Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.cer
File:                     vrPkQJXzjKOIg2v2Zbb58JjcV5Q.cer (raw, json)
Hash identifier:          VQn82vMr9lgjDYTg5N74VC30KINzI9r+2QkpMmNxX2U=
Subject key identifier:   BE:B3:E4:40:95:F3:8C:A3:88:83:6B:F6:65:B6:F9:F0:98:DC:57:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019425219BE478F55F6AF018B1E70EF01E28
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 03:49:07 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 204549
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:21:9b:e4:78:f5:5f:6a:f0:18:b1:e7:0e:f0:1e:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 03:49:07 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=beb3e44095f38ca388836bf665b6f9f098dc5794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f3:5b:0d:4d:89:be:60:af:0c:d4:20:39:79:
                    c5:20:0c:e5:f9:2d:72:8e:de:09:6d:3a:3d:e6:83:
                    35:23:55:ed:2d:4f:51:25:28:8f:44:e1:a5:a3:a3:
                    f6:75:39:0f:59:2d:4b:d7:5c:5a:3f:3f:2e:b1:43:
                    b3:3f:b6:12:e2:22:96:86:20:ed:bc:b8:bf:03:52:
                    ff:cb:7b:be:67:40:a6:2a:47:93:df:44:1c:0f:35:
                    13:4d:1e:94:73:9d:21:a9:de:40:ba:64:6e:75:ad:
                    26:ae:b5:a4:63:fa:de:88:f8:ae:6c:8f:8d:7b:d7:
                    e3:db:41:b9:ad:f4:bc:7a:7e:c1:64:b0:7a:08:5c:
                    d1:31:90:0e:80:ca:84:bd:e1:09:17:ad:88:57:f6:
                    5f:42:0a:7c:33:3a:eb:4b:80:c6:23:c3:17:f1:de:
                    d6:8d:52:14:e5:6b:92:fe:c4:c0:85:e6:f8:7f:59:
                    58:ba:b6:47:a4:e6:44:85:8c:07:39:5e:28:22:d5:
                    51:a1:fe:d4:7d:06:18:66:33:07:ef:a6:bc:37:3b:
                    8c:eb:50:f5:a1:66:2b:94:b7:aa:68:7c:2f:d9:03:
                    07:2d:96:63:3d:19:a3:ce:f0:58:5f:40:da:b4:21:
                    f8:31:4c:1b:46:43:d3:cc:dd:10:da:2a:d8:be:bb:
                    d4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B3:E4:40:95:F3:8C:A3:88:83:6B:F6:65:B6:F9:F0:98:DC:57:94
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204549

    Signature Algorithm: sha256WithRSAEncryption
         75:51:4a:74:77:49:3b:0b:43:6a:30:ae:f8:68:7a:65:fb:48:
         1a:94:d8:c1:4d:9a:47:c6:16:92:f3:7a:c0:fe:10:1c:b1:60:
         42:75:bb:fc:36:b6:c3:1d:52:fc:30:b6:c0:f0:e4:d3:1d:18:
         27:ef:b2:27:3e:93:dc:99:1d:58:58:af:f5:a7:b9:7a:23:33:
         87:b1:ff:c4:38:6d:cb:72:87:cf:d7:96:bc:85:df:38:e5:49:
         b9:92:d1:08:3d:94:6e:96:81:34:2f:bf:76:62:d0:51:cc:46:
         bb:85:c6:f6:2f:12:f6:4d:00:29:11:2b:28:ac:a1:cc:4f:06:
         c5:36:0f:75:e3:7b:18:89:5e:3f:39:5c:40:61:19:29:d6:04:
         73:eb:a7:e1:5a:11:ef:5c:99:de:69:c6:30:1b:73:a5:5c:dc:
         ad:65:d5:09:19:b2:3c:15:c7:73:45:4d:28:7b:2c:8e:eb:cd:
         72:0f:53:ae:2d:b2:07:a2:0f:f0:8d:f8:ee:e2:fd:ab:3f:49:
         53:66:bb:9f:6c:3a:e4:eb:7f:d5:9b:c9:48:f1:c9:12:b0:96:
         ce:cc:cb:ce:ec:2c:e6:e4:50:71:93:7c:20:a4:2d:5c:a4:a3:
         a2:ea:5f:68:e4:10:b7:76:06:f4:b6:29:ba:f5:7e:10:aa:85:
         62:36:d2:59
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQlIZvkePVfavAYsecO8B4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIzZTQ0MDk1ZjM4Y2EzODg4MzZiZjY2NWI2ZjlmMDk4ZGM1Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/NbDU2JvmCvDNQgOXnFIAzl+S1y
jt4JbTo95oM1I1XtLU9RJSiPROGlo6P2dTkPWS1L11xaPz8usUOzP7YS4iKWhiDt
vLi/A1L/y3u+Z0CmKkeT30QcDzUTTR6Uc50hqd5AumRuda0mrrWkY/reiPiubI+N
e9fj20G5rfS8en7BZLB6CFzRMZAOgMqEveEJF62IV/ZfQgp8MzrrS4DGI8MX8d7W
jVIU5WuS/sTAheb4f1lYurZHpOZEhYwHOV4oItVRof7UfQYYZjMH76a8NzuM61D1
oWYrlLeqaHwv2QMHLZZjPRmjzvBYX0DatCH4MUwbRkPTzN0Q2irYvrvUcQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFL6z5ECV84yjiINr9mW2+fCY3FeUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNmLzY1YTUy
NS1hMjU5LTQwMjMtOWY5NS1hNmE0OTQ1NjJlMWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvNjVhNTI1
LWEyNTktNDAyMy05Zjk1LWE2YTQ5NDU2MmUxZC8xL3ZyUGtRSlh6aktPSWcydjJa
YmI1OEpqY1Y1US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMfBTANBgkqhkiG9w0BAQsFAAOCAQEAdVFKdHdJOwtD
ajCu+Gh6ZftIGpTYwU2aR8YWkvN6wP4QHLFgQnW7/Da2wx1S/DC2wPDk0x0YJ++y
Jz6T3JkdWFiv9ae5eiMzh7H/xDhty3KHz9eWvIXfOOVJuZLRCD2UbpaBNC+/dmLQ
UcxGu4XG9i8S9k0AKRErKKyhzE8GxTYPdeN7GIlePzlcQGEZKdYEc+un4VoR71yZ
3mnGMBtzpVzcrWXVCRmyPBXHc0VNKHssjuvNcg9Tri2yB6IP8I347uL9qz9JU2a7
n2w65Ot/1ZvJSPHJErCWzszLzuws5uRQcZN8IKQtXKSjoupfaOQQt3YG9LYpuvV+
EKqFYjbSWQ==
-----END CERTIFICATE-----