Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/u0RrRpwZ6VUOQ8xnPKMVpkg_reo.cer
File:                     u0RrRpwZ6VUOQ8xnPKMVpkg_reo.cer (raw, json)
Hash identifier:          Glbub+JqSjn9kPy/WuckELoSaahgbVgZqZOZN/1QvSI=
Subject key identifier:   BB:44:6B:46:9C:19:E9:55:0E:43:CC:67:3C:A3:15:A6:48:3F:AD:EA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC79403078E5C48DC7F3DB94ADB8B0912
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/65/0100dc-6be9-40e1-9138-45b863fea7ac/1/u0RrRpwZ6VUOQ8xnPKMVpkg_reo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/65/0100dc-6be9-40e1-9138-45b863fea7ac/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:30:15 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 48950

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:03:07:8e:5c:48:dc:7f:3d:b9:4a:db:8b:09:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb446b469c19e9550e43cc673ca315a6483fadea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:bd:80:ae:8f:f6:01:89:f6:60:a3:76:1a:16:
                    64:39:7a:aa:2b:a2:31:de:e8:ed:71:ea:02:88:04:
                    c9:dc:23:e8:61:fb:d6:85:17:76:0c:bc:65:eb:f0:
                    5e:ab:58:41:2b:a8:66:b9:7b:78:3f:29:a9:bb:22:
                    14:45:5f:17:0e:c3:9b:c2:06:f5:5d:4b:ca:55:85:
                    fe:08:15:4b:56:c6:53:41:1d:70:94:3c:0b:39:af:
                    b9:9c:0e:b9:b6:a8:45:51:26:b5:64:18:80:1a:41:
                    9f:74:c1:ce:24:a1:76:48:be:f4:23:c5:2e:fd:d8:
                    79:92:12:85:66:17:89:5d:f1:82:9f:43:7a:bb:30:
                    98:84:99:f1:fd:d4:aa:a7:82:96:8d:c4:2c:7e:07:
                    91:34:8e:76:44:bf:f3:f3:6b:b3:cc:1c:20:37:c7:
                    9c:0e:df:25:39:31:08:ad:37:43:fc:31:b4:cd:67:
                    f6:d9:41:40:76:dd:51:4f:cc:cc:c8:67:4e:15:5f:
                    23:01:f9:24:52:e0:f5:ad:c1:f8:85:45:52:88:80:
                    69:3a:97:0e:fe:6a:67:59:68:bd:b7:af:8f:28:e0:
                    f2:65:52:00:ec:db:ba:19:a0:54:54:c1:12:1a:3c:
                    62:58:e4:0c:b9:e2:61:60:ba:a7:a5:4c:45:73:82:
                    72:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:44:6B:46:9C:19:E9:55:0E:43:CC:67:3C:A3:15:A6:48:3F:AD:EA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0100dc-6be9-40e1-9138-45b863fea7ac/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0100dc-6be9-40e1-9138-45b863fea7ac/1/u0RrRpwZ6VUOQ8xnPKMVpkg_reo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48950

    Signature Algorithm: sha256WithRSAEncryption
         45:fd:f4:05:2e:72:53:e0:31:fb:f7:f1:bd:d1:f2:94:f5:57:
         31:6a:89:98:e1:99:dd:90:c0:ae:7e:07:55:69:d7:7d:0a:43:
         90:05:41:ec:eb:1d:c3:6d:5d:14:35:cb:9c:e2:9c:5c:18:de:
         35:d8:84:86:97:6d:d2:bf:84:b4:98:1a:58:32:96:67:0b:0d:
         3b:64:b0:3a:52:8c:69:f0:e1:a7:04:3d:76:eb:58:30:7d:8b:
         3c:bb:de:f4:09:f8:1f:19:12:19:da:1a:23:55:a3:89:b4:8a:
         34:b5:8b:c2:06:1c:b8:e9:27:5f:28:bd:84:69:24:ee:09:9d:
         e4:24:fa:15:03:93:19:b7:0d:5f:55:44:1e:62:0c:90:81:36:
         ad:6c:76:3b:87:a9:f4:d5:30:f3:42:1a:be:56:54:23:81:00:
         3f:9a:5f:78:cd:74:f4:94:84:e7:bf:77:71:bf:f0:b3:bf:bf:
         00:6f:8e:11:12:84:60:6d:cf:8a:0e:ed:8d:c6:3c:9d:2e:43:
         82:27:1f:14:c8:ee:92:5a:13:96:56:cb:0d:24:b8:4f:2b:4f:
         38:a9:a6:6e:b4:51:09:5c:65:1d:49:32:4a:42:78:a6:97:19:
         68:cb:a3:1a:c5:d4:1d:6b:b3:05:42:91:c0:93:d8:fa:a2:fd:
         10:bd:a5:5d
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHlAMHjlxI3H89uUrbiwkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ0NmI0NjljMTllOTU1MGU0M2NjNjczY2EzMTVhNjQ4M2ZhZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb2Aro/2AYn2YKN2GhZkOXqqK6Ix
3ujtceoCiATJ3CPoYfvWhRd2DLxl6/Beq1hBK6hmuXt4PympuyIURV8XDsObwgb1
XUvKVYX+CBVLVsZTQR1wlDwLOa+5nA65tqhFUSa1ZBiAGkGfdMHOJKF2SL70I8Uu
/dh5khKFZheJXfGCn0N6uzCYhJnx/dSqp4KWjcQsfgeRNI52RL/z82uzzBwgN8ec
Dt8lOTEIrTdD/DG0zWf22UFAdt1RT8zMyGdOFV8jAfkkUuD1rcH4hUVSiIBpOpcO
/mpnWWi9t6+PKODyZVIA7Nu6GaBUVMESGjxiWOQMueJhYLqnpUxFc4JyUQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLtEa0acGelVDkPMZzyjFaZIP63qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1LzAxMDBk
Yy02YmU5LTQwZTEtOTEzOC00NWI4NjNmZWE3YWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvMDEwMGRj
LTZiZTktNDBlMS05MTM4LTQ1Yjg2M2ZlYTdhYy8xL3UwUnJScHdaNlZVT1E4eG5Q
S01WcGtnX3Jlby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC/NjANBgkqhkiG9w0BAQsFAAOCAQEARf30BS5yU+Ax
+/fxvdHylPVXMWqJmOGZ3ZDArn4HVWnXfQpDkAVB7Osdw21dFDXLnOKcXBjeNdiE
hpdt0r+EtJgaWDKWZwsNO2SwOlKMafDhpwQ9dutYMH2LPLve9An4HxkSGdoaI1Wj
ibSKNLWLwgYcuOknXyi9hGkk7gmd5CT6FQOTGbcNX1VEHmIMkIE2rWx2O4ep9NUw
80IavlZUI4EAP5pfeM109JSE5793cb/ws7+/AG+OERKEYG3Pig7tjcY8nS5Dgicf
FMjukloTllbLDSS4TytPOKmmbrRRCVxlHUkySkJ4ppcZaMujGsXUHWuzBUKRwJPY
+qL9EL2lXQ==
-----END CERTIFICATE-----