Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rW1JWSOA8Lml4qzHFA5tJJy6eGM.cer
File:                     rW1JWSOA8Lml4qzHFA5tJJy6eGM.cer (raw, json)
Hash identifier:          kVaL6uE9P8yUTCOE3o0jj4Skw7eOPzvWXgNueH0Hl0k=
Subject key identifier:   AD:6D:49:59:23:80:F0:B9:A5:E2:AC:C7:14:0E:6D:24:9C:BA:78:63
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019E7637DEA68D4BEF2410EB1232A40747F3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/4af4a62e-3ef5-4a36-b0d3-7825bec134ab/2/AD6D49592380F0B9A5E2ACC7140E6D249CBA7863.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/4af4a62e-3ef5-4a36-b0d3-7825bec134ab/2/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Sat 30 May 2026 00:10:33 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 199746
                          AS: 204464
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Jun 2026 07:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:76:37:de:a6:8d:4b:ef:24:10:eb:12:32:a4:07:47:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May 30 00:10:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ad6d49592380f0b9a5e2acc7140e6d249cba7863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3c:aa:7e:7f:cf:2e:4b:a5:9f:e8:26:68:30:
                    cf:c3:41:13:22:13:81:d8:e3:a5:89:61:72:fb:bb:
                    4a:06:02:60:7a:b9:8e:02:dc:8f:c3:fc:95:05:ed:
                    af:2e:fc:ec:f3:28:a2:02:d3:1e:92:7c:f3:17:aa:
                    a0:30:09:f2:fe:20:4f:5b:28:1f:ee:d2:eb:c7:bd:
                    42:53:38:b0:05:9b:1a:6e:3e:d6:75:f1:1c:62:f3:
                    2d:fe:72:ec:13:5a:0a:cc:be:0c:01:51:33:3e:43:
                    74:1a:47:a0:cb:9c:dc:76:41:3f:9f:f7:24:23:7b:
                    d4:46:82:73:f5:e2:d6:2e:30:20:01:93:7e:28:23:
                    7f:ea:95:f9:7a:f0:f8:00:47:fe:91:30:c0:e1:d6:
                    a2:ee:6d:9a:35:0b:59:78:a7:f9:80:f9:c2:25:de:
                    62:e6:b7:b2:51:49:17:3f:3b:f4:3a:c1:5e:35:75:
                    8a:e0:72:71:6d:6b:7f:e4:df:cf:52:fa:e4:e3:32:
                    27:24:89:e1:4b:61:c5:d4:5e:f7:37:7f:e6:07:bd:
                    5b:53:21:f9:d5:7f:2e:33:dd:7c:ec:c9:ff:54:e7:
                    12:01:ab:33:32:11:46:80:a9:6c:29:ee:68:fb:2c:
                    6e:d9:52:10:77:ef:f8:d6:64:4a:fc:03:68:2e:99:
                    45:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:6D:49:59:23:80:F0:B9:A5:E2:AC:C7:14:0E:6D:24:9C:BA:78:63
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/4af4a62e-3ef5-4a36-b0d3-7825bec134ab/2/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/4af4a62e-3ef5-4a36-b0d3-7825bec134ab/2/AD6D49592380F0B9A5E2ACC7140E6D249CBA7863.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199746
                  204464

    Signature Algorithm: sha256WithRSAEncryption
         8b:20:43:9a:b5:fd:dc:06:ce:0b:e3:63:3e:bf:26:80:a1:55:
         fc:77:fc:24:58:ff:69:6a:2c:c1:d7:86:d1:b4:d4:c4:a3:cd:
         21:c1:1c:6b:5b:e1:b1:39:78:90:ce:46:15:99:21:c7:38:60:
         c6:39:de:31:12:88:2e:68:20:e0:94:1f:51:c1:c4:9d:68:bd:
         98:59:c2:33:e6:5d:c8:38:64:c6:6c:fb:0d:cc:ab:e8:8a:a9:
         fc:a9:57:b7:c1:39:ea:e6:0d:ee:12:a5:f5:52:5c:3a:85:94:
         2b:e3:25:fa:35:85:bc:af:8b:e8:d1:c8:cd:b9:d6:ed:d7:e4:
         2e:4c:3b:44:72:e3:8f:e3:8a:00:fd:3e:ab:ed:12:ca:3a:4f:
         79:94:97:d4:f7:6f:a9:21:7f:bf:88:c7:e0:33:76:34:19:79:
         d9:67:f0:75:eb:cd:a4:84:1e:d7:21:43:06:77:e7:0b:67:ee:
         f6:8e:14:98:e7:9c:1a:eb:63:7e:96:78:85:fd:de:25:b9:77:
         f7:07:06:28:a8:2b:0b:a0:f6:e2:51:1e:88:db:d4:55:96:19:
         5f:14:85:41:4b:72:bf:be:37:71:36:11:cf:80:e0:06:9c:e1:
         3d:05:e3:77:3b:30:b9:9f:7a:19:2d:de:d3:39:70:7a:89:93:
         df:76:4a:45
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZ52N96mjUvvJBDrEjKkB0fzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwNTMwMDAxMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZkNDk1OTIzODBmMGI5YTVlMmFjYzcxNDBlNmQyNDljYmE3ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTyqfn/PLkuln+gmaDDPw0ETIhOB
2OOliWFy+7tKBgJgermOAtyPw/yVBe2vLvzs8yiiAtMeknzzF6qgMAny/iBPWygf
7tLrx71CUziwBZsabj7WdfEcYvMt/nLsE1oKzL4MAVEzPkN0Gkegy5zcdkE/n/ck
I3vURoJz9eLWLjAgAZN+KCN/6pX5evD4AEf+kTDA4dai7m2aNQtZeKf5gPnCJd5i
5reyUUkXPzv0OsFeNXWK4HJxbWt/5N/PUvrk4zInJInhS2HF1F73N3/mB71bUyH5
1X8uM9187Mn/VOcSAaszMhFGgKlsKe5o+yxu2VIQd+/41mRK/ANoLplFTQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFK1tSVkjgPC5peKsxxQObSScunhjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzRhZjRh
NjJlLTNlZjUtNGEzNi1iMGQzLTc4MjViZWMxMzRhYi8yLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNGFm
NGE2MmUtM2VmNS00YTM2LWIwZDMtNzgyNWJlYzEzNGFiLzIvQUQ2RDQ5NTkyMzgw
RjBCOUE1RTJBQ0M3MTQwRTZEMjQ5Q0JBNzg2My5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMDDEIC
AwMesDANBgkqhkiG9w0BAQsFAAOCAQEAiyBDmrX93AbOC+NjPr8mgKFV/Hf8JFj/
aWoswdeG0bTUxKPNIcEca1vhsTl4kM5GFZkhxzhgxjneMRKILmgg4JQfUcHEnWi9
mFnCM+ZdyDhkxmz7Dcyr6Iqp/KlXt8E56uYN7hKl9VJcOoWUK+Ml+jWFvK+L6NHI
zbnW7dfkLkw7RHLjj+OKAP0+q+0SyjpPeZSX1PdvqSF/v4jH4DN2NBl52WfwdevN
pIQe1yFDBnfnC2fu9o4UmOecGutjfpZ4hf3eJbl39wcGKKgrC6D24lEeiNvUVZYZ
XxSFQUtyv743cTYRz4DgBpzhPQXjdzswuZ96GS3e0zlweomT33ZKRQ==
-----END CERTIFICATE-----