Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
File:                     uw-EN95rslGCGnpfuBETdvFwkCM.cer (raw, json)
Hash identifier:          jiccPUhoEXHvOeofTk9VSCXzqUdUjBBlgeFwjTFfToc=
Subject key identifier:   BB:0F:84:37:DE:6B:B2:51:82:1A:7A:5F:B8:11:13:76:F1:70:90:23
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019422AF045CF0780875A33874933914152E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 16:24:42 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 215617
                          AS: 216324
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 07 Apr 2025 07:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:af:04:5c:f0:78:08:75:a3:38:74:93:39:14:15:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:24:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bb0f8437de6bb251821a7a5fb8111376f1709023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:56:2c:08:c6:42:22:2e:b5:52:2f:81:51:c0:
                    46:fd:72:2e:8c:06:dd:64:a6:c2:f7:eb:5c:13:ee:
                    1b:ec:c4:8f:d4:9a:ab:5c:02:07:ab:11:5a:0b:cf:
                    d1:1f:05:4f:71:c0:06:d6:ca:56:ec:81:87:da:81:
                    38:bc:dd:49:3f:f8:14:cb:b7:9a:8c:65:cd:01:3d:
                    e1:25:bb:d5:08:10:be:92:a0:58:1b:fe:aa:ae:7b:
                    00:cd:e4:29:43:16:42:e4:ef:96:f7:03:27:24:29:
                    c0:33:8c:f2:cf:6f:ac:b9:cf:be:1c:34:20:15:10:
                    e4:88:10:b0:52:2b:22:d5:e2:aa:6b:a4:d3:0b:99:
                    92:1a:e8:92:8e:cc:3f:33:af:3f:59:ba:63:a1:06:
                    fb:ef:51:b7:ee:74:86:28:6e:d3:02:68:02:8f:7c:
                    72:cd:aa:3a:5c:96:09:24:a6:14:4a:e0:b7:8f:d1:
                    b8:de:49:7f:32:2d:5d:ec:e2:30:f8:5a:f7:70:0d:
                    a8:bf:ca:e4:55:30:fd:4f:de:97:4c:c5:8c:ed:3c:
                    04:d5:c8:de:df:d2:34:8a:1d:a4:93:3d:b6:d8:0a:
                    3c:46:08:63:ac:8d:c3:3a:cb:b6:1c:a2:a4:d0:a7:
                    91:6e:db:3b:18:27:0d:f2:b1:14:4c:51:75:ae:be:
                    79:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:0F:84:37:DE:6B:B2:51:82:1A:7A:5F:B8:11:13:76:F1:70:90:23
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215617
                  216324

    Signature Algorithm: sha256WithRSAEncryption
         42:fe:9f:b0:03:d2:b7:c9:a6:15:f1:5e:cb:8a:88:ef:ed:ee:
         0f:f7:fe:fa:ad:ce:19:61:ab:b4:d6:de:95:65:65:0d:99:8b:
         8b:62:23:2d:56:00:c5:97:4e:d6:0f:8b:98:88:2d:a9:61:9e:
         d0:c8:29:11:a6:b6:99:17:ba:5f:7d:7a:88:b9:26:6c:b7:73:
         02:67:28:c0:3a:57:6a:81:9a:72:00:57:06:6f:ce:6f:2a:56:
         5a:aa:50:fa:14:9e:30:30:fe:d5:de:73:75:8c:9e:6f:fa:d3:
         51:62:9a:9f:91:7c:46:7a:52:fc:3b:39:a8:b4:cf:37:27:04:
         9e:0c:47:f6:90:29:6e:cf:73:f4:59:e3:ed:b8:12:d5:16:c5:
         24:39:85:d2:d6:0a:b2:76:8a:65:f2:f2:87:27:a9:15:d9:5c:
         2e:cd:2e:00:d5:e2:08:cd:50:04:6b:26:a0:01:e7:b7:da:e5:
         37:59:ee:7b:7c:d6:42:66:e4:b9:ad:06:78:ba:18:33:25:80:
         a6:d9:4a:0d:48:95:d6:2d:97:6d:8b:80:f2:24:16:c0:82:2f:
         d6:06:44:ee:20:d3:dd:4c:af:28:10:90:5f:20:73:71:0b:92:
         42:9d:f7:3e:c1:f3:ad:57:35:42:43:cc:f6:d0:b1:7f:1b:7f:
         09:1e:9e:67
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQirwRc8HgIdaM4dJM5FBUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTYyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBmODQzN2RlNmJiMjUxODIxYTdhNWZiODExMTM3NmYxNzA5MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VYsCMZCIi61Ui+BUcBG/XIujAbd
ZKbC9+tcE+4b7MSP1JqrXAIHqxFaC8/RHwVPccAG1spW7IGH2oE4vN1JP/gUy7ea
jGXNAT3hJbvVCBC+kqBYG/6qrnsAzeQpQxZC5O+W9wMnJCnAM4zyz2+suc++HDQg
FRDkiBCwUisi1eKqa6TTC5mSGuiSjsw/M68/WbpjoQb771G37nSGKG7TAmgCj3xy
zao6XJYJJKYUSuC3j9G43kl/Mi1d7OIw+Fr3cA2ov8rkVTD9T96XTMWM7TwE1cje
39I0ih2kkz222Ao8RghjrI3DOsu2HKKk0KeRbts7GCcN8rEUTFF1rr55XQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLsPhDfea7JRghp6X7gRE3bxcJAjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIzZDVm
NjgyLWI1MWItNDgxMi1iOGIxLTQzMGUzODY4Mzc0OC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNk
NWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4NjgzNzQ4LzAvQkIwRjg0MzdERTZC
QjI1MTgyMUE3QTVGQjgxMTEzNzZGMTcwOTAyMy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMDSkEC
AwNNBDANBgkqhkiG9w0BAQsFAAOCAQEAQv6fsAPSt8mmFfFey4qI7+3uD/f++q3O
GWGrtNbelWVlDZmLi2IjLVYAxZdO1g+LmIgtqWGe0MgpEaa2mRe6X316iLkmbLdz
AmcowDpXaoGacgBXBm/ObypWWqpQ+hSeMDD+1d5zdYyeb/rTUWKan5F8RnpS/Ds5
qLTPNycEngxH9pApbs9z9Fnj7bgS1RbFJDmF0tYKsnaKZfLyhyepFdlcLs0uANXi
CM1QBGsmoAHnt9rlN1nue3zWQmbkua0GeLoYMyWAptlKDUiV1i2XbYuA8iQWwIIv
1gZE7iDT3UyvKBCQXyBzcQuSQp33PsHzrVc1QkPM9tCxfxt/CR6eZw==
-----END CERTIFICATE-----