Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/my5v1Q3cgXq7rFpk98ahJUaFnOI.cer
File:                     my5v1Q3cgXq7rFpk98ahJUaFnOI.cer (raw, json)
Hash identifier:          YD4Ol2mUhwKaLYel57/R/evVkOZtkLig3+keBhoCFd0=
Subject key identifier:   9B:2E:6F:D5:0D:DC:81:7A:BB:AC:5A:64:F7:C6:A1:25:46:85:9C:E2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194221F8C9B5F7220A6160ACD63B9B5B800
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 13:48:00 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 47875
                          IP: 94.124.32.0/21
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:1f:8c:9b:5f:72:20:a6:16:0a:cd:63:b9:b5:b8:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 13:48:00 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=9b2e6fd50ddc817abbac5a64f7c6a12546859ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d2:de:fc:d2:09:09:21:b6:07:6d:65:d7:c3:
                    99:9e:df:27:5a:05:09:fc:99:19:12:c9:96:56:a5:
                    13:ab:0a:78:b7:c9:48:13:1c:33:ab:97:30:df:59:
                    1a:73:c5:53:c4:f8:fb:af:74:b0:c1:4e:d5:82:f9:
                    49:59:9e:6d:3d:98:ca:3c:03:a4:f2:7a:40:ed:09:
                    78:87:41:44:45:1f:27:77:f0:f0:69:65:10:00:8a:
                    5f:06:a1:86:e1:9f:8c:7d:91:83:e7:20:3c:92:11:
                    c8:ca:28:1b:dd:52:4f:1b:a4:99:48:ae:9c:f3:58:
                    97:7a:ff:76:e5:4a:6b:85:0c:2b:a0:28:7e:8a:f8:
                    e9:54:3a:ad:a6:77:d5:9d:42:92:43:80:a2:1a:75:
                    9f:5a:69:f6:57:0b:ae:95:bb:17:e8:43:b9:b1:94:
                    cf:50:a9:04:43:0e:d1:d3:9a:5a:a0:73:a0:2a:1b:
                    39:77:d5:b4:68:99:bc:6d:64:09:4f:09:f8:59:f9:
                    81:df:1c:43:f2:ad:7d:6e:59:06:05:04:31:15:33:
                    6c:73:ea:3b:43:af:18:dd:5e:db:cd:03:22:8c:d4:
                    ac:f5:5b:af:76:e8:3c:31:aa:5b:4b:95:11:86:8f:
                    cf:3c:82:b7:cc:c4:d6:48:7e:a1:a4:a3:aa:3b:63:
                    24:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:2E:6F:D5:0D:DC:81:7A:BB:AC:5A:64:F7:C6:A1:25:46:85:9C:E2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.124.32.0/21

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47875

    Signature Algorithm: sha256WithRSAEncryption
         9a:2e:0a:a6:a1:9c:b0:15:2d:a6:75:55:d2:ca:e2:02:c5:65:
         33:ed:a3:22:ed:1c:c8:ae:1a:cb:0a:e2:84:78:eb:83:9a:ba:
         e0:51:bb:5b:ce:3e:d6:87:81:86:4f:96:5f:bf:ba:8e:f6:b0:
         84:ec:4d:0a:52:c4:f9:e9:f4:89:19:c3:65:bd:fb:4f:91:37:
         5f:f7:65:58:37:e1:4e:2b:e1:df:5c:77:eb:de:1e:83:bf:99:
         b8:1f:2c:9c:ae:be:b0:c2:e1:aa:c8:57:61:25:d3:8b:9a:9d:
         36:09:94:e8:dc:e8:38:13:2d:bd:de:8d:0b:26:ca:16:fd:25:
         1f:dd:02:66:dd:c3:9a:24:c4:79:35:64:43:30:c6:29:2b:bc:
         58:47:25:5f:ce:39:6a:ca:55:37:3f:bb:e7:27:ed:a2:d4:f7:
         d2:99:a8:d2:0b:dc:fe:a5:8c:79:a8:9a:fd:57:65:6f:81:b9:
         41:6c:26:78:f9:02:d2:16:86:19:ea:ae:41:34:76:97:e7:87:
         6b:dc:c1:be:b9:21:b4:37:0f:3c:2f:e9:fc:73:40:24:fa:ea:
         46:c3:dd:6b:48:5f:c6:01:35:0a:78:98:e6:47:14:c2:e0:97:
         50:27:4b:d8:2e:7f:71:30:2c:1c:f4:18:0b:74:85:0a:33:2e:
         ba:38:df:c3
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQiH4ybX3IgphYKzWO5tbgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjJlNmZkNTBkZGM4MTdhYmJhYzVhNjRmN2M2YTEyNTQ2ODU5Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNLe/NIJCSG2B21l18OZnt8nWgUJ
/JkZEsmWVqUTqwp4t8lIExwzq5cw31kac8VTxPj7r3SwwU7VgvlJWZ5tPZjKPAOk
8npA7Ql4h0FERR8nd/DwaWUQAIpfBqGG4Z+MfZGD5yA8khHIyigb3VJPG6SZSK6c
81iXev925UprhQwroCh+ivjpVDqtpnfVnUKSQ4CiGnWfWmn2VwuulbsX6EO5sZTP
UKkEQw7R05paoHOgKhs5d9W0aJm8bWQJTwn4WfmB3xxD8q19blkGBQQxFTNsc+o7
Q68Y3V7bzQMijNSs9Vuvdug8MapbS5URho/PPIK3zMTWSH6hpKOqO2MkOQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJsub9UN3IF6u6xaZPfGoSVGhZziMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1LzNiYTJk
OS03NGNlLTQ4ODEtYjIzZi03Y2IwNzIzZGEwYmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvM2JhMmQ5
LTc0Y2UtNDg4MS1iMjNmLTdjYjA3MjNkYTBiZC8xL215NXYxUTNjZ1hxN3JGcGs5
OGFoSlVhRm5PSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDXnwgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwC7AzANBgkqhkiG9w0BAQsFAAOCAQEAmi4KpqGcsBUtpnVV0sriAsVlM+2jIu0c
yK4aywrihHjrg5q64FG7W84+1oeBhk+WX7+6jvawhOxNClLE+en0iRnDZb37T5E3
X/dlWDfhTivh31x3694eg7+ZuB8snK6+sMLhqshXYSXTi5qdNgmU6NzoOBMtvd6N
CybKFv0lH90CZt3DmiTEeTVkQzDGKSu8WEclX845aspVNz+75yftotT30pmo0gvc
/qWMeaia/Vdlb4G5QWwmePkC0haGGequQTR2l+eHa9zBvrkhtDcPPC/p/HNAJPrq
RsPda0hfxgE1CniY5kcUwuCXUCdL2C5/cTAsHPQYC3SFCjMuujjfww==
-----END CERTIFICATE-----