Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lLUJKKlsuekSD_PLY1s_fXDJfOA.cer
File:                     lLUJKKlsuekSD_PLY1s_fXDJfOA.cer (raw, json)
Hash identifier:          Np3ud6oJGrxQWbsGbV5vHcjFQ4aVQNxG87UgZ6fx4q0=
Subject key identifier:   94:B5:09:28:A9:6C:B9:E9:12:0F:F3:CB:63:5B:3F:7D:70:C9:7C:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018D5EC601E3F9F3A419B3E946F1588BA35D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/13/1cdf84-a35b-4f52-9ee1-f6489f551f15/1/lLUJKKlsuekSD_PLY1s_fXDJfOA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/13/1cdf84-a35b-4f52-9ee1-f6489f551f15/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 31 Jan 2024 09:07:31 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.16.251.0/24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5e:c6:01:e3:f9:f3:a4:19:b3:e9:46:f1:58:8b:a3:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 31 09:07:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=94b50928a96cb9e9120ff3cb635b3f7d70c97ce0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:cf:d5:26:a3:58:0e:87:04:6b:f7:21:58:a5:
                    ae:ec:e6:13:37:25:70:7b:56:27:08:5c:47:ab:61:
                    b4:c2:a9:3e:f9:97:76:d7:fd:ba:ec:4e:2f:68:b0:
                    6d:1d:dd:33:e3:45:40:57:f2:f9:ae:3f:af:f6:b7:
                    45:ba:e2:f3:2c:14:e3:a8:b6:25:70:89:cd:b4:86:
                    68:d5:79:59:b2:c9:30:6d:0a:79:7f:cb:64:ea:5b:
                    ea:16:92:f9:fd:37:c8:8f:41:d1:56:c4:67:b9:2b:
                    bd:e9:94:11:14:4a:52:47:59:c8:1c:fb:34:30:1e:
                    30:1b:99:ec:0c:00:3c:7f:97:e0:33:db:b8:51:91:
                    30:f3:c3:f4:38:d9:58:00:cd:58:24:9e:19:db:c2:
                    c0:6f:e3:b3:3d:50:86:f4:dc:4b:d3:fc:63:36:47:
                    17:19:22:d1:b3:a3:a9:8e:d6:b3:1e:3e:95:37:59:
                    c4:93:36:54:06:35:c8:a7:33:e1:22:63:f8:f4:47:
                    70:b2:c6:04:8a:de:b2:6d:07:99:6c:f8:c0:80:f1:
                    88:5f:55:78:45:75:4f:e1:da:9a:fd:a3:e3:f9:3f:
                    bf:0f:e3:4f:5b:f6:80:f2:57:b3:10:f7:a2:87:6b:
                    b5:fc:e5:3f:fd:80:89:6b:92:86:c3:5e:db:24:22:
                    7c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:B5:09:28:A9:6C:B9:E9:12:0F:F3:CB:63:5B:3F:7D:70:C9:7C:E0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1cdf84-a35b-4f52-9ee1-f6489f551f15/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1cdf84-a35b-4f52-9ee1-f6489f551f15/1/lLUJKKlsuekSD_PLY1s_fXDJfOA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.16.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:a8:19:10:62:33:fd:da:b4:33:64:3b:2a:d2:39:d7:1d:13:
         5d:ca:49:62:51:ba:de:83:bb:b3:66:0b:b4:1e:65:c1:48:8c:
         4a:59:d2:10:66:aa:d9:59:fd:17:16:e7:72:53:cb:cb:a6:25:
         c4:5a:5d:bd:5e:39:17:45:b6:7c:97:69:d6:29:a8:e2:fc:5a:
         d6:f6:7c:d3:f8:2d:60:8f:97:49:c0:c3:46:08:56:75:56:f6:
         df:73:72:fe:57:23:26:fa:0b:1c:6d:36:5b:cb:ef:12:eb:e2:
         ad:3f:df:9c:df:4a:42:80:a8:00:6c:4d:55:14:16:b1:ad:29:
         17:06:c8:14:8e:df:76:7b:0f:0a:37:cf:09:d2:ed:10:0d:cd:
         f8:b7:74:d3:b9:4d:4e:86:e3:a9:84:be:0a:a7:b8:ed:da:0c:
         de:2b:2c:53:44:f8:e0:5b:ac:89:f1:e8:28:e8:88:83:ad:d8:
         ed:e0:3c:62:f7:dd:e9:72:c1:6f:af:ce:c3:e9:e6:a7:df:3d:
         57:60:95:c3:1a:0e:44:a1:3a:ab:ec:fe:cb:a5:2a:62:66:8b:
         91:c1:1b:8f:5f:b6:bd:30:38:7c:20:bd:e5:65:46:3a:1c:4f:
         e3:ce:c7:b6:71:f2:68:7b:ab:06:05:f5:fe:c3:cb:99:78:85:
         bf:75:d5:2d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY1exgHj+fOkGbPpRvFYi6NdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTMxMDkwNzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGI1MDkyOGE5NmNiOWU5MTIwZmYzY2I2MzViM2Y3ZDcwYzk3Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08/VJqNYDocEa/chWKWu7OYTNyVw
e1YnCFxHq2G0wqk++Zd21/267E4vaLBtHd0z40VAV/L5rj+v9rdFuuLzLBTjqLYl
cInNtIZo1XlZsskwbQp5f8tk6lvqFpL5/TfIj0HRVsRnuSu96ZQRFEpSR1nIHPs0
MB4wG5nsDAA8f5fgM9u4UZEw88P0ONlYAM1YJJ4Z28LAb+OzPVCG9NxL0/xjNkcX
GSLRs6OpjtazHj6VN1nEkzZUBjXIpzPhImP49EdwssYEit6ybQeZbPjAgPGIX1V4
RXVP4dqa/aPj+T+/D+NPW/aA8lezEPeih2u1/OU//YCJa5KGw17bJCJ80QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJS1CSipbLnpEg/zy2NbP31wyXzgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEzLzFjZGY4
NC1hMzViLTRmNTItOWVlMS1mNjQ4OWY1NTFmMTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMvMWNkZjg0
LWEzNWItNGY1Mi05ZWUxLWY2NDg5ZjU1MWYxNS8xL2xMVUpLS2xzdWVrU0RfUExZ
MXNfZlhESmZPQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuRD7MA0GCSqGSIb3DQEBCwUAA4IBAQCEqBkQ
YjP92rQzZDsq0jnXHRNdykliUbreg7uzZgu0HmXBSIxKWdIQZqrZWf0XFudyU8vL
piXEWl29XjkXRbZ8l2nWKaji/FrW9nzT+C1gj5dJwMNGCFZ1Vvbfc3L+VyMm+gsc
bTZby+8S6+KtP9+c30pCgKgAbE1VFBaxrSkXBsgUjt92ew8KN88J0u0QDc34t3TT
uU1OhuOphL4Kp7jt2gzeKyxTRPjgW6yJ8ego6IiDrdjt4Dxi993pcsFvr87D6ean
3z1XYJXDGg5EoTqr7P7LpSpiZouRwRuPX7a9MDh8IL3lZUY6HE/jzse2cfJoe6sG
BfX+w8uZeIW/ddUt
-----END CERTIFICATE-----