Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
File:                     uvzQImt58j3kemr95RRLGynii1w.cer (raw, json)
Hash identifier:          cXKAPoNzoJatrkCWteReKmK8iaR/X+JEyyoBmpsdWLc=
Subject key identifier:   BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194266B29DDF16BA89CD733A212EF20983E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 09:49:04 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 56781
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:26:6b:29:dd:f1:6b:a8:9c:d7:33:a2:12:ef:20:98:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 09:49:04 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b6:34:41:d0:c2:b2:64:02:83:a5:81:3a:8c:
                    c3:3f:bc:61:ba:d0:97:90:4f:5b:b8:7d:1e:2d:ff:
                    de:3b:9c:67:0a:fa:68:ee:b1:6e:6d:2b:1a:82:5c:
                    27:16:86:6e:3f:42:71:31:fe:04:a5:6b:0d:f8:3c:
                    af:75:55:74:2b:7c:8f:0a:a6:50:e2:b7:87:3e:99:
                    b7:5e:7c:51:f3:e4:35:d4:2d:85:78:32:7e:ee:fc:
                    53:2e:00:c1:1b:f3:cb:aa:f8:4f:df:58:2f:85:fe:
                    06:cb:b4:3e:8a:c4:ae:19:d9:ef:0c:ad:0b:02:93:
                    a4:40:72:53:e5:37:f0:7a:eb:30:45:8d:c7:a6:5a:
                    d5:37:86:53:0d:c7:a7:ce:98:3f:37:97:0f:85:84:
                    20:49:52:71:90:09:5c:eb:e9:d7:4c:8e:31:bb:4d:
                    3c:b8:ab:ce:c6:d4:28:3c:cc:48:82:6a:89:98:23:
                    31:e2:66:81:96:19:b7:95:6f:c6:87:0f:ae:0c:87:
                    f8:9e:e9:8b:69:5a:86:6e:39:f4:40:4f:7d:ed:fb:
                    0d:09:a6:18:96:49:5b:a0:04:8c:df:71:8b:6f:00:
                    33:1f:f3:0c:f9:cf:e8:f9:cb:84:22:7e:2b:dc:c2:
                    80:48:25:5f:7a:48:b1:30:52:46:ac:c6:33:51:b0:
                    ba:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56781

    Signature Algorithm: sha256WithRSAEncryption
         23:e2:d0:46:2a:cf:66:b0:51:71:1f:dc:e4:4c:03:cc:84:1c:
         e7:2a:a3:5a:1e:82:08:45:58:3c:03:0c:7f:7b:08:29:eb:db:
         34:8a:6a:2c:4a:4d:ba:b8:0b:51:ec:00:30:f6:30:15:e5:f3:
         e8:48:b4:5b:66:c9:4d:bf:ba:61:51:fe:20:b0:19:55:c9:0d:
         65:51:12:45:cf:c1:21:e4:eb:a9:06:b0:72:d7:b2:90:b6:7a:
         ab:0b:2d:45:70:b5:52:f1:47:86:d6:2c:97:b4:ab:3b:2e:6a:
         e6:3c:64:bd:b0:e4:05:d7:fb:75:3f:91:22:97:fe:57:56:86:
         5f:b0:a9:f7:2c:e8:81:f2:eb:e0:67:c4:d4:2d:59:38:b9:ac:
         03:4c:55:18:77:cf:55:6a:84:22:43:23:ff:0e:c4:ba:29:0a:
         01:0d:fc:e6:dc:3e:fc:69:bd:f4:43:c8:3c:44:89:81:c7:83:
         6d:66:64:4b:1a:20:d2:28:c7:d7:6b:4a:d4:e3:88:d9:f8:10:
         cd:00:ed:5f:96:d3:5c:01:62:85:85:30:dd:4f:ee:1f:d4:c4:
         94:2a:af:fd:f1:fa:dd:09:e8:b2:17:e6:b8:93:5f:e9:5c:32:
         cd:45:94:5b:71:41:9d:b6:05:94:8d:75:13:43:73:f3:df:92:
         44:8b:18:cf
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQmaynd8WuonNczohLvIJg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZjZDAyMjZiNzlmMjNkZTQ3YTZhZmRlNTE0NGIxYjI5ZTI4YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLY0QdDCsmQCg6WBOozDP7xhutCX
kE9buH0eLf/eO5xnCvpo7rFubSsaglwnFoZuP0JxMf4EpWsN+DyvdVV0K3yPCqZQ
4reHPpm3XnxR8+Q11C2FeDJ+7vxTLgDBG/PLqvhP31gvhf4Gy7Q+isSuGdnvDK0L
ApOkQHJT5TfweuswRY3HplrVN4ZTDcenzpg/N5cPhYQgSVJxkAlc6+nXTI4xu008
uKvOxtQoPMxIgmqJmCMx4maBlhm3lW/Ghw+uDIf4numLaVqGbjn0QE997fsNCaYY
lklboASM33GLbwAzH/MM+c/o+cuEIn4r3MKASCVfekixMFJGrMYzUbC6OwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLr80CJrefI95Hpq/eUUSxsp4otcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U1LzZhMTJj
ZS1hZmJjLTQ1ODMtOTc3My1jMTgxMzk0N2UyMzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUvNmExMmNl
LWFmYmMtNDU4My05NzczLWMxODEzOTQ3ZTIzMy8xL3V2elFJbXQ1OGoza2Vtcjk1
UlJMR3luaWkxdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDdzTANBgkqhkiG9w0BAQsFAAOCAQEAI+LQRirPZrBR
cR/c5EwDzIQc5yqjWh6CCEVYPAMMf3sIKevbNIpqLEpNurgLUewAMPYwFeXz6Ei0
W2bJTb+6YVH+ILAZVckNZVESRc/BIeTrqQawcteykLZ6qwstRXC1UvFHhtYsl7Sr
Oy5q5jxkvbDkBdf7dT+RIpf+V1aGX7Cp9yzogfLr4GfE1C1ZOLmsA0xVGHfPVWqE
IkMj/w7EuikKAQ385tw+/Gm99EPIPESJgceDbWZkSxog0ijH12tK1OOI2fgQzQDt
X5bTXAFihYUw3U/uH9TElCqv/fH63QnoshfmuJNf6VwyzUWUW3FBnbYFlI11E0Nz
89+SRIsYzw==
-----END CERTIFICATE-----