Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nlAUVuEieYvbj3OVRb9hSMfNEWU.cer
File:                     nlAUVuEieYvbj3OVRb9hSMfNEWU.cer (raw, json)
Hash identifier:          7lGK0Pax+eT+z7x4YDvw1dlrVIAi5yxIEr7F7AIfNAU=
Subject key identifier:   9E:50:14:56:E1:22:79:8B:DB:8F:73:95:45:BF:61:48:C7:CD:11:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3FB31739E8DBCD71C61502ADF8B08AD
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.komorebi.network/repo/komorebi/0/9E501456E122798BDB8F739545BF6148C7CD1165.mft
caRepository:             rsync://rpki.komorebi.network/repo/komorebi/0/
Notify URL:               https://rpki.komorebi.network:3030/rrdp/notification.xml
Certificate not before:   Mon 01 Jan 2024 07:44:28 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 199376
                          AS: 199762

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:fb:31:73:9e:8d:bc:d7:1c:61:50:2a:df:8b:08:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:44:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9e501456e122798bdb8f739545bf6148c7cd1165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6c:88:2d:ab:be:23:54:24:c3:67:ad:ab:5c:
                    75:4c:8e:a9:7f:01:1d:0a:74:cf:f7:d6:9a:e2:1c:
                    6b:b7:b8:41:0d:52:85:a1:35:00:d6:98:86:fa:04:
                    36:fa:56:ea:f6:67:61:dc:80:3b:a5:dd:82:51:ee:
                    7d:ea:24:8e:9a:52:23:d1:ce:8d:f1:bf:ac:fa:9a:
                    43:2e:22:c2:86:14:bc:ac:b4:a9:6b:16:d8:76:38:
                    eb:04:95:4e:df:d2:7e:9c:9e:c7:70:1a:c7:f3:51:
                    cc:e5:e4:00:b3:83:8e:f5:57:85:e2:58:d3:cd:35:
                    3e:85:46:a6:fc:ee:3a:5c:59:1a:ff:6c:57:4c:9d:
                    8d:c8:ca:47:b7:d0:00:7b:7a:6a:0b:75:8f:03:0b:
                    09:b0:d7:8b:80:59:76:09:88:f5:64:2f:35:f0:a0:
                    af:d6:f8:2c:e1:ac:62:27:e5:ca:a8:ef:9b:33:c4:
                    14:36:21:87:e7:3c:73:e3:86:46:4a:bc:41:d7:ea:
                    95:4c:93:8d:0b:00:01:9c:4b:21:04:2f:74:d3:bf:
                    c0:05:3a:2c:71:0f:83:65:f8:3c:68:10:47:75:91:
                    5a:45:c2:3e:d2:ba:91:a1:35:fa:c6:f4:56:e5:f5:
                    ae:d9:85:e8:a5:4b:40:00:af:bc:31:30:dc:28:f1:
                    3b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:50:14:56:E1:22:79:8B:DB:8F:73:95:45:BF:61:48:C7:CD:11:65
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.komorebi.network/repo/komorebi/0/
                RPKI Manifest - URI:rsync://rpki.komorebi.network/repo/komorebi/0/9E501456E122798BDB8F739545BF6148C7CD1165.mft
                RPKI Notify - URI:https://rpki.komorebi.network:3030/rrdp/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199376
