Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer
File:                     vDImMeLrfqv7XttPywq4yZaCPEg.cer (raw, json)
Hash identifier:          GJry4eCXxTTJ/fSg18oTSsvLKeaVG/9r6LfNXGPQ2js=
Subject key identifier:   BC:32:26:31:E2:EB:7E:AB:FB:5E:DB:4F:CB:0A:B8:C9:96:82:3C:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019422FB66F88F6EE1ADBBC8726275FF5C87
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 17:48:08 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 49149
                          IP: 91.232.112.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:fb:66:f8:8f:6e:e1:ad:bb:c8:72:62:75:ff:5c:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 17:48:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bc322631e2eb7eabfb5edb4fcb0ab8c996823c48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:de:2e:dd:f7:73:0c:ba:e2:3f:71:9d:dd:44:
                    80:0d:f5:1a:40:71:61:b2:20:f4:d1:3a:29:8b:3b:
                    3f:4f:4d:cb:ab:4e:17:36:88:81:ae:9d:17:0a:ad:
                    b8:ac:c5:af:ce:14:0c:f4:41:c6:37:7f:1a:0a:49:
                    64:83:cf:c9:64:ee:b1:b1:1d:e9:f1:e3:61:23:6d:
                    76:dc:e9:a3:0b:34:f4:ce:71:7c:1c:ba:04:38:0f:
                    88:eb:b9:5e:4c:99:01:19:fa:01:eb:9a:8d:bd:41:
                    f3:1b:a8:46:5c:27:34:5b:4e:66:dc:3a:42:a7:61:
                    d5:a1:b9:f8:c3:7e:08:02:3d:53:50:c8:20:b4:2a:
                    5c:04:51:82:24:a6:6d:b0:df:3f:f6:da:04:c0:3b:
                    0f:1a:66:e6:3e:b2:5a:02:8f:85:52:39:d1:1a:32:
                    f1:a3:f0:2e:09:eb:f4:50:5e:8a:a0:ac:0b:03:c3:
                    48:60:99:28:de:5e:7b:35:19:15:18:50:18:57:66:
                    77:be:b7:41:38:68:7e:53:c9:8b:dd:6f:32:5e:e2:
                    05:fa:cd:4b:fa:18:90:69:07:8f:56:1f:9b:b2:a5:
                    7b:cf:01:67:b3:70:c0:d5:d2:43:a0:47:74:b5:cf:
                    33:dd:73:4b:e9:80:b8:bb:3e:e2:5d:66:33:bc:de:
                    a6:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:32:26:31:E2:EB:7E:AB:FB:5E:DB:4F:CB:0A:B8:C9:96:82:3C:48
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.112.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  49149

    Signature Algorithm: sha256WithRSAEncryption
         8f:85:93:95:72:36:92:54:ca:2a:69:41:30:e1:be:9b:27:0a:
         d7:d1:67:98:0f:69:5b:e0:1c:0b:e9:2e:07:70:85:01:fd:7c:
         59:0c:24:80:49:51:af:f6:53:e3:d7:c8:bd:d0:4d:14:87:0f:
         ca:33:1d:83:31:5f:06:a2:11:4d:0e:dd:c1:36:d4:b9:7f:56:
         40:d3:6d:b6:ff:8a:7b:c4:50:c5:90:de:8a:32:77:2f:cc:0e:
         f4:f9:ff:ed:09:c4:a5:7c:f5:f9:ef:5b:0b:af:d5:b7:74:9a:
         04:14:ba:a0:f0:bc:55:ed:4d:6b:d4:4f:01:57:be:3e:89:e8:
         d4:24:85:dc:9b:02:19:fb:b6:13:56:92:94:bd:3a:01:49:28:
         4b:b3:c8:8a:e4:d8:7f:7a:02:61:94:9b:1a:4c:ba:c2:db:f6:
         d9:f9:3b:39:16:23:5f:1b:4d:c4:e8:a0:64:c4:74:7d:4f:60:
         a6:2c:ac:43:81:c5:2b:94:77:3d:90:c0:72:b7:30:09:01:9d:
         0c:d6:87:f2:91:e7:9a:a6:0c:7c:61:8a:fa:61:77:d1:a8:8c:
         22:2e:38:51:d5:1c:ff:08:29:80:c4:ed:f6:e4:3b:40:78:d3:
         6f:b3:cd:f0:bf:3e:70:f9:5e:4a:9c:fa:a9:66:15:f7:79:d9:
         25:8b:d4:cc
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQi+2b4j27hrbvIcmJ1/1yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzMyMjYzMWUyZWI3ZWFiZmI1ZWRiNGZjYjBhYjhjOTk2ODIzYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy94u3fdzDLriP3Gd3USADfUaQHFh
siD00Topizs/T03Lq04XNoiBrp0XCq24rMWvzhQM9EHGN38aCklkg8/JZO6xsR3p
8eNhI2123OmjCzT0znF8HLoEOA+I67leTJkBGfoB65qNvUHzG6hGXCc0W05m3DpC
p2HVobn4w34IAj1TUMggtCpcBFGCJKZtsN8/9toEwDsPGmbmPrJaAo+FUjnRGjLx
o/AuCev0UF6KoKwLA8NIYJko3l57NRkVGFAYV2Z3vrdBOGh+U8mL3W8yXuIF+s1L
+hiQaQePVh+bsqV7zwFns3DA1dJDoEd0tc8z3XNL6YC4uz7iXWYzvN6mQQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLwyJjHi636r+17bT8sKuMmWgjxIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5LzMwODZi
OC03MWYzLTRhOGQtOTQ1MS0yOWVkZmFiMzlmNDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvMzA4NmI4
LTcxZjMtNGE4ZC05NDUxLTI5ZWRmYWIzOWY0OS8xL3ZESW1NZUxyZnF2N1h0dFB5
d3E0eVphQ1BFZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW+hwMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwC//TANBgkqhkiG9w0BAQsFAAOCAQEAj4WTlXI2klTKKmlBMOG+mycK19FnmA9p
W+AcC+kuB3CFAf18WQwkgElRr/ZT49fIvdBNFIcPyjMdgzFfBqIRTQ7dwTbUuX9W
QNNttv+Ke8RQxZDeijJ3L8wO9Pn/7QnEpXz1+e9bC6/Vt3SaBBS6oPC8Ve1Na9RP
AVe+Pono1CSF3JsCGfu2E1aSlL06AUkoS7PIiuTYf3oCYZSbGky6wtv22fk7ORYj
XxtNxOigZMR0fU9gpiysQ4HFK5R3PZDAcrcwCQGdDNaH8pHnmqYMfGGK+mF30aiM
Ii44UdUc/wgpgMTt9uQ7QHjTb7PN8L8+cPleSpz6qWYV93nZJYvUzA==
-----END CERTIFICATE-----