Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
File:                     uvzQImt58j3kemr95RRLGynii1w.cer (raw, json)
Hash identifier:          YceRJYQ61Y+QSYXYO9Su+mONMPrDJYtdPu4EwhkJUqM=
Subject key identifier:   BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94E4CC1D13FA0E1BCAA0E3BB17310EE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:33:21 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 56781

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:4c:c1:d1:3f:a0:e1:bc:aa:0e:3b:b1:73:10:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:33:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b6:34:41:d0:c2:b2:64:02:83:a5:81:3a:8c:
                    c3:3f:bc:61:ba:d0:97:90:4f:5b:b8:7d:1e:2d:ff:
                    de:3b:9c:67:0a:fa:68:ee:b1:6e:6d:2b:1a:82:5c:
                    27:16:86:6e:3f:42:71:31:fe:04:a5:6b:0d:f8:3c:
                    af:75:55:74:2b:7c:8f:0a:a6:50:e2:b7:87:3e:99:
                    b7:5e:7c:51:f3:e4:35:d4:2d:85:78:32:7e:ee:fc:
                    53:2e:00:c1:1b:f3:cb:aa:f8:4f:df:58:2f:85:fe:
                    06:cb:b4:3e:8a:c4:ae:19:d9:ef:0c:ad:0b:02:93:
                    a4:40:72:53:e5:37:f0:7a:eb:30:45:8d:c7:a6:5a:
                    d5:37:86:53:0d:c7:a7:ce:98:3f:37:97:0f:85:84:
                    20:49:52:71:90:09:5c:eb:e9:d7:4c:8e:31:bb:4d:
                    3c:b8:ab:ce:c6:d4:28:3c:cc:48:82:6a:89:98:23:
                    31:e2:66:81:96:19:b7:95:6f:c6:87:0f:ae:0c:87:
                    f8:9e:e9:8b:69:5a:86:6e:39:f4:40:4f:7d:ed:fb:
                    0d:09:a6:18:96:49:5b:a0:04:8c:df:71:8b:6f:00:
                    33:1f:f3:0c:f9:cf:e8:f9:cb:84:22:7e:2b:dc:c2:
                    80:48:25:5f:7a:48:b1:30:52:46:ac:c6:33:51:b0:
                    ba:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56781

    Signature Algorithm: sha256WithRSAEncryption
         48:b0:fc:60:8e:a9:69:f6:d1:a8:66:48:a9:8d:8b:83:8b:fa:
         ca:81:4c:d0:b6:85:8b:19:0d:ef:c2:ec:86:11:90:74:c5:49:
         3b:2f:2c:bc:55:85:d6:6a:5f:53:58:bb:45:f8:35:8a:89:f4:
         8e:da:6c:a1:87:e8:d9:a3:59:7a:25:78:ee:39:b1:8e:dd:2c:
         3f:1f:27:51:57:44:bb:5f:9a:e6:11:68:80:64:e1:49:4f:07:
         a6:0b:30:23:1b:f2:76:41:97:1c:a7:02:d9:b2:b0:0f:ee:4f:
         b1:80:a1:89:90:7c:bb:01:5a:4b:f2:a3:57:c3:68:f5:07:78:
         46:66:6d:bb:e9:ca:25:bd:a6:c1:5a:bb:51:59:1f:db:3b:f5:
         b3:a5:a7:87:be:e9:2c:df:94:fa:0e:ec:9b:f5:64:95:d4:ab:
         27:fa:16:4e:8c:cf:ee:65:ce:26:51:ab:99:29:a7:89:db:96:
         e5:67:2b:fc:0f:37:a6:ee:b9:fb:28:2b:dc:13:35:7f:98:49:
         be:64:4a:8c:40:2c:25:48:51:67:55:dd:a8:6f:e9:55:d8:a2:
         17:b3:01:1a:fb:51:c8:82:eb:e1:66:e1:2c:2d:8f:5e:88:6b:
         ed:c4:aa:b4:6b:5d:47:6a:42:2f:90:77:82:97:57:77:91:66:
         25:63:96:2a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzJTkzB0T+g4byqDjuxcxDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZjZDAyMjZiNzlmMjNkZTQ3YTZhZmRlNTE0NGIxYjI5ZTI4YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLY0QdDCsmQCg6WBOozDP7xhutCX
kE9buH0eLf/eO5xnCvpo7rFubSsaglwnFoZuP0JxMf4EpWsN+DyvdVV0K3yPCqZQ
4reHPpm3XnxR8+Q11C2FeDJ+7vxTLgDBG/PLqvhP31gvhf4Gy7Q+isSuGdnvDK0L
ApOkQHJT5TfweuswRY3HplrVN4ZTDcenzpg/N5cPhYQgSVJxkAlc6+nXTI4xu008
uKvOxtQoPMxIgmqJmCMx4maBlhm3lW/Ghw+uDIf4numLaVqGbjn0QE997fsNCaYY
lklboASM33GLbwAzH/MM+c/o+cuEIn4r3MKASCVfekixMFJGrMYzUbC6OwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLr80CJrefI95Hpq/eUUSxsp4otcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U1LzZhMTJj
ZS1hZmJjLTQ1ODMtOTc3My1jMTgxMzk0N2UyMzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUvNmExMmNl
LWFmYmMtNDU4My05NzczLWMxODEzOTQ3ZTIzMy8xL3V2elFJbXQ1OGoza2Vtcjk1
UlJMR3luaWkxdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDdzTANBgkqhkiG9w0BAQsFAAOCAQEASLD8YI6pafbR
qGZIqY2Lg4v6yoFM0LaFixkN78LshhGQdMVJOy8svFWF1mpfU1i7Rfg1ion0jtps
oYfo2aNZeiV47jmxjt0sPx8nUVdEu1+a5hFogGThSU8HpgswIxvydkGXHKcC2bKw
D+5PsYChiZB8uwFaS/KjV8No9Qd4RmZtu+nKJb2mwVq7UVkf2zv1s6Wnh77pLN+U
+g7sm/VkldSrJ/oWTozP7mXOJlGrmSmniduW5Wcr/A83pu65+ygr3BM1f5hJvmRK
jEAsJUhRZ1XdqG/pVdiiF7MBGvtRyILr4WbhLC2PXohr7cSqtGtdR2pCL5B3gpdX
d5FmJWOWKg==
-----END CERTIFICATE-----