Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jw6u_3Y07o3-gFSthfihXoR1kRQ.cer
File:                     jw6u_3Y07o3-gFSthfihXoR1kRQ.cer (raw, json)
Hash identifier:          huDt0mC10P/kos9MXbZJT1lRO5RvA9Ily2cZgK39KqY=
Subject key identifier:   8F:0E:AE:FF:76:34:EE:8D:FE:80:54:AD:85:F8:A1:5E:84:75:91:14
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194266C1FE6A76FCB5C140FBE01A3F04B02
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b9/cfa855-f0c7-4458-a3de-b3b4eefe70a5/1/jw6u_3Y07o3-gFSthfihXoR1kRQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b9/cfa855-f0c7-4458-a3de-b3b4eefe70a5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 09:50:07 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 50291
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:26:6c:1f:e6:a7:6f:cb:5c:14:0f:be:01:a3:f0:4b:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 09:50:07 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8f0eaeff7634ee8dfe8054ad85f8a15e84759114
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:43:fa:9e:19:61:98:1b:cc:20:fc:5b:68:0b:
                    38:13:4d:3a:24:f5:c1:e7:f5:0a:69:4d:e9:fa:b4:
                    12:b1:73:f2:a1:5b:c6:b3:f4:26:e0:ee:50:1a:95:
                    bd:8b:16:48:74:92:46:2f:63:cd:62:50:7d:cb:9a:
                    87:6c:7b:a5:d5:ce:97:96:89:15:66:56:17:71:16:
                    51:56:85:32:e8:ae:cc:69:da:97:08:5f:d7:7d:b8:
                    26:98:a9:2a:7f:06:ef:7e:95:30:21:ba:80:19:b4:
                    5c:73:ba:07:52:53:a5:13:7d:55:4f:f6:b1:fa:b8:
                    be:92:08:73:22:1e:22:19:b4:5c:3e:f7:62:0d:79:
                    31:ec:4a:1d:b0:60:be:77:2d:39:75:1b:59:2f:21:
                    c3:7b:85:6e:9e:2a:c3:61:ef:2b:f8:0b:9a:dd:f3:
                    f6:ce:a4:98:1a:4a:64:4a:e6:6a:0f:28:41:15:14:
                    05:38:e6:bd:58:b9:9b:25:97:77:87:37:84:f0:8f:
                    5d:8f:55:67:ca:f9:5b:f3:7d:81:00:a8:19:f2:79:
                    d0:75:db:be:9a:a1:25:a6:84:71:d7:7e:1e:c0:b2:
                    81:3d:1a:f4:54:61:73:41:a3:3e:72:da:b6:bd:88:
                    1b:df:2c:74:d7:7a:5f:52:46:94:24:bc:be:92:81:
                    93:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:0E:AE:FF:76:34:EE:8D:FE:80:54:AD:85:F8:A1:5E:84:75:91:14
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cfa855-f0c7-4458-a3de-b3b4eefe70a5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cfa855-f0c7-4458-a3de-b3b4eefe70a5/1/jw6u_3Y07o3-gFSthfihXoR1kRQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50291

    Signature Algorithm: sha256WithRSAEncryption
         62:72:55:31:65:3e:d2:7c:de:39:f6:72:02:57:8e:28:da:de:
         d2:fa:06:1a:2f:3f:e7:4e:35:fa:d7:9c:7f:e4:1a:7d:e6:d4:
         b1:00:8e:a5:48:c5:68:1c:85:51:00:4c:94:b6:1e:54:05:9c:
         d6:b6:69:4a:1a:a3:5c:d0:2a:21:f9:55:51:28:69:d5:32:11:
         b8:b7:31:4e:06:dc:96:f4:6f:62:d6:e3:26:b4:2a:4d:c2:a1:
         e1:63:ca:13:d5:8e:78:69:f2:b1:23:43:07:75:ee:f2:31:8a:
         88:40:04:ff:5c:b0:3b:49:32:ca:87:43:54:19:8f:c9:51:6d:
         1c:02:fd:61:5b:aa:4e:b1:04:d0:1d:a2:93:f2:0b:a6:38:f0:
         6c:14:a0:9d:be:9a:99:3d:d8:da:e8:4b:5c:8c:f7:0a:d3:0d:
         89:a1:25:54:1d:a8:0d:2b:a9:54:21:20:ab:f8:64:09:16:10:
         43:3a:0d:3e:76:ee:af:4c:39:0f:02:a2:a3:89:63:28:f4:64:
         27:1d:ae:98:b1:14:47:af:39:2e:a0:55:45:e7:29:f3:73:ae:
         30:b1:d0:ab:e2:33:da:1f:73:c8:d7:0b:da:19:39:3a:1d:50:
         78:35:e2:59:bf:48:87:47:96:df:6d:56:81:c5:54:26:52:5d:
         b8:cf:3b:19
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQmbB/mp2/LXBQPvgGj8EsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjBlYWVmZjc2MzRlZThkZmU4MDU0YWQ4NWY4YTE1ZTg0NzU5MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEP6nhlhmBvMIPxbaAs4E006JPXB
5/UKaU3p+rQSsXPyoVvGs/Qm4O5QGpW9ixZIdJJGL2PNYlB9y5qHbHul1c6XlokV
ZlYXcRZRVoUy6K7MadqXCF/XfbgmmKkqfwbvfpUwIbqAGbRcc7oHUlOlE31VT/ax
+ri+kghzIh4iGbRcPvdiDXkx7EodsGC+dy05dRtZLyHDe4VunirDYe8r+Aua3fP2
zqSYGkpkSuZqDyhBFRQFOOa9WLmbJZd3hzeE8I9dj1Vnyvlb832BAKgZ8nnQddu+
mqElpoRx134ewLKBPRr0VGFzQaM+ctq2vYgb3yx013pfUkaUJLy+koGTGwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFI8Orv92NO6N/oBUrYX4oV6EdZEUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5L2NmYTg1
NS1mMGM3LTQ0NTgtYTNkZS1iM2I0ZWVmZTcwYTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvY2ZhODU1
LWYwYzctNDQ1OC1hM2RlLWIzYjRlZWZlNzBhNS8xL2p3NnVfM1kwN28zLWdGU3Ro
ZmloWG9SMWtSUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDEczANBgkqhkiG9w0BAQsFAAOCAQEAYnJVMWU+0nze
OfZyAleOKNre0voGGi8/5041+tecf+QafebUsQCOpUjFaByFUQBMlLYeVAWc1rZp
ShqjXNAqIflVUShp1TIRuLcxTgbclvRvYtbjJrQqTcKh4WPKE9WOeGnysSNDB3Xu
8jGKiEAE/1ywO0kyyodDVBmPyVFtHAL9YVuqTrEE0B2ik/ILpjjwbBSgnb6amT3Y
2uhLXIz3CtMNiaElVB2oDSupVCEgq/hkCRYQQzoNPnbur0w5DwKio4ljKPRkJx2u
mLEUR685LqBVRecp83OuMLHQq+Iz2h9zyNcL2hk5Oh1QeDXiWb9Ih0eW321WgcVU
JlJduM87GQ==
-----END CERTIFICATE-----