Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.cer (raw, json)
Hash identifier:          0zNdKyw1A/Z5e1A+gDhyUItIG8ELpg8R8Vw2xpLPqOc=
Subject key identifier:   BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01941F8C3390F8878B48FD0A9D6CE937B36F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 01:47:49 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 199925
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:1f:8c:33:90:f8:87:8b:48:fd:0a:9d:6c:e9:37:b3:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 01:47:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:6b:0b:63:ba:fe:4f:b8:7e:f0:3a:9b:39:50:
                    29:98:06:0f:49:b0:80:8a:57:31:4f:ca:1a:98:1c:
                    5e:a2:ce:23:fc:92:b4:f2:57:84:86:f6:40:8d:1f:
                    7b:45:88:da:cd:d1:c2:d7:3b:49:56:9e:d5:dc:b5:
                    55:7b:82:7a:9b:4f:18:7e:44:72:2d:1d:fb:e4:4d:
                    c8:1e:f5:d6:9a:06:99:0d:94:ea:15:4c:5e:01:fd:
                    41:d4:6f:78:78:f0:b0:31:64:e0:c2:ac:fc:bb:10:
                    c1:73:61:a3:a2:a3:67:62:93:f2:d9:41:31:4c:58:
                    f4:9d:c4:18:51:e9:65:2b:80:a7:47:55:44:69:c8:
                    27:97:56:c9:5c:c1:00:61:8d:b3:11:c4:05:f6:f9:
                    79:71:31:f1:88:50:51:e8:e9:98:ae:a0:e0:7b:ce:
                    dc:41:aa:0c:7a:86:9e:29:d1:77:ae:5f:20:6d:49:
                    57:03:59:a1:28:b5:f3:cb:85:0f:a0:f3:46:e1:98:
                    52:54:65:b9:25:7a:5e:b0:de:63:88:dd:49:9e:15:
                    4b:03:e9:7e:bf:ee:bd:f2:b3:51:35:1e:fa:9c:30:
                    47:ab:24:98:38:9d:24:31:ad:c3:24:d0:2d:bd:39:
                    52:ec:2d:3d:1a:67:3e:54:c8:5f:7b:28:05:3c:a8:
                    aa:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199925

    Signature Algorithm: sha256WithRSAEncryption
         32:c0:07:b6:07:f7:b2:e8:74:69:e0:80:33:30:bb:f9:4e:3d:
         6f:b9:5f:ad:5a:be:cb:27:dc:97:b0:f8:0a:83:46:90:64:b8:
         55:85:62:48:16:0b:83:5a:a0:f8:33:08:14:c9:59:f3:10:a8:
         0e:5d:69:94:a8:81:7d:40:bd:d9:dc:7c:eb:2d:e8:a4:94:33:
         4d:3b:7c:5c:4d:c5:da:db:2b:3a:b4:40:6d:7d:ad:73:ec:ab:
         92:94:43:4f:cd:e2:cc:24:0f:a7:3f:0f:1e:0d:4a:4a:2a:f0:
         06:82:58:c1:03:0b:7c:68:a1:93:a7:cd:f7:61:17:b2:8d:fd:
         e6:62:fa:2f:e2:9d:8d:95:64:41:ab:f9:96:ec:33:f2:4d:87:
         28:09:f7:fd:d9:5e:23:da:e1:b5:f5:ff:90:b6:c1:45:db:2e:
         fb:3b:c0:4a:ee:1b:e5:66:7b:2b:46:88:bd:d7:94:e1:97:ff:
         d2:10:a7:7a:e2:9e:77:1c:63:74:c1:32:ae:7b:5a:54:fc:d1:
         91:4d:dc:4e:1b:24:34:55:20:80:1b:18:1f:76:43:18:40:22:
         39:b6:0e:aa:fd:08:81:4e:9f:f2:5a:30:70:fd:3a:9f:96:bb:
         a6:74:c9:a2:6b:87:63:2b:b1:77:58:f8:45:8d:4a:a5:42:cc:
         1d:a8:d3:9f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQfjDOQ+IeLSP0KnWzpN7NvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2YyMzRjMDQ0NDQxNmI4ODUyZmIzNDc4NzhhZDM3NmQwODE4ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWsLY7r+T7h+8DqbOVApmAYPSbCA
ilcxT8oamBxeos4j/JK08leEhvZAjR97RYjazdHC1ztJVp7V3LVVe4J6m08YfkRy
LR375E3IHvXWmgaZDZTqFUxeAf1B1G94ePCwMWTgwqz8uxDBc2GjoqNnYpPy2UEx
TFj0ncQYUellK4CnR1VEacgnl1bJXMEAYY2zEcQF9vl5cTHxiFBR6OmYrqDge87c
QaoMeoaeKdF3rl8gbUlXA1mhKLXzy4UPoPNG4ZhSVGW5JXpesN5jiN1JnhVLA+l+
v+698rNRNR76nDBHqySYOJ0kMa3DJNAtvTlS7C09Gmc+VMhfeygFPKiqKwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLzyNMBERBa4hS+zR4eK03bQgY1kMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY0L2JiN2E3
YS0zMDNmLTQyMzQtODJhMS05YWNhN2JkOGVjMGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQvYmI3YTdh
LTMwM2YtNDIzNC04MmExLTlhY2E3YmQ4ZWMwZi8xL3ZQSTB3RVJFRnJpRkw3Tkho
NHJUZHRDQmpXUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMM9TANBgkqhkiG9w0BAQsFAAOCAQEAMsAHtgf3suh0
aeCAMzC7+U49b7lfrVq+yyfcl7D4CoNGkGS4VYViSBYLg1qg+DMIFMlZ8xCoDl1p
lKiBfUC92dx86y3opJQzTTt8XE3F2tsrOrRAbX2tc+yrkpRDT83izCQPpz8PHg1K
SirwBoJYwQMLfGihk6fN92EXso395mL6L+KdjZVkQav5luwz8k2HKAn3/dleI9rh
tfX/kLbBRdsu+zvASu4b5WZ7K0aIvdeU4Zf/0hCneuKedxxjdMEyrntaVPzRkU3c
ThskNFUggBsYH3ZDGEAiObYOqv0IgU6f8lowcP06n5a7pnTJomuHYyuxd1j4RY1K
pULMHajTnw==
-----END CERTIFICATE-----