Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
File:                     k6Ip4mayVYiZ81R-5j2E7WWUdos.cer (raw, json)
Hash identifier:          TkhzN/SNhFetDA4YUb25WMoWmuBTOjEeGYI4KHNCEgk=
Subject key identifier:   93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0192E77AFAD0842EFF80DA89B3EA5870DF40
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Nov 2024 11:27:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.1.174.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:e7:7a:fa:d0:84:2e:ff:80:da:89:b3:ea:58:70:df:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Nov  1 11:27:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93a229e266b2558899f3547ee63d84ed6594768b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:73:ec:72:c4:fb:8f:e2:54:e1:e7:85:a8:c0:
                    a7:45:b3:43:aa:ff:7f:d2:1b:37:87:d1:6b:6e:32:
                    94:af:1d:93:53:7e:36:2f:85:f8:79:14:a8:0b:3b:
                    44:87:00:cd:6e:4c:96:94:44:a6:0d:5f:e5:d8:d3:
                    10:bb:b0:70:92:cf:71:78:89:2f:60:25:98:40:d7:
                    48:65:3d:30:2f:f6:b7:79:30:ab:92:75:df:94:e1:
                    10:f3:76:30:85:05:cf:44:25:d8:02:45:67:35:94:
                    5e:6b:ee:b7:56:b7:5c:80:68:16:f1:c9:f9:33:ef:
                    06:69:1a:1c:90:49:d5:1f:6a:49:34:26:f8:f8:83:
                    41:c4:42:2b:c9:2f:9d:52:91:0e:2b:f8:a8:50:66:
                    4e:81:46:dc:a5:90:4e:bb:36:9a:1e:7b:28:72:17:
                    99:e0:fd:01:95:12:d1:bd:7e:89:11:53:01:74:64:
                    b9:16:43:18:5c:5e:a9:50:91:b2:4e:b8:88:39:30:
                    1d:62:96:39:a9:fb:35:5d:4c:2f:f4:35:0c:a7:1b:
                    0b:fc:01:74:c9:da:57:6c:2a:a5:ec:8c:b3:da:55:
                    e8:b5:dc:0b:c7:4b:50:ba:50:c7:fc:c4:7d:43:63:
                    a3:74:66:00:d2:9d:b3:fa:53:66:da:f8:01:53:33:
                    ad:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:6b:c1:15:a1:42:82:3a:2d:00:02:31:60:d3:86:77:40:ff:
         7a:05:27:73:09:87:12:00:2c:7b:93:6d:ba:1a:e3:0f:f2:be:
         04:09:82:1b:fb:88:d5:ed:b8:26:90:48:b1:33:9d:21:e1:44:
         1a:ae:ab:6b:8e:da:db:ed:dc:6a:0e:1a:66:6e:9c:a6:b8:ea:
         69:7b:12:b2:29:c9:4c:9f:3e:de:96:ee:1a:b5:f0:0b:32:c9:
         92:3b:7e:94:d1:f2:86:5d:5c:6e:9b:6f:e5:ac:4e:84:a4:2e:
         a0:72:6c:cb:a2:68:c7:9c:eb:76:06:e9:bd:8b:f9:1f:a5:76:
         2a:6f:16:9a:f1:5f:7f:6b:82:15:51:d6:f0:3d:77:20:1c:08:
         71:ef:68:ea:91:38:9e:07:e9:ef:36:9e:2a:5c:46:af:1e:57:
         7b:7f:8c:90:e8:52:2d:9d:f4:f0:26:18:8f:8b:14:e0:96:71:
         f7:3c:74:7d:cc:3e:6c:a6:2d:4a:35:9d:52:cc:9b:bb:8a:6f:
         18:e1:8b:d2:9e:e6:2e:04:6c:58:5e:19:aa:1e:4a:22:ac:fd:
         f6:91:ea:ff:35:78:87:dc:0f:b4:21:1a:ea:7e:1d:78:b0:10:
         78:19:fc:89:b9:dc:d1:2b:f5:6c:63:32:18:f3:9d:c9:48:1b:
         6b:28:f3:1c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZLnevrQhC7/gNqJs+pYcN9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTAxMTEyNzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2EyMjllMjY2YjI1NTg4OTlmMzU0N2VlNjNkODRlZDY1OTQ3NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnPscsT7j+JU4eeFqMCnRbNDqv9/
0hs3h9FrbjKUrx2TU342L4X4eRSoCztEhwDNbkyWlESmDV/l2NMQu7Bwks9xeIkv
YCWYQNdIZT0wL/a3eTCrknXflOEQ83YwhQXPRCXYAkVnNZRea+63VrdcgGgW8cn5
M+8GaRockEnVH2pJNCb4+INBxEIryS+dUpEOK/ioUGZOgUbcpZBOuzaaHnsocheZ
4P0BlRLRvX6JEVMBdGS5FkMYXF6pUJGyTriIOTAdYpY5qfs1XUwv9DUMpxsL/AF0
ydpXbCql7Iyz2lXotdwLx0tQulDH/MR9Q2OjdGYA0p2z+lNm2vgBUzOtUwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJOiKeJmslWImfNUfuY9hO1llHaLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E0L2M0MDcz
YS05MjNiLTRlY2YtOTU2Ni00ZDc3N2NhY2Q5YTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvYzQwNzNh
LTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8xL2s2SXA0bWF5VllpWjgxUi01
ajJFN1dXVWRvcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuQGuMA0GCSqGSIb3DQEBCwUAA4IBAQA1a8EV
oUKCOi0AAjFg04Z3QP96BSdzCYcSACx7k226GuMP8r4ECYIb+4jV7bgmkEixM50h
4UQarqtrjtrb7dxqDhpmbpymuOppexKyKclMnz7elu4atfALMsmSO36U0fKGXVxu
m2/lrE6EpC6gcmzLomjHnOt2Bum9i/kfpXYqbxaa8V9/a4IVUdbwPXcgHAhx72jq
kTieB+nvNp4qXEavHld7f4yQ6FItnfTwJhiPixTglnH3PHR9zD5spi1KNZ1SzJu7
im8Y4YvSnuYuBGxYXhmqHkoirP32ker/NXiH3A+0IRrqfh14sBB4GfyJudzRK/Vs
YzIY853JSBtrKPMc
-----END CERTIFICATE-----