Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.cer
File:                     vrPkQJXzjKOIg2v2Zbb58JjcV5Q.cer (raw, json)
Hash identifier:          mThohsWWjo1sHU4Ykl8vXPRPsPT258I0sMEF9jV8mhU=
Subject key identifier:   BE:B3:E4:40:95:F3:8C:A3:88:83:6B:F6:65:B6:F9:F0:98:DC:57:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA2B8BC5169FE43752FDB6E2E79BF9E1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:35:00 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 204549

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:8b:c5:16:9f:e4:37:52:fd:b6:e2:e7:9b:f9:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:35:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=beb3e44095f38ca388836bf665b6f9f098dc5794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f3:5b:0d:4d:89:be:60:af:0c:d4:20:39:79:
                    c5:20:0c:e5:f9:2d:72:8e:de:09:6d:3a:3d:e6:83:
                    35:23:55:ed:2d:4f:51:25:28:8f:44:e1:a5:a3:a3:
                    f6:75:39:0f:59:2d:4b:d7:5c:5a:3f:3f:2e:b1:43:
                    b3:3f:b6:12:e2:22:96:86:20:ed:bc:b8:bf:03:52:
                    ff:cb:7b:be:67:40:a6:2a:47:93:df:44:1c:0f:35:
                    13:4d:1e:94:73:9d:21:a9:de:40:ba:64:6e:75:ad:
                    26:ae:b5:a4:63:fa:de:88:f8:ae:6c:8f:8d:7b:d7:
                    e3:db:41:b9:ad:f4:bc:7a:7e:c1:64:b0:7a:08:5c:
                    d1:31:90:0e:80:ca:84:bd:e1:09:17:ad:88:57:f6:
                    5f:42:0a:7c:33:3a:eb:4b:80:c6:23:c3:17:f1:de:
                    d6:8d:52:14:e5:6b:92:fe:c4:c0:85:e6:f8:7f:59:
                    58:ba:b6:47:a4:e6:44:85:8c:07:39:5e:28:22:d5:
                    51:a1:fe:d4:7d:06:18:66:33:07:ef:a6:bc:37:3b:
                    8c:eb:50:f5:a1:66:2b:94:b7:aa:68:7c:2f:d9:03:
                    07:2d:96:63:3d:19:a3:ce:f0:58:5f:40:da:b4:21:
                    f8:31:4c:1b:46:43:d3:cc:dd:10:da:2a:d8:be:bb:
                    d4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B3:E4:40:95:F3:8C:A3:88:83:6B:F6:65:B6:F9:F0:98:DC:57:94
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204549

    Signature Algorithm: sha256WithRSAEncryption
         4d:68:24:a6:80:ec:7f:0d:e8:7f:ab:d5:59:32:0c:53:65:1f:
         1e:62:b0:1f:c9:d9:e9:12:22:77:05:f9:08:06:d0:e8:2f:b8:
         da:91:12:ed:ff:9c:e4:1b:09:d7:df:f1:18:9d:a8:d6:16:c0:
         ed:e5:e1:a5:8f:a0:92:5f:35:a7:6b:27:d5:60:ad:56:f1:ba:
         25:90:3d:b7:1d:c1:36:96:c1:6e:50:0c:cf:34:93:64:7b:69:
         ec:43:2c:2d:46:d6:06:d2:7b:9c:b1:e9:6f:46:69:fc:0d:c0:
         32:f6:cf:0c:2a:7b:ad:58:70:56:05:38:f6:1b:46:2e:1c:e9:
         98:9f:e4:22:f7:99:88:f3:ec:da:75:fc:fe:af:0e:06:62:29:
         48:34:22:6d:c2:94:5f:42:fd:8a:9c:3d:af:e5:e2:b8:d2:c3:
         03:33:47:f5:73:ec:2b:9e:b8:9f:5a:35:6f:b9:25:01:c2:e7:
         37:85:f6:0c:6a:16:fe:e7:dc:f5:bf:9f:55:4d:ac:d0:eb:cd:
         1b:55:8e:ef:de:32:1c:7a:6a:10:25:72:96:dc:86:e6:7a:3f:
         11:f6:81:9a:34:bc:39:93:a3:48:40:db:97:f5:31:97:be:3a:
         98:4c:df:fb:3e:01:c7:a4:24:21:c7:67:dd:26:f7:b8:cb:e6:
         f8:1a:13:df
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzKK4vFFp/kN1L9tuLnm/nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIzZTQ0MDk1ZjM4Y2EzODg4MzZiZjY2NWI2ZjlmMDk4ZGM1Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/NbDU2JvmCvDNQgOXnFIAzl+S1y
jt4JbTo95oM1I1XtLU9RJSiPROGlo6P2dTkPWS1L11xaPz8usUOzP7YS4iKWhiDt
vLi/A1L/y3u+Z0CmKkeT30QcDzUTTR6Uc50hqd5AumRuda0mrrWkY/reiPiubI+N
e9fj20G5rfS8en7BZLB6CFzRMZAOgMqEveEJF62IV/ZfQgp8MzrrS4DGI8MX8d7W
jVIU5WuS/sTAheb4f1lYurZHpOZEhYwHOV4oItVRof7UfQYYZjMH76a8NzuM61D1
oWYrlLeqaHwv2QMHLZZjPRmjzvBYX0DatCH4MUwbRkPTzN0Q2irYvrvUcQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFL6z5ECV84yjiINr9mW2+fCY3FeUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNmLzY1YTUy
NS1hMjU5LTQwMjMtOWY5NS1hNmE0OTQ1NjJlMWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvNjVhNTI1
LWEyNTktNDAyMy05Zjk1LWE2YTQ5NDU2MmUxZC8xL3ZyUGtRSlh6aktPSWcydjJa
YmI1OEpqY1Y1US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMfBTANBgkqhkiG9w0BAQsFAAOCAQEATWgkpoDsfw3o
f6vVWTIMU2UfHmKwH8nZ6RIidwX5CAbQ6C+42pES7f+c5BsJ19/xGJ2o1hbA7eXh
pY+gkl81p2sn1WCtVvG6JZA9tx3BNpbBblAMzzSTZHtp7EMsLUbWBtJ7nLHpb0Zp
/A3AMvbPDCp7rVhwVgU49htGLhzpmJ/kIveZiPPs2nX8/q8OBmIpSDQibcKUX0L9
ipw9r+XiuNLDAzNH9XPsK564n1o1b7klAcLnN4X2DGoW/ufc9b+fVU2s0OvNG1WO
794yHHpqECVyltyG5no/EfaBmjS8OZOjSEDbl/Uxl746mEzf+z4Bx6QkIcdn3Sb3
uMvm+BoT3w==
-----END CERTIFICATE-----