Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
File:                     qfCQLHsw_sPg3PXyO_7fUBgjQps.cer (raw, json)
Hash identifier:          23Fo+cwVZtp3zKCetNKqB/qjdsmShGFACt/E5CC/xuM=
Subject key identifier:   A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018F7C75924CEEA9DB37863D8DC6252915D8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 15 May 2024 13:33:51 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 214934

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Sep 2024 14:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:7c:75:92:4c:ee:a9:db:37:86:3d:8d:c6:25:29:15:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May 15 13:33:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:96:e9:da:dd:f5:a7:08:3c:2d:48:8d:e1:74:
                    61:e3:5a:6d:91:c9:d4:07:59:8b:59:cb:9a:1d:37:
                    8a:15:80:41:96:78:ca:33:5c:e9:29:10:6a:61:c2:
                    76:f9:ce:59:20:ae:10:4d:f1:ae:22:6b:d4:8f:12:
                    24:5a:25:d1:47:02:1e:23:1d:dd:2a:1f:6c:fd:9e:
                    4d:fc:1e:76:db:80:39:e0:54:43:77:78:04:c2:bb:
                    8d:b9:ad:06:e5:b6:c2:27:e4:5c:00:1c:f0:9c:f5:
                    a1:46:b3:93:ec:f0:87:6b:6d:70:91:17:c1:31:87:
                    3b:72:98:37:e4:92:ac:df:05:99:a9:cd:06:d6:5b:
                    8b:5c:b1:db:08:25:b7:45:74:4c:aa:ce:06:04:12:
                    75:a5:e0:8d:d2:84:68:9b:a2:65:8a:21:a6:d8:47:
                    3d:24:64:da:02:16:ed:64:5e:5f:3e:35:ea:4d:19:
                    96:fe:7b:36:99:2b:4c:c3:29:7f:3a:31:40:47:f0:
                    4a:ee:f8:a3:93:ea:0a:61:71:b3:20:9e:4e:43:2a:
                    b1:1b:10:2f:d0:73:b1:51:bb:32:c4:eb:42:76:59:
                    1a:2f:c8:69:be:77:e5:c2:28:2a:d0:81:ad:8a:81:
                    7c:76:2a:38:49:14:e1:29:7d:f7:cf:0e:cf:e7:8e:
                    05:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214934

    Signature Algorithm: sha256WithRSAEncryption
         1b:3b:e5:7c:18:b8:ec:02:23:b8:9a:dc:6e:70:7b:89:57:fa:
         73:b1:85:ba:86:9f:f5:85:86:53:ff:f5:33:f4:ac:3c:1a:a0:
         4c:2c:1a:73:5e:06:a7:67:0c:b2:90:53:03:ef:45:0e:ba:fe:
         2a:e9:4a:8d:d3:73:45:b3:90:c5:19:3e:d8:e7:2c:6f:af:1e:
         ba:28:a8:19:97:79:95:7b:bb:a8:06:9b:42:bd:47:3c:90:90:
         6b:ab:3c:9a:e2:01:3d:76:4f:12:f1:95:f5:fb:52:c4:d3:ee:
         da:37:3f:14:74:44:4d:6c:be:3f:89:1c:3c:64:f6:06:c8:05:
         f1:e5:e8:4e:44:8d:e1:3c:52:31:b2:87:49:bc:57:8d:d2:7c:
         29:53:a1:c6:12:4f:e5:9c:05:f7:62:6e:35:6c:29:f6:1a:a9:
         cb:69:cb:81:d0:ed:72:63:f9:b6:b3:de:9b:27:48:be:d3:44:
         98:7c:88:76:25:ec:9f:cf:34:a9:83:07:78:18:01:3b:ae:f9:
         5a:67:bd:38:31:6c:3d:9b:8e:67:bb:d1:c6:34:48:8f:3a:93:
         65:32:d1:3b:58:d6:87:3e:0f:ba:9a:e6:31:11:ca:52:cf:aa:
         eb:e7:72:da:60:3a:de:3a:27:52:26:78:9a:a7:17:61:2e:58:
         54:b8:59:fa
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY98dZJM7qnbN4Y9jcYlKRXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTE1MTMzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYwOTAyYzdiMzBmZWMzZTBkY2Y1ZjIzYmZlZGY1MDE4MjM0MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJbp2t31pwg8LUiN4XRh41ptkcnU
B1mLWcuaHTeKFYBBlnjKM1zpKRBqYcJ2+c5ZIK4QTfGuImvUjxIkWiXRRwIeIx3d
Kh9s/Z5N/B5224A54FRDd3gEwruNua0G5bbCJ+RcABzwnPWhRrOT7PCHa21wkRfB
MYc7cpg35JKs3wWZqc0G1luLXLHbCCW3RXRMqs4GBBJ1peCN0oRom6JliiGm2Ec9
JGTaAhbtZF5fPjXqTRmW/ns2mStMwyl/OjFAR/BK7vijk+oKYXGzIJ5OQyqxGxAv
0HOxUbsyxOtCdlkaL8hpvnflwigq0IGtioF8dio4SRThKX33zw7P544F7wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFKnwkCx7MP7D4Nz18jv+31AYI0KbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzL2Q2NmZm
My1iNjA3LTQ3NmUtOGQ1ZS04OTY4NTY1ZGY2M2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvZDY2ZmYz
LWI2MDctNDc2ZS04ZDVlLTg5Njg1NjVkZjYzYS8xL3FmQ1FMSHN3X3NQZzNQWHlP
XzdmVUJnalFwcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNHljANBgkqhkiG9w0BAQsFAAOCAQEAGzvlfBi47AIj
uJrcbnB7iVf6c7GFuoaf9YWGU//1M/SsPBqgTCwac14Gp2cMspBTA+9FDrr+KulK
jdNzRbOQxRk+2Ocsb68euiioGZd5lXu7qAabQr1HPJCQa6s8muIBPXZPEvGV9ftS
xNPu2jc/FHRETWy+P4kcPGT2BsgF8eXoTkSN4TxSMbKHSbxXjdJ8KVOhxhJP5ZwF
92JuNWwp9hqpy2nLgdDtcmP5trPemydIvtNEmHyIdiXsn880qYMHeBgBO675Wme9
ODFsPZuOZ7vRxjRIjzqTZTLRO1jWhz4PuprmMRHKUs+q6+dy2mA63jonUiZ4mqcX
YS5YVLhZ+g==
-----END CERTIFICATE-----