                  199762

    Signature Algorithm: sha256WithRSAEncryption
         6a:64:47:ca:34:be:98:f6:e6:de:87:03:9b:28:23:b7:64:7c:
         0a:7e:24:9f:5d:89:6f:88:ca:03:df:a2:9e:59:9e:63:54:71:
         d5:a0:26:6c:0c:97:7d:ec:1d:18:63:a8:96:94:18:70:51:17:
         cc:f8:f5:40:41:17:45:0a:c1:62:c9:a8:58:13:ca:e7:64:1c:
         14:b1:f1:60:ef:29:f3:0d:1e:7c:2e:db:ae:f9:ea:12:58:a7:
         16:1d:fe:25:3d:9f:c0:ea:33:08:9e:f8:99:41:03:4f:d5:24:
         cc:3e:c8:a7:51:02:bb:3d:0c:3f:0b:c8:4a:38:48:cc:36:71:
         ea:c8:fb:4f:f3:f3:66:04:53:04:64:0b:b4:de:d2:9b:12:be:
         c9:52:a9:c5:6b:1e:a0:cd:f0:3f:56:6f:f1:74:94:3d:a5:5d:
         c7:53:14:4d:25:35:ca:df:2a:58:bc:8a:18:e2:16:ab:0e:2d:
         4b:ea:c4:98:14:8d:5d:65:3e:39:cf:4b:eb:60:06:5b:24:97:
         42:66:89:d7:56:fb:db:13:d9:84:98:e7:40:10:fe:8e:b7:12:
         21:a8:96:13:f0:95:1c:fe:6c:ef:ac:9b:3e:21:07:87:48:88:
         e5:01:32:55:0e:b3:6b:5f:70:ca:9a:82:b1:63:4f:90:e8:26:
         1e:ab:a3:30
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzD+zFzno281xxhUCrfiwitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDc0NDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTUwMTQ1NmUxMjI3OThiZGI4ZjczOTU0NWJmNjE0OGM3Y2QxMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2yILau+I1Qkw2etq1x1TI6pfwEd
CnTP99aa4hxrt7hBDVKFoTUA1piG+gQ2+lbq9mdh3IA7pd2CUe596iSOmlIj0c6N
8b+s+ppDLiLChhS8rLSpaxbYdjjrBJVO39J+nJ7HcBrH81HM5eQAs4OO9VeF4ljT
zTU+hUam/O46XFka/2xXTJ2NyMpHt9AAe3pqC3WPAwsJsNeLgFl2CYj1ZC818KCv
1vgs4axiJ+XKqO+bM8QUNiGH5zxz44ZGSrxB1+qVTJONCwABnEshBC9007/ABTos
cQ+DZfg8aBBHdZFaRcI+0rqRoTX6xvRW5fWu2YXopUtAAK+8MTDcKPE7owIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJ5QFFbhInmL249zlUW/YUjHzRFlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgfoGCCsGAQUFBwELBIHtMIHqMDoGCCsGAQUFBzAFhi5yc3lu
YzovL3Jwa2kua29tb3JlYmkubmV0d29yay9yZXBvL2tvbW9yZWJpLzAvMGYGCCsG
AQUFBzAKhlpyc3luYzovL3Jwa2kua29tb3JlYmkubmV0d29yay9yZXBvL2tvbW9y
ZWJpLzAvOUU1MDE0NTZFMTIyNzk4QkRCOEY3Mzk1NDVCRjYxNDhDN0NEMTE2NS5t
ZnQwRAYIKwYBBQUHMA2GOGh0dHBzOi8vcnBraS5rb21vcmViaS5uZXR3b3JrOjMw
MzAvcnJkcC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VI
SUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwMK0AIDAwxSMA0GCSqGSIb3DQEBCwUAA4IB
AQBqZEfKNL6Y9ubehwObKCO3ZHwKfiSfXYlviMoD36KeWZ5jVHHVoCZsDJd97B0Y
Y6iWlBhwURfM+PVAQRdFCsFiyahYE8rnZBwUsfFg7ynzDR58Ltuu+eoSWKcWHf4l
PZ/A6jMInviZQQNP1STMPsinUQK7PQw/C8hKOEjMNnHqyPtP8/NmBFMEZAu03tKb
Er7JUqnFax6gzfA/Vm/xdJQ9pV3HUxRNJTXK3ypYvIoY4harDi1L6sSYFI1dZT45
z0vrYAZbJJdCZonXVvvbE9mEmOdAEP6OtxIhqJYT8JUc/mzvrJs+IQeHSIjlATJV
DrNrX3DKmoKxY0+Q6CYeq6Mw
-----END CERTIFICATE-----