Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/my5v1Q3cgXq7rFpk98ahJUaFnOI.cer
File:                     my5v1Q3cgXq7rFpk98ahJUaFnOI.cer (raw, json)
Hash identifier:          ySlWCp7mfyIwRs1aQcU3Z3SEgW+F6YaIQSPkAAEFuUE=
Subject key identifier:   9B:2E:6F:D5:0D:DC:81:7A:BB:AC:5A:64:F7:C6:A1:25:46:85:9C:E2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC79519BD8B8BEEF9B007C42FBEAED875
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:31:26 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 47875
                          IP: 94.124.32.0/21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:19:bd:8b:8b:ee:f9:b0:07:c4:2f:be:ae:d8:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:31:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b2e6fd50ddc817abbac5a64f7c6a12546859ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d2:de:fc:d2:09:09:21:b6:07:6d:65:d7:c3:
                    99:9e:df:27:5a:05:09:fc:99:19:12:c9:96:56:a5:
                    13:ab:0a:78:b7:c9:48:13:1c:33:ab:97:30:df:59:
                    1a:73:c5:53:c4:f8:fb:af:74:b0:c1:4e:d5:82:f9:
                    49:59:9e:6d:3d:98:ca:3c:03:a4:f2:7a:40:ed:09:
                    78:87:41:44:45:1f:27:77:f0:f0:69:65:10:00:8a:
                    5f:06:a1:86:e1:9f:8c:7d:91:83:e7:20:3c:92:11:
                    c8:ca:28:1b:dd:52:4f:1b:a4:99:48:ae:9c:f3:58:
                    97:7a:ff:76:e5:4a:6b:85:0c:2b:a0:28:7e:8a:f8:
                    e9:54:3a:ad:a6:77:d5:9d:42:92:43:80:a2:1a:75:
                    9f:5a:69:f6:57:0b:ae:95:bb:17:e8:43:b9:b1:94:
                    cf:50:a9:04:43:0e:d1:d3:9a:5a:a0:73:a0:2a:1b:
                    39:77:d5:b4:68:99:bc:6d:64:09:4f:09:f8:59:f9:
                    81:df:1c:43:f2:ad:7d:6e:59:06:05:04:31:15:33:
                    6c:73:ea:3b:43:af:18:dd:5e:db:cd:03:22:8c:d4:
                    ac:f5:5b:af:76:e8:3c:31:aa:5b:4b:95:11:86:8f:
                    cf:3c:82:b7:cc:c4:d6:48:7e:a1:a4:a3:aa:3b:63:
                    24:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:2E:6F:D5:0D:DC:81:7A:BB:AC:5A:64:F7:C6:A1:25:46:85:9C:E2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.124.32.0/21

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47875

    Signature Algorithm: sha256WithRSAEncryption
         6e:a6:8e:3b:a3:7a:e8:b9:99:3d:1f:3f:eb:13:07:4e:ea:e2:
         bb:34:46:b6:51:27:d9:c2:62:13:17:e2:9c:45:08:d3:de:5b:
         3e:0b:b6:d8:3b:1d:cd:f4:52:fe:90:98:86:be:24:c3:ea:9f:
         af:fa:69:ff:7e:c9:b8:65:d3:2c:f6:4e:92:8b:bb:15:e1:00:
         ef:f8:f6:09:cc:26:3b:65:9a:65:6b:5c:48:e4:08:d6:0f:da:
         fb:e5:6d:0c:08:69:68:dd:45:bf:7b:1d:58:d5:3a:29:9d:a6:
         21:75:4c:51:b5:4a:f3:b0:56:8d:18:a6:f1:2f:7d:4e:3c:bf:
         d9:11:f4:0c:64:4d:eb:12:c2:bf:97:11:c1:6f:ee:71:4f:f7:
         1a:31:6c:5b:3b:98:5c:10:7e:fa:49:ec:6e:b8:5c:c5:33:82:
         49:f9:a0:be:d5:cd:71:52:8f:56:88:36:b4:a4:76:81:91:54:
         1b:a9:94:99:9a:09:84:55:80:f4:5b:bc:0a:cb:a5:fa:68:53:
         96:af:1a:56:4f:07:42:2f:f9:d2:c5:16:d6:f4:26:1a:3a:83:
         6d:37:16:3b:87:5e:9f:d8:33:d1:06:d7:cc:18:51:87:00:8c:
         dd:7b:57:ef:08:af:ab:f2:89:ad:e6:2f:76:7d:ed:cc:31:87:
         89:f8:45:04
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzHlRm9i4vu+bAHxC++rth1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjJlNmZkNTBkZGM4MTdhYmJhYzVhNjRmN2M2YTEyNTQ2ODU5Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNLe/NIJCSG2B21l18OZnt8nWgUJ
/JkZEsmWVqUTqwp4t8lIExwzq5cw31kac8VTxPj7r3SwwU7VgvlJWZ5tPZjKPAOk
8npA7Ql4h0FERR8nd/DwaWUQAIpfBqGG4Z+MfZGD5yA8khHIyigb3VJPG6SZSK6c
81iXev925UprhQwroCh+ivjpVDqtpnfVnUKSQ4CiGnWfWmn2VwuulbsX6EO5sZTP
UKkEQw7R05paoHOgKhs5d9W0aJm8bWQJTwn4WfmB3xxD8q19blkGBQQxFTNsc+o7
Q68Y3V7bzQMijNSs9Vuvdug8MapbS5URho/PPIK3zMTWSH6hpKOqO2MkOQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJsub9UN3IF6u6xaZPfGoSVGhZziMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1LzNiYTJk
OS03NGNlLTQ4ODEtYjIzZi03Y2IwNzIzZGEwYmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvM2JhMmQ5
LTc0Y2UtNDg4MS1iMjNmLTdjYjA3MjNkYTBiZC8xL215NXYxUTNjZ1hxN3JGcGs5
OGFoSlVhRm5PSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDXnwgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwC7AzANBgkqhkiG9w0BAQsFAAOCAQEAbqaOO6N66LmZPR8/6xMHTuriuzRGtlEn
2cJiExfinEUI095bPgu22DsdzfRS/pCYhr4kw+qfr/pp/37JuGXTLPZOkou7FeEA
7/j2CcwmO2WaZWtcSOQI1g/a++VtDAhpaN1Fv3sdWNU6KZ2mIXVMUbVK87BWjRim
8S99Tjy/2RH0DGRN6xLCv5cRwW/ucU/3GjFsWzuYXBB++knsbrhcxTOCSfmgvtXN
cVKPVog2tKR2gZFUG6mUmZoJhFWA9Fu8Csul+mhTlq8aVk8HQi/50sUW1vQmGjqD
bTcWO4den9gz0QbXzBhRhwCM3XtX7wivq/KJreYvdn3tzDGHifhFBA==
-----END CERTIFICATE-----