Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.cer
File:                     uR-NsC4ulx1U-Q7vEHCQOY_MPZI.cer (raw, json)
Hash identifier:          XRF0nZRMMRawEV7tSOf1a8nJ5a2x9VBaF+VzsYIuKBo=
Subject key identifier:   B9:1F:8D:B0:2E:2E:97:1D:54:F9:0E:EF:10:70:90:39:8F:CC:3D:92
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DC9E7D7719C9DFD78B6FA73B8DF22C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:30:19 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 198510

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:9e:7d:77:19:c9:df:d7:8b:6f:a7:3b:8d:f2:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:30:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b91f8db02e2e971d54f90eef107090398fcc3d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:cb:a7:35:6f:9e:da:f4:58:77:fe:d8:0a:
                    7d:5b:2a:8d:f4:fb:4c:cf:54:19:66:6e:82:4f:d5:
                    d3:9b:df:50:0a:65:e6:fa:34:d5:bf:55:70:01:23:
                    5c:6e:1d:a4:93:99:28:b3:06:8f:1d:ef:ed:a1:22:
                    ab:f4:9b:6e:9c:26:7b:33:54:e1:b5:7a:76:af:0a:
                    87:39:bb:95:96:a7:ad:06:8c:f9:45:c4:c6:c9:51:
                    74:78:7f:e6:5b:be:aa:b8:2f:84:b1:9f:ff:48:a6:
                    35:7b:a7:d6:10:1a:33:07:49:0b:8d:27:19:fc:e5:
                    32:40:b1:01:c5:74:0b:76:37:05:db:f8:87:98:bf:
                    e5:8d:ea:4c:3b:38:76:a0:53:ba:a3:0a:44:70:25:
                    23:80:da:cc:2a:f3:5a:f6:3a:03:02:91:d8:70:90:
                    3e:c7:4e:5d:33:ca:c3:12:ed:48:1a:0c:26:c2:c0:
                    ae:e2:4c:7e:7b:64:11:3b:7f:69:1a:8a:e5:a9:21:
                    72:57:39:03:96:9b:e2:22:89:80:68:51:8c:74:71:
                    84:0c:d6:4d:f0:f3:a7:49:af:49:d8:f3:49:81:63:
                    c0:52:0a:5b:5f:c6:a2:bb:84:92:a3:ec:51:51:30:
                    96:a5:09:bc:a4:40:8b:52:ee:d6:2d:62:68:b4:25:
                    56:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:1F:8D:B0:2E:2E:97:1D:54:F9:0E:EF:10:70:90:39:8F:CC:3D:92
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198510

    Signature Algorithm: sha256WithRSAEncryption
         38:ab:82:87:a5:40:bd:76:6d:75:0a:84:ee:54:d9:26:d2:af:
         59:68:f7:3c:18:a2:4f:10:f3:09:51:d0:6a:5b:ed:38:02:c6:
         fa:df:fb:72:ab:e4:25:65:a2:36:5c:b7:0a:dd:18:9d:40:20:
         54:70:db:41:8b:f7:cd:e5:cc:56:e5:29:11:93:f7:34:a6:f3:
         d5:93:b6:84:3c:21:56:e8:49:d9:d5:ad:68:a4:3c:2b:ce:43:
         a8:dd:39:ef:1e:0f:bf:07:d6:4a:de:6b:97:b7:0c:6e:de:37:
         74:58:f5:8f:5d:6f:13:08:30:e3:d7:66:b4:c1:f4:ec:c2:8a:
         de:f5:76:de:7a:1a:1d:1b:b6:26:ed:53:9c:fc:61:bd:cf:35:
         39:c8:7a:bd:a5:ff:04:bb:aa:ef:c2:30:44:c6:8d:13:81:f1:
         d2:c7:d0:6e:c2:59:32:51:30:9b:1a:2b:cf:13:ed:d1:02:57:
         2c:6a:36:cf:1f:12:36:6d:22:a9:15:48:ff:69:e9:fb:fb:cd:
         1d:a4:a7:0e:0b:c3:71:a1:52:98:69:80:72:57:d8:5c:8e:1a:
         c9:1a:75:ea:ac:28:18:c4:75:b5:a0:b9:22:b6:15:71:29:6c:
         12:c7:fa:c8:48:22:f4:ca:d5:24:89:ee:72:17:43:6b:61:2b:
         b5:33:eb:6f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzF3J59dxnJ39eLb6c7jfIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFmOGRiMDJlMmU5NzFkNTRmOTBlZWYxMDcwOTAzOThmY2MzZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukrLpzVvntr0WHf+2Ap9WyqN9PtM
z1QZZm6CT9XTm99QCmXm+jTVv1VwASNcbh2kk5koswaPHe/toSKr9JtunCZ7M1Th
tXp2rwqHObuVlqetBoz5RcTGyVF0eH/mW76quC+EsZ//SKY1e6fWEBozB0kLjScZ
/OUyQLEBxXQLdjcF2/iHmL/ljepMOzh2oFO6owpEcCUjgNrMKvNa9joDApHYcJA+
x05dM8rDEu1IGgwmwsCu4kx+e2QRO39pGorlqSFyVzkDlpviIomAaFGMdHGEDNZN
8POnSa9J2PNJgWPAUgpbX8aiu4SSo+xRUTCWpQm8pECLUu7WLWJotCVWHQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLkfjbAuLpcdVPkO7xBwkDmPzD2SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyL2VlNjhh
Yy0zNmJhLTQ5YTEtOWRmOS02MmUxOWVmOTYwYTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvZWU2OGFj
LTM2YmEtNDlhMS05ZGY5LTYyZTE5ZWY5NjBhNC8xL3VSLU5zQzR1bHgxVS1RN3ZF
SENRT1lfTVBaSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMHbjANBgkqhkiG9w0BAQsFAAOCAQEAOKuCh6VAvXZt
dQqE7lTZJtKvWWj3PBiiTxDzCVHQalvtOALG+t/7cqvkJWWiNly3Ct0YnUAgVHDb
QYv3zeXMVuUpEZP3NKbz1ZO2hDwhVuhJ2dWtaKQ8K85DqN057x4PvwfWSt5rl7cM
bt43dFj1j11vEwgw49dmtMH07MKK3vV23noaHRu2Ju1TnPxhvc81Och6vaX/BLuq
78IwRMaNE4Hx0sfQbsJZMlEwmxorzxPt0QJXLGo2zx8SNm0iqRVI/2np+/vNHaSn
DgvDcaFSmGmAclfYXI4ayRp16qwoGMR1taC5IrYVcSlsEsf6yEgi9MrVJInuchdD
a2ErtTPrbw==
-----END CERTIFICATE-----