07pwb17N+x5qr+vRF
N03mIIcDyehnC3wLOPmaC1xnc0UQaBRhxUiWXIa3CMLsFmrM7vumRrQaqCCXsmm+
9MsxrjvdRSW/zMCJG5eZsRTvVc4Yda1ZVSuRiXaHMSwLXqdnXHEA6xglslHgKpVM
LJ4/P4OKRLZLSjMGT8YAjy2mfeODp4AcLDRWUawB32esSl9fpXWWFGkUkkCdMg0J
4fh9pIWPa2Ix3EwSAf/2PBH6eAx9o4Xs0WSPaY7KLrU0xNaMGYy0KFUsYwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFItvSIADjVWrmNfLZt/PqJe3uhHoMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0L2QwYzM4
ZC05ZjAyLTQxOGItOTZiMi1mYjMxMTFkYmQxY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvZDBjMzhk
LTlmMDItNDE4Yi05NmIyLWZiMzExMWRiZDFjYS8xL2kyOUlnQU9OVmF1WTE4dG0z
OC1vbDdlNkVlZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAFAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMZJTANBgkqhkiG9w0BAQsFAAOCAQEAY+NVdEk4xAMMYSbl6NzNNWwVb4SS
SX7ZRr48McKqvCTg6iBmfyM3iFXjhIs3W69ZMwYJr/FKQWfUcR/gMqpvliZ6ctIi
JZ+8sRmw3o/HCm25C4e/v02TfiH7to5729BRozbk2MQ5TnbJ3y+WxvQ6mXZs4doy
alJYepeN70rV6yrPsvrMDY6VIYqqf/tdRs19i9tTze+ROYoGsJtkdQ/WBpf4FQh2
pDszYZDZnqIop0aTIdpNw6UnuiyGVQXpv9KtEqWMpwoo3JBhXznQqii8dPZyLR7a
cNRy17woMY8Yv5sjZ9UkR4U9YDw/CSYZCxDHj33KoSb7pTwfWvHbI/igYQ==
-----END CERTIFICATE-----