Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rb65YXJeTVu08lSJhtlvzG00nmQ.cer
File:                     rb65YXJeTVu08lSJhtlvzG00nmQ.cer (raw, json)
Hash identifier:          YIxfrBmKkL0Xs/NUzds08sfwEWPQzgxRUznUtfrDjEo=
Subject key identifier:   AD:BE:B9:61:72:5E:4D:5B:B4:F2:54:89:86:D9:6F:CC:6D:34:9E:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019D2F8CAAAF17611EB871AD62DB330A610F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/56/926861-d9d7-4b55-9024-83d625bf1bf1/1/rb65YXJeTVu08lSJhtlvzG00nmQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/56/926861-d9d7-4b55-9024-83d625bf1bf1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 27 Mar 2026 13:47:21 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 199651
                          AS: 203753
                          AS: 213787
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2f:8c:aa:af:17:61:1e:b8:71:ad:62:db:33:0a:61:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 27 13:47:21 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=adbeb961725e4d5bb4f2548986d96fcc6d349e64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e5:5d:4f:1a:de:36:c1:32:d0:7d:74:c3:8e:
                    d8:68:f3:20:34:28:98:6e:a1:74:ea:84:39:1d:ba:
                    f6:a9:15:ac:ea:93:c1:e3:f8:7e:7b:ee:df:35:34:
                    a3:5a:19:07:0d:ab:ed:d6:30:42:ad:94:00:92:b2:
                    f0:dc:29:1a:86:f3:11:89:56:bf:6a:ea:e2:63:7d:
                    16:4f:9d:cd:43:4c:e1:bb:17:70:fe:81:47:48:97:
                    3b:23:45:d5:45:b7:cc:15:f8:9f:22:c1:48:ed:47:
                    d8:91:d6:16:b4:7a:8b:bc:ff:c0:85:49:e3:78:7c:
                    98:59:fb:66:54:2c:df:f6:9f:1f:8d:c5:a4:7c:c6:
                    d6:8c:51:76:8c:ed:ac:d8:99:7b:28:10:25:ec:d0:
                    4f:37:5d:84:e7:44:f4:fd:4c:ca:6a:34:02:a6:b5:
                    ff:8a:4a:a5:03:99:1a:c9:d3:c8:38:40:c7:45:80:
                    19:dc:2b:ac:b0:67:1c:a6:58:70:42:73:88:bd:35:
                    06:bf:dd:63:d1:63:66:44:36:d0:98:88:9d:d0:7e:
                    2e:57:e7:43:c7:11:a6:3d:cf:2e:b6:d1:57:c8:f4:
                    3e:b3:66:85:fe:53:02:d7:37:e0:62:ac:62:64:c2:
                    72:0d:95:d3:67:e6:67:35:ef:68:b8:6f:ec:08:96:
                    f0:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:BE:B9:61:72:5E:4D:5B:B4:F2:54:89:86:D9:6F:CC:6D:34:9E:64
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/926861-d9d7-4b55-9024-83d625bf1bf1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/926861-d9d7-4b55-9024-83d625bf1bf1/1/rb65YXJeTVu08lSJhtlvzG00nmQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199651
                  203753
                  213787

    Signature Algorithm: sha256WithRSAEncryption
         2a:60:f4:68:ad:c6:68:65:a0:51:95:a9:09:ce:27:23:ca:a2:
         2c:f2:d2:53:15:0f:d4:f8:28:4b:f1:c5:54:46:0e:c3:74:02:
         78:a0:6d:8c:fe:12:81:51:fa:fd:72:19:41:49:95:07:d3:25:
         81:ee:5d:04:c4:13:b9:95:d2:a0:bb:24:6d:f6:c6:1d:fc:4f:
         d4:db:2a:e4:f1:d9:07:1d:69:ed:d0:05:66:0c:c9:14:43:90:
         78:00:1d:1d:b3:ec:29:e8:57:70:91:1d:46:27:59:ce:0f:2c:
         15:13:ce:4e:3d:ed:b4:6b:6b:de:dc:21:d8:08:79:06:20:13:
         da:55:a5:8c:d5:85:bd:5e:fe:72:f8:42:37:bb:d5:35:29:06:
         7d:65:ad:6b:e7:13:79:9b:a0:a2:dd:5f:67:3f:f3:b0:65:b6:
         7a:74:dc:64:4d:ce:91:65:9c:ce:ca:f2:d5:8f:13:99:7d:27:
         94:f0:c0:3e:e2:b6:33:ed:ef:2d:26:14:02:18:67:7d:45:bc:
         9a:5b:f3:ca:d9:54:8a:24:5b:d7:be:cf:8e:27:54:89:bc:b1:
         65:fa:a2:e0:32:c4:76:91:55:5d:13:d4:76:86:4c:2d:7b:11:
         3b:6a:d7:f3:97:36:a4:6f:2f:2b:0b:5b:ef:e5:d7:bc:83:95:
         c5:5f:be:59
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZ0vjKqvF2EeuHGtYtszCmEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMzI3MTM0NzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGJlYjk2MTcyNWU0ZDViYjRmMjU0ODk4NmQ5NmZjYzZkMzQ5ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eVdTxreNsEy0H10w47YaPMgNCiY
bqF06oQ5Hbr2qRWs6pPB4/h+e+7fNTSjWhkHDavt1jBCrZQAkrLw3CkahvMRiVa/
auriY30WT53NQ0zhuxdw/oFHSJc7I0XVRbfMFfifIsFI7UfYkdYWtHqLvP/AhUnj
eHyYWftmVCzf9p8fjcWkfMbWjFF2jO2s2Jl7KBAl7NBPN12E50T0/UzKajQCprX/
ikqlA5kaydPIOEDHRYAZ3CussGccplhwQnOIvTUGv91j0WNmRDbQmIid0H4uV+dD
xxGmPc8uttFXyPQ+s2aF/lMC1zfgYqxiZMJyDZXTZ+ZnNe9ouG/sCJbwiwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFK2+uWFyXk1btPJUiYbZb8xtNJ5kMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU2LzkyNjg2
MS1kOWQ3LTRiNTUtOTAyNC04M2Q2MjViZjFiZjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYvOTI2ODYx
LWQ5ZDctNGI1NS05MDI0LTgzZDYyNWJmMWJmMS8xL3JiNjVZWEplVFZ1MDhsU0po
dGx2ekcwMG5tUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCQGCCsGAQUF
BwEIAQH/BBUwE6ARMA8CAwML4wIDAxvpAgMDQxswDQYJKoZIhvcNAQELBQADggEB
ACpg9GitxmhloFGVqQnOJyPKoizy0lMVD9T4KEvxxVRGDsN0AnigbYz+EoFR+v1y
GUFJlQfTJYHuXQTEE7mV0qC7JG32xh38T9TbKuTx2Qcdae3QBWYMyRRDkHgAHR2z
7CnoV3CRHUYnWc4PLBUTzk497bRra97cIdgIeQYgE9pVpYzVhb1e/nL4Qje71TUp
Bn1lrWvnE3mboKLdX2c/87Bltnp03GRNzpFlnM7K8tWPE5l9J5TwwD7itjPt7y0m
FAIYZ31FvJpb88rZVIokW9e+z44nVIm8sWX6ouAyxHaRVV0T1HaGTC17ETtq1/OX
NqRvLysLW+/l17yDlcVfvlk=
-----END CERTIFICATE-----