Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/n78C8E7EMIy1tgeL0GoXywDYM2k.cer
File:                     n78C8E7EMIy1tgeL0GoXywDYM2k.cer (raw, json)
Hash identifier:          h4Ran2NqKBUmxph9zVeh72UOiyT/HzKSRb0gTNZepP0=
Subject key identifier:   9F:BF:02:F0:4E:C4:30:8C:B5:B6:07:8B:D0:6A:17:CB:00:D8:33:69
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01973764C87557A9EC4B6F92BF20CB717B4D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d6/caf466-6e6c-4009-a55a-5fa9da03f570/1/n78C8E7EMIy1tgeL0GoXywDYM2k.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d6/caf466-6e6c-4009-a55a-5fa9da03f570/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 03 Jun 2025 20:04:01 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 216391
                          IP: 2001:67c:d0c::/48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:37:64:c8:75:57:a9:ec:4b:6f:92:bf:20:cb:71:7b:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun  3 20:04:01 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=9fbf02f04ec4308cb5b6078bd06a17cb00d83369
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:66:ba:5c:d1:33:43:7f:15:85:1b:23:a2:a5:
                    e4:83:a0:fa:ed:14:69:1e:b4:89:db:42:73:92:63:
                    1c:4c:6a:b0:9a:98:05:20:f2:9b:87:b7:a9:8b:a0:
                    75:92:16:f0:a1:a4:bf:7a:60:f4:2c:12:d4:2e:8b:
                    06:3b:e6:a0:d7:85:3c:4b:fc:f8:dd:47:72:4a:6d:
                    3f:14:f0:ef:e9:fc:35:98:2d:e2:cd:25:06:8f:38:
                    01:0d:54:4a:33:51:5b:5e:69:83:59:a3:a4:41:96:
                    b1:6d:e7:ef:53:d2:41:11:f8:bd:5d:1c:17:04:81:
                    93:57:4e:af:d2:ac:a0:d3:6b:e3:32:1a:46:ba:0d:
                    f2:e5:37:37:f2:fe:a9:40:d6:14:00:dd:00:67:f3:
                    11:cf:e5:04:c9:89:7c:8f:1f:74:65:3d:60:7b:d0:
                    eb:08:b2:c2:ba:ac:74:f2:c8:2c:dc:c5:ae:13:6d:
                    47:d9:a1:b4:72:c7:4b:26:c0:10:c8:e5:4f:16:5f:
                    02:13:ef:2c:fa:21:d4:fc:49:51:23:37:c8:2d:b4:
                    d2:78:23:c1:c1:9e:cf:cf:8c:c6:b4:46:fe:da:6d:
                    ac:65:b0:9d:48:27:59:26:9f:8e:cb:6b:4a:4c:f5:
                    19:68:3b:31:f3:90:fb:9b:73:0f:33:8e:4b:ac:c0:
                    88:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:BF:02:F0:4E:C4:30:8C:B5:B6:07:8B:D0:6A:17:CB:00:D8:33:69
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/caf466-6e6c-4009-a55a-5fa9da03f570/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/caf466-6e6c-4009-a55a-5fa9da03f570/1/n78C8E7EMIy1tgeL0GoXywDYM2k.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:d0c::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216391

    Signature Algorithm: sha256WithRSAEncryption
         ac:cd:6c:ef:29:b0:9f:f6:e6:7b:5f:2e:ac:40:7b:65:72:65:
         3c:e2:bc:57:af:58:e3:c9:04:d7:f0:3c:92:bb:20:ec:f9:88:
         c4:03:fb:36:0d:1e:7f:53:15:ba:da:61:f1:8d:7d:52:58:99:
         6b:de:16:19:27:2c:e5:40:0c:e3:d5:12:33:19:e0:c7:19:2f:
         78:c0:f6:ec:e8:af:0b:ec:48:15:6e:47:e2:27:d1:4c:b6:53:
         9a:95:a6:fb:16:f5:aa:f9:b2:0a:c9:cd:90:d8:2d:20:79:fa:
         34:d6:57:eb:d6:26:a6:8a:a6:0b:09:14:a5:96:50:20:5e:0e:
         c9:d7:22:5f:83:d1:75:2b:03:68:d2:37:2a:71:38:45:70:0c:
         de:9a:8e:bc:74:a5:ac:f8:52:82:ee:91:81:28:c8:2f:25:b8:
         ab:2b:1e:65:b9:e9:4c:a4:e9:d4:bf:5a:ac:86:72:9b:8b:15:
         cf:c4:52:89:ac:20:3a:fa:42:e7:bd:14:67:a8:f5:d7:81:19:
         d8:8b:fd:96:28:52:25:3f:ad:47:04:a9:d8:fd:33:67:14:3c:
         9e:d6:99:9a:da:a1:a2:c9:1c:72:b1:d0:01:f0:8a:39:f7:9e:
         ca:78:3a:63:3f:3e:87:58:f1:f3:4c:51:99:10:a8:e6:6d:12:
         a3:53:33:d7
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZc3ZMh1V6nsS2+SvyDLcXtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjAzMjAwNDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmJmMDJmMDRlYzQzMDhjYjViNjA3OGJkMDZhMTdjYjAwZDgzMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ga6XNEzQ38VhRsjoqXkg6D67RRp
HrSJ20JzkmMcTGqwmpgFIPKbh7epi6B1khbwoaS/emD0LBLULosGO+ag14U8S/z4
3UdySm0/FPDv6fw1mC3izSUGjzgBDVRKM1FbXmmDWaOkQZaxbefvU9JBEfi9XRwX
BIGTV06v0qyg02vjMhpGug3y5Tc38v6pQNYUAN0AZ/MRz+UEyYl8jx90ZT1ge9Dr
CLLCuqx08sgs3MWuE21H2aG0csdLJsAQyOVPFl8CE+8s+iHU/ElRIzfILbTSeCPB
wZ7Pz4zGtEb+2m2sZbCdSCdZJp+Oy2tKTPUZaDsx85D7m3MPM45LrMCI0wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFJ+/AvBOxDCMtbYHi9BqF8sA2DNpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2L2NhZjQ2
Ni02ZTZjLTQwMDktYTU1YS01ZmE5ZGEwM2Y1NzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvY2FmNDY2
LTZlNmMtNDAwOS1hNTVhLTVmYTlkYTAzZjU3MC8xL243OEM4RTdFTUl5MXRnZUww
R29YeXdEWU0yay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA0MMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwNNRzANBgkqhkiG9w0BAQsFAAOCAQEArM1s7ymwn/bme18urEB7ZXJlPOK8
V69Y48kE1/A8krsg7PmIxAP7Ng0ef1MVutph8Y19UliZa94WGScs5UAM49USMxng
xxkveMD27OivC+xIFW5H4ifRTLZTmpWm+xb1qvmyCsnNkNgtIHn6NNZX69Ympoqm
CwkUpZZQIF4OydciX4PRdSsDaNI3KnE4RXAM3pqOvHSlrPhSgu6RgSjILyW4qyse
ZbnpTKTp1L9arIZym4sVz8RSiawgOvpC570UZ6j114EZ2Iv9lihSJT+tRwSp2P0z
ZxQ8ntaZmtqhoskccrHQAfCKOfeeyng6Yz8+h1jx80xRmRCo5m0So1Mz1w==
-----END CERTIFICATE-----