Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.cer
File:                     uR-NsC4ulx1U-Q7vEHCQOY_MPZI.cer (raw, json)
Hash identifier:          J7JpvkuDd2Q4vM8PFoCqw9aOxbKBUeoKc9LVML6rgTQ=
Subject key identifier:   B9:1F:8D:B0:2E:2E:97:1D:54:F9:0E:EF:10:70:90:39:8F:CC:3D:92
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942444C3B0361A392DF04A9224DF7C7020
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 23:47:53 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 198510
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 14:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:44:c3:b0:36:1a:39:2d:f0:4a:92:24:df:7c:70:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:47:53 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b91f8db02e2e971d54f90eef107090398fcc3d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:cb:a7:35:6f:9e:da:f4:58:77:fe:d8:0a:
                    7d:5b:2a:8d:f4:fb:4c:cf:54:19:66:6e:82:4f:d5:
                    d3:9b:df:50:0a:65:e6:fa:34:d5:bf:55:70:01:23:
                    5c:6e:1d:a4:93:99:28:b3:06:8f:1d:ef:ed:a1:22:
                    ab:f4:9b:6e:9c:26:7b:33:54:e1:b5:7a:76:af:0a:
                    87:39:bb:95:96:a7:ad:06:8c:f9:45:c4:c6:c9:51:
                    74:78:7f:e6:5b:be:aa:b8:2f:84:b1:9f:ff:48:a6:
                    35:7b:a7:d6:10:1a:33:07:49:0b:8d:27:19:fc:e5:
                    32:40:b1:01:c5:74:0b:76:37:05:db:f8:87:98:bf:
                    e5:8d:ea:4c:3b:38:76:a0:53:ba:a3:0a:44:70:25:
                    23:80:da:cc:2a:f3:5a:f6:3a:03:02:91:d8:70:90:
                    3e:c7:4e:5d:33:ca:c3:12:ed:48:1a:0c:26:c2:c0:
                    ae:e2:4c:7e:7b:64:11:3b:7f:69:1a:8a:e5:a9:21:
                    72:57:39:03:96:9b:e2:22:89:80:68:51:8c:74:71:
                    84:0c:d6:4d:f0:f3:a7:49:af:49:d8:f3:49:81:63:
                    c0:52:0a:5b:5f:c6:a2:bb:84:92:a3:ec:51:51:30:
                    96:a5:09:bc:a4:40:8b:52:ee:d6:2d:62:68:b4:25:
                    56:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:1F:8D:B0:2E:2E:97:1D:54:F9:0E:EF:10:70:90:39:8F:CC:3D:92
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198510

    Signature Algorithm: sha256WithRSAEncryption
         82:10:88:2a:15:ae:98:47:24:d1:49:c3:f1:12:64:8a:1b:86:
         10:31:52:92:78:69:ec:0e:b9:8e:f2:32:60:a6:47:03:bb:9d:
         95:2c:12:b5:24:c4:76:b5:47:18:e0:67:98:1a:5c:6b:67:9b:
         d2:04:1b:ed:7a:9d:ec:c8:12:95:bd:b8:d4:3b:41:a2:f2:d0:
         dc:0b:ba:5a:d8:aa:89:2d:67:50:75:fe:d0:be:fc:c4:3e:a7:
         bb:87:5d:f4:11:f2:15:a7:3d:76:37:96:9c:72:09:cb:f0:a1:
         6d:f7:16:dd:98:66:e0:9f:f6:30:90:64:f3:ef:8a:39:55:27:
         32:11:5b:7a:65:71:63:18:43:a7:53:6c:bd:95:b5:8e:26:0d:
         69:70:74:01:f3:0a:c3:98:2c:7c:e0:29:d7:aa:99:7a:c2:72:
         d4:92:27:7f:c2:84:2d:e7:b0:b6:41:14:da:87:3c:2c:0d:af:
         fd:59:aa:24:b8:96:8d:ad:66:f5:17:f1:07:b0:0b:37:ac:9c:
         9d:82:15:4d:be:dc:ec:ae:9b:46:4c:df:40:85:07:4b:1d:df:
         70:93:0e:7a:c8:48:3e:31:91:5a:f0:64:df:fb:c4:8d:73:25:
         32:e5:0f:01:b1:bc:92:bc:ef:6f:79:a2:51:0e:b6:de:e3:e4:
         40:04:f8:f2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQkRMOwNho5LfBKkiTffHAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFmOGRiMDJlMmU5NzFkNTRmOTBlZWYxMDcwOTAzOThmY2MzZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukrLpzVvntr0WHf+2Ap9WyqN9PtM
z1QZZm6CT9XTm99QCmXm+jTVv1VwASNcbh2kk5koswaPHe/toSKr9JtunCZ7M1Th
tXp2rwqHObuVlqetBoz5RcTGyVF0eH/mW76quC+EsZ//SKY1e6fWEBozB0kLjScZ
/OUyQLEBxXQLdjcF2/iHmL/ljepMOzh2oFO6owpEcCUjgNrMKvNa9joDApHYcJA+
x05dM8rDEu1IGgwmwsCu4kx+e2QRO39pGorlqSFyVzkDlpviIomAaFGMdHGEDNZN
8POnSa9J2PNJgWPAUgpbX8aiu4SSo+xRUTCWpQm8pECLUu7WLWJotCVWHQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLkfjbAuLpcdVPkO7xBwkDmPzD2SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyL2VlNjhh
Yy0zNmJhLTQ5YTEtOWRmOS02MmUxOWVmOTYwYTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvZWU2OGFj
LTM2YmEtNDlhMS05ZGY5LTYyZTE5ZWY5NjBhNC8xL3VSLU5zQzR1bHgxVS1RN3ZF
SENRT1lfTVBaSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMHbjANBgkqhkiG9w0BAQsFAAOCAQEAghCIKhWumEck
0UnD8RJkihuGEDFSknhp7A65jvIyYKZHA7udlSwStSTEdrVHGOBnmBpca2eb0gQb
7Xqd7MgSlb241DtBovLQ3Au6WtiqiS1nUHX+0L78xD6nu4dd9BHyFac9djeWnHIJ
y/ChbfcW3Zhm4J/2MJBk8++KOVUnMhFbemVxYxhDp1NsvZW1jiYNaXB0AfMKw5gs
fOAp16qZesJy1JInf8KELeewtkEU2oc8LA2v/VmqJLiWja1m9RfxB7ALN6ycnYIV
Tb7c7K6bRkzfQIUHSx3fcJMOeshIPjGRWvBk3/vEjXMlMuUPAbG8krzvb3miUQ62
3uPkQAT48g==
-----END CERTIFICATE-----