Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/w7OWKu5OiuTGzNiXnlOYAuoOTOc.cer
File:                     w7OWKu5OiuTGzNiXnlOYAuoOTOc.cer (raw, json)
Hash identifier:          WTyluKZQqzULmKwiWu6DQZmFXLS2k6PjRTltIUHD2kY=
Subject key identifier:   C3:B3:96:2A:EE:4E:8A:E4:C6:CC:D8:97:9E:53:98:02:EA:0E:4C:E7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019425FDB1953A11CA2C71C0C99048D45879
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e8/2645a7-532c-4fa1-bcdd-ea5dad8b4765/1/w7OWKu5OiuTGzNiXnlOYAuoOTOc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e8/2645a7-532c-4fa1-bcdd-ea5dad8b4765/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 07:49:30 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 212058
                          IP: 185.197.183.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:fd:b1:95:3a:11:ca:2c:71:c0:c9:90:48:d4:58:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 07:49:30 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c3b3962aee4e8ae4c6ccd8979e539802ea0e4ce7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:07:e9:05:bd:c1:aa:a1:49:22:c4:e7:89:df:
                    fb:e1:0a:09:48:3c:3e:38:f7:d5:ed:4a:c7:d7:ac:
                    79:7b:a8:22:61:64:fd:ec:c3:97:14:76:9a:64:ed:
                    d3:56:2f:74:fb:34:4d:35:a4:39:04:39:00:1d:97:
                    b7:d1:15:c9:70:20:31:95:57:02:cd:6f:f9:60:09:
                    3f:2d:5e:b2:70:ff:09:1d:43:9e:f3:cd:f3:72:ba:
                    28:5c:d4:28:f3:66:f0:72:e4:2f:d5:78:58:10:37:
                    fa:32:f4:8b:6a:3d:3a:cc:52:fa:ac:2e:ee:d5:31:
                    6a:e8:30:40:f9:21:e8:cf:c5:1b:72:19:dd:08:1d:
                    00:a7:48:99:d3:8f:f9:bb:a9:57:d9:6f:54:1f:36:
                    fd:f7:0c:e9:9e:20:89:16:8c:a3:1a:86:8e:82:7e:
                    e8:0c:81:83:8f:1e:52:33:7f:97:6f:38:b1:5b:b3:
                    49:91:54:e8:3a:9b:be:57:ed:4d:d1:06:26:7b:a1:
                    cb:28:bd:06:d3:76:36:aa:1b:e1:95:ce:8d:7b:a5:
                    aa:5c:06:a6:96:bf:08:e5:55:4d:8c:77:dd:5e:5b:
                    7e:33:f4:c2:0b:47:3c:a4:dc:8f:25:32:51:c9:b1:
                    cc:94:58:6d:5a:e1:51:1f:9b:f1:76:d9:e1:ed:a0:
                    e9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B3:96:2A:EE:4E:8A:E4:C6:CC:D8:97:9E:53:98:02:EA:0E:4C:E7
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2645a7-532c-4fa1-bcdd-ea5dad8b4765/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2645a7-532c-4fa1-bcdd-ea5dad8b4765/1/w7OWKu5OiuTGzNiXnlOYAuoOTOc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.183.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212058

    Signature Algorithm: sha256WithRSAEncryption
         31:04:ab:81:3d:f1:d7:10:1a:1b:e6:1b:b1:f2:29:75:4e:e8:
         96:ad:78:e7:0c:c4:cf:3b:b5:50:c3:5d:73:60:a1:36:71:b5:
         57:1c:dd:03:08:e6:8b:53:1f:8c:83:ea:b1:f4:f5:d7:7c:68:
         1b:19:a2:ac:f8:f8:d3:eb:2d:97:c8:ad:5a:41:fa:ce:78:5b:
         54:0d:a4:21:53:cf:5d:67:a3:e2:d7:03:44:f9:07:20:84:85:
         4f:e2:d5:98:a7:2b:d7:a1:f3:45:a4:4f:03:0c:57:b5:c3:13:
         f9:b9:c0:d7:2f:dc:fb:c7:49:62:ce:24:94:68:5d:fc:06:f3:
         61:0a:1f:41:be:4f:69:82:a0:2a:d7:52:d2:1f:ba:c6:db:3d:
         5f:77:e8:e6:c0:34:fa:c3:f2:b4:30:d9:9e:25:96:21:6f:d5:
         0a:73:23:15:e3:09:ff:b5:88:fc:35:08:1c:6d:38:44:e6:60:
         70:5a:78:73:b8:8b:aa:48:51:ca:d6:b8:f4:ca:81:d7:37:98:
         7c:07:11:f6:d1:d0:64:66:55:71:58:c9:aa:a6:4c:11:cb:18:
         e2:d2:d7:46:03:15:da:da:97:7c:65:d6:9e:fb:f9:6d:c4:c8:
         ef:2f:17:e0:4b:f0:f5:21:d7:0d:7d:ef:fa:db:ae:60:50:13:
         8d:11:bd:e1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQl/bGVOhHKLHHAyZBI1Fh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2IzOTYyYWVlNGU4YWU0YzZjY2Q4OTc5ZTUzOTgwMmVhMGU0Y2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQfpBb3BqqFJIsTnid/74QoJSDw+
OPfV7UrH16x5e6giYWT97MOXFHaaZO3TVi90+zRNNaQ5BDkAHZe30RXJcCAxlVcC
zW/5YAk/LV6ycP8JHUOe883zcrooXNQo82bwcuQv1XhYEDf6MvSLaj06zFL6rC7u
1TFq6DBA+SHoz8UbchndCB0Ap0iZ04/5u6lX2W9UHzb99wzpniCJFoyjGoaOgn7o
DIGDjx5SM3+XbzixW7NJkVToOpu+V+1N0QYme6HLKL0G03Y2qhvhlc6Ne6WqXAam
lr8I5VVNjHfdXlt+M/TCC0c8pNyPJTJRybHMlFhtWuFRH5vxdtnh7aDptQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFMOzliruTorkxszYl55TmALqDkznMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U4LzI2NDVh
Ny01MzJjLTRmYTEtYmNkZC1lYTVkYWQ4YjQ3NjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgvMjY0NWE3
LTUzMmMtNGZhMS1iY2RkLWVhNWRhZDhiNDc2NS8xL3c3T1dLdTVPaXVUR3pOaVhu
bE9ZQXVvT1RPYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAucW3MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM8WjANBgkqhkiG9w0BAQsFAAOCAQEAMQSrgT3x1xAaG+YbsfIpdU7olq145wzE
zzu1UMNdc2ChNnG1VxzdAwjmi1MfjIPqsfT113xoGxmirPj40+stl8itWkH6znhb
VA2kIVPPXWej4tcDRPkHIISFT+LVmKcr16HzRaRPAwxXtcMT+bnA1y/c+8dJYs4k
lGhd/AbzYQofQb5PaYKgKtdS0h+6xts9X3fo5sA0+sPytDDZniWWIW/VCnMjFeMJ
/7WI/DUIHG04ROZgcFp4c7iLqkhRyta49MqB1zeYfAcR9tHQZGZVcVjJqqZMEcsY
4tLXRgMV2tqXfGXWnvv5bcTI7y8X4Evw9SHXDX3v+tuuYFATjRG94Q==
-----END CERTIFICATE-----