Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
File:                     qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer (raw, json)
Hash identifier:          UZTk/iCShNzw8vUyy9yqGTvlZyNBXuOqqwRt4LdBzEU=
Subject key identifier:   AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019421B22836955D8DB160DE0FC8079A1D85
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 11:48:31 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 57682
                          IP: 192.102.6.0/23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:21:b2:28:36:95:5d:8d:b1:60:de:0f:c8:07:9a:1d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 11:48:31 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:5c:80:20:a9:81:a6:86:bd:92:11:7e:94:cd:
                    4c:fa:f1:9f:8f:07:3d:0c:01:c6:b7:d5:10:c2:8f:
                    75:0e:04:13:e2:c7:d5:16:17:69:5a:05:19:52:ca:
                    96:f4:0c:30:c4:29:ca:4e:89:47:c9:2e:54:22:a4:
                    ab:52:c9:33:50:9a:de:ae:fd:a2:e9:a2:d5:6b:20:
                    92:ae:ec:c8:7e:5f:49:f4:0c:9a:19:9b:70:9a:93:
                    d9:e5:ec:c5:98:2f:fb:6f:0d:92:fe:2f:f0:eb:71:
                    9a:45:83:4c:75:9e:67:a8:18:62:e6:2a:6d:03:65:
                    6a:f6:09:cb:bc:66:ad:fb:f9:31:69:59:b3:8a:bc:
                    b8:a3:61:e4:b9:fc:f8:26:fd:7c:98:86:03:f7:3b:
                    5b:ed:7b:d3:cc:7c:f7:de:b2:6e:5c:91:13:b5:b0:
                    bb:d8:7e:17:6f:9d:c2:3c:7d:70:8b:e9:ca:ea:f4:
                    df:a6:44:b5:f8:fb:4a:70:ed:62:60:22:b4:6a:3c:
                    f6:d9:db:0a:f3:b4:60:a7:0c:66:e0:42:22:72:2c:
                    dc:90:80:fb:86:8c:85:4f:7e:4e:9e:25:80:5e:24:
                    8c:53:b0:1a:fd:31:48:ef:6a:86:6e:e6:de:e8:89:
                    fd:7f:81:7a:36:01:5d:54:35:ea:43:98:93:93:47:
                    d6:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.102.6.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  57682

    Signature Algorithm: sha256WithRSAEncryption
         13:b8:7a:e2:fa:b6:ed:66:70:0c:e5:dc:12:3a:12:ef:ff:cf:
         77:be:6b:f0:a5:1a:d0:51:46:0d:ed:bc:93:5f:f6:dd:d2:83:
         bf:44:43:8b:29:b9:06:d0:4d:ef:89:ae:9f:a5:4a:9a:3f:b0:
         24:c1:9e:8e:14:71:b7:84:36:51:a1:86:ac:80:9f:ff:04:36:
         86:af:1c:6e:8f:86:c7:4a:3c:b2:81:7c:5e:e2:ef:b6:72:01:
         3f:b8:90:f1:44:61:c5:40:b3:08:d2:af:67:43:d7:f9:2c:4b:
         a9:fa:4e:91:40:e3:01:66:44:71:05:71:2b:60:e6:6a:62:13:
         b4:9f:31:2a:64:c9:f4:3f:63:e5:cc:00:e1:bc:51:c9:24:77:
         d1:e0:c1:bd:c7:26:e7:12:96:f2:82:f6:03:39:c6:52:09:00:
         20:2f:ca:f4:2a:2b:37:ad:e8:b5:73:af:18:a6:50:f7:b1:11:
         50:88:8f:f2:28:4b:e6:8b:e6:6c:50:ed:0d:cb:29:31:d4:b5:
         ba:c8:45:e3:18:fa:aa:13:f0:f1:28:bc:1d:87:a0:1a:24:30:
         c4:23:87:c9:06:ae:31:00:06:61:5d:b0:a3:1f:2f:d4:a1:b9:
         e0:81:02:1f:58:ea:e3:0c:80:6c:6c:66:10:97:38:c3:ff:3c:
         cc:3e:51:52
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQhsig2lV2NsWDeD8gHmh2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTJhNzA3OTM4YmE2MmZlMTllNjQ3NGRhYzc4N2RmM2Y4Y2ZkZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VyAIKmBpoa9khF+lM1M+vGfjwc9
DAHGt9UQwo91DgQT4sfVFhdpWgUZUsqW9AwwxCnKTolHyS5UIqSrUskzUJrerv2i
6aLVayCSruzIfl9J9AyaGZtwmpPZ5ezFmC/7bw2S/i/w63GaRYNMdZ5nqBhi5ipt
A2Vq9gnLvGat+/kxaVmziry4o2Hkufz4Jv18mIYD9ztb7XvTzHz33rJuXJETtbC7
2H4Xb53CPH1wi+nK6vTfpkS1+PtKcO1iYCK0ajz22dsK87Rgpwxm4EIicizckID7
hoyFT35OniWAXiSMU7Aa/TFI72qGbube6In9f4F6NgFdVDXqQ5iTk0fWgwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFKoqcHk4umL+GeZHTax4ffP4z97kMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FjLzlkNDJl
Zi03NGE1LTRmODItOGE4My1kNzE2ZjQwNjgxMzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMvOWQ0MmVm
LTc0YTUtNGY4Mi04YTgzLWQ3MTZmNDA2ODEzOS8xL3FpcHdlVGk2WXY0WjVrZE5y
SGg5OF9qUDN1US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwGYGMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDhUjANBgkqhkiG9w0BAQsFAAOCAQEAE7h64vq27WZwDOXcEjoS7//Pd75r8KUa
0FFGDe28k1/23dKDv0RDiym5BtBN74mun6VKmj+wJMGejhRxt4Q2UaGGrICf/wQ2
hq8cbo+Gx0o8soF8XuLvtnIBP7iQ8URhxUCzCNKvZ0PX+SxLqfpOkUDjAWZEcQVx
K2DmamITtJ8xKmTJ9D9j5cwA4bxRySR30eDBvccm5xKW8oL2AznGUgkAIC/K9Cor
N63otXOvGKZQ97ERUIiP8ihL5ovmbFDtDcspMdS1ushF4xj6qhPw8Si8HYegGiQw
xCOHyQauMQAGYV2wox8v1KG54IECH1jq4wyAbGxmEJc4w/88zD5RUg==
-----END CERTIFICATE-----