Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
File:                     mNtTOItvp7HlovTGhjq3Hxz7VRI.cer (raw, json)
Hash identifier:          H4NdEyMuOOV9ihIJPWfArUApO6T41Imlw7pvBBndW4M=
Subject key identifier:   98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019272926C078AACF7F22B1622E2F1F64DF7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 09 Oct 2024 18:37:31 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 41793

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:72:92:6c:07:8a:ac:f7:f2:2b:16:22:e2:f1:f6:4d:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Oct  9 18:37:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:12:7f:93:c1:96:81:41:b8:51:1e:a2:b4:91:
                    72:ec:43:37:c5:8e:17:b5:33:84:01:de:07:49:84:
                    9d:6f:67:37:c0:41:c9:f3:1e:ed:3c:81:3a:9f:cf:
                    c5:ec:a8:8b:50:1f:0a:e5:c5:e7:41:3d:6d:8e:36:
                    36:43:53:14:1a:b1:33:85:e4:bd:6b:e9:90:01:a3:
                    cc:c6:f7:81:e1:43:aa:e7:e8:e8:d9:56:f5:a9:b0:
                    da:da:55:fd:b0:01:ae:32:75:15:da:87:5c:c3:5e:
                    c4:8c:58:33:09:6b:eb:7e:b2:bc:28:00:fc:b5:e9:
                    35:5c:7c:31:00:11:8a:ea:49:4f:e8:c0:4a:3f:ec:
                    9a:b8:10:28:43:95:2f:35:db:52:b7:94:b0:98:b5:
                    92:31:f3:8e:ba:f4:83:56:0f:58:af:be:52:57:08:
                    26:61:72:2a:dc:83:55:6a:48:a5:92:57:cb:8d:73:
                    d8:e7:7f:c0:7c:6c:cf:b5:02:ec:fd:ac:8d:fe:2e:
                    89:f7:c9:35:3b:74:1a:e2:64:6b:48:d0:49:25:7e:
                    77:6e:00:46:8a:4c:7e:9c:b1:fd:e3:14:e7:9a:04:
                    2a:c1:46:1f:99:15:72:e9:41:50:39:0e:c5:ec:46:
                    86:41:00:bd:96:7c:dd:03:88:ec:20:27:9a:fb:2f:
                    56:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41793

    Signature Algorithm: sha256WithRSAEncryption
         40:0c:7f:44:07:2a:a6:bd:b4:c3:8e:90:18:c1:ec:81:cc:c3:
         69:9a:20:99:9e:64:b8:a5:15:ce:b2:98:c2:02:fd:d8:1f:19:
         20:7b:25:c4:d5:c2:b6:54:e9:83:5b:36:d6:9d:2a:54:4c:d6:
         b3:67:01:15:69:58:85:58:fc:ef:9e:a5:71:42:4f:09:74:31:
         69:00:6c:08:e6:17:6d:ee:56:51:fd:73:a2:92:b3:5f:8a:76:
         e3:a1:4c:22:48:20:5c:fa:52:78:47:4e:1c:6d:cd:90:83:5d:
         bc:46:f2:8f:bf:f8:4f:0c:54:e9:0e:76:66:37:dc:64:db:04:
         83:17:9f:e8:2d:fe:4a:69:42:cf:47:a4:24:5e:0f:5f:91:20:
         84:64:e8:9c:60:c3:80:9e:45:19:a4:d3:b3:48:62:ee:06:69:
         5f:7c:d9:4e:bb:03:52:f4:ae:3d:4e:04:05:16:bd:65:ba:cf:
         fa:6a:6c:09:d1:88:c2:1a:c2:a9:cb:49:47:0e:b1:ff:5b:3d:
         16:22:e0:7b:57:59:b6:98:99:bf:87:5f:ab:a9:b0:d4:63:e6:
         50:67:df:80:ed:e0:3b:a4:bf:d6:d8:29:0a:09:fa:6b:30:6a:
         5b:be:bc:6e:fc:75:65:b5:c0:48:ff:e4:17:1f:ad:91:e4:fc:
         dd:73:42:e2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZJykmwHiqz38isWIuLx9k33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMDA5MTgzNzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRiNTMzODhiNmZhN2IxZTVhMmY0YzY4NjNhYjcxZjFjZmI1NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRJ/k8GWgUG4UR6itJFy7EM3xY4X
tTOEAd4HSYSdb2c3wEHJ8x7tPIE6n8/F7KiLUB8K5cXnQT1tjjY2Q1MUGrEzheS9
a+mQAaPMxveB4UOq5+jo2Vb1qbDa2lX9sAGuMnUV2odcw17EjFgzCWvrfrK8KAD8
tek1XHwxABGK6klP6MBKP+yauBAoQ5UvNdtSt5SwmLWSMfOOuvSDVg9Yr75SVwgm
YXIq3INVakilklfLjXPY53/AfGzPtQLs/ayN/i6J98k1O3Qa4mRrSNBJJX53bgBG
ikx+nLH94xTnmgQqwUYfmRVy6UFQOQ7F7EaGQQC9lnzdA4jsICea+y9WOQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJjbUziLb6ex5aL0xoY6tx8c+1USMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4Lzk5NmRh
My05ZjhjLTQ3NWItOGJmNi1jNzQ2N2RhMmRiNjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvOTk2ZGEz
LTlmOGMtNDc1Yi04YmY2LWM3NDY3ZGEyZGI2MC8xL21OdFRPSXR2cDdIbG92VEdo
anEzSHh6N1ZSSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCjQTANBgkqhkiG9w0BAQsFAAOCAQEAQAx/RAcqpr20
w46QGMHsgczDaZogmZ5kuKUVzrKYwgL92B8ZIHslxNXCtlTpg1s21p0qVEzWs2cB
FWlYhVj8756lcUJPCXQxaQBsCOYXbe5WUf1zopKzX4p246FMIkggXPpSeEdOHG3N
kINdvEbyj7/4TwxU6Q52ZjfcZNsEgxef6C3+SmlCz0ekJF4PX5EghGTonGDDgJ5F
GaTTs0hi7gZpX3zZTrsDUvSuPU4EBRa9ZbrP+mpsCdGIwhrCqctJRw6x/1s9FiLg
e1dZtpiZv4dfq6mw1GPmUGffgO3gO6S/1tgpCgn6azBqW768bvx1ZbXASP/kFx+t
keT83XNC4g==
-----END CERTIFICATE-----