Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wWD3u-jXY2d3YUisuMTKNflr6Vc.cer
File:                     wWD3u-jXY2d3YUisuMTKNflr6Vc.cer (raw, json)
Hash identifier:          tNmza0aQ+4foMj+x09k+eD3+yFGJBXk/4FR1vQJLvfg=
Subject key identifier:   C1:60:F7:BB:E8:D7:63:67:77:61:48:AC:B8:C4:CA:35:F9:6B:E9:57
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC5DBDFD256392FE6842BF26AE4EAF5D1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c4/461a83-810c-43ae-ac25-64e2bd619318/1/wWD3u-jXY2d3YUisuMTKNflr6Vc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c4/461a83-810c-43ae-ac25-64e2bd619318/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:29:30 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 25594

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:db:df:d2:56:39:2f:e6:84:2b:f2:6a:e4:ea:f5:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 16:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c160f7bbe8d76367776148acb8c4ca35f96be957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8e:f8:19:d7:47:b2:8e:c1:e2:72:c2:bb:bd:
                    e6:a8:73:5a:df:10:71:23:d4:4f:a9:82:b6:dc:d5:
                    be:61:a4:56:17:06:14:54:1b:f9:38:3a:22:88:ba:
                    d0:33:84:12:5d:35:39:10:a8:1d:e1:07:b0:f5:dd:
                    db:41:ae:34:d4:cc:8a:5e:89:42:e9:32:80:d2:de:
                    cc:e4:51:de:10:68:11:e6:27:fe:82:b8:83:83:ea:
                    8a:89:5c:7a:4b:33:20:a2:49:b2:4b:e5:d7:a6:0e:
                    5d:3e:ad:40:3b:e9:a5:cf:02:55:d4:c9:2c:1c:06:
                    f3:7a:34:01:74:54:6d:c6:b5:0b:d0:dd:02:bc:6c:
                    b4:bd:39:70:4f:12:f7:b6:44:c7:47:ad:6b:62:b2:
                    4f:f3:66:46:00:af:05:eb:0a:45:2c:b9:58:d2:2a:
                    40:76:3d:18:4f:e2:5f:e0:01:e1:e4:2d:c1:02:1b:
                    18:a4:e0:8c:5e:d6:07:59:a1:f3:f1:4b:c7:e2:6d:
                    6b:15:be:41:8c:21:0e:5d:bd:da:f7:50:9c:dd:99:
                    ea:32:2f:96:e6:36:6f:69:13:62:c1:dd:42:a6:d4:
                    ad:5d:0c:ba:c9:f4:a3:c7:19:55:a6:ed:2c:b4:13:
                    73:76:c7:26:9c:24:bc:4d:b1:01:f7:ec:94:e5:d1:
                    be:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:60:F7:BB:E8:D7:63:67:77:61:48:AC:B8:C4:CA:35:F9:6B:E9:57
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/461a83-810c-43ae-ac25-64e2bd619318/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/461a83-810c-43ae-ac25-64e2bd619318/1/wWD3u-jXY2d3YUisuMTKNflr6Vc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  25594

    Signature Algorithm: sha256WithRSAEncryption
         55:7e:70:ea:c1:93:fe:84:f2:df:c8:f8:d8:46:4d:09:77:5c:
         e9:77:a6:1f:43:72:25:dc:0a:bb:45:d7:4c:3b:c3:41:c1:aa:
         15:43:60:cd:9e:b9:26:51:2a:2c:9b:53:91:a6:8a:78:f1:51:
         de:cc:e7:b0:1d:68:09:70:bf:e1:bf:f7:04:ca:90:99:46:ac:
         20:d9:5b:18:71:ae:18:67:4b:3d:27:c4:f4:fb:38:8e:3a:c6:
         d2:19:cf:5f:f9:37:f2:73:8d:1b:11:ed:19:1b:5b:a9:db:cc:
         c8:9e:26:34:05:b2:27:14:31:02:15:de:28:3d:b4:d5:88:75:
         c9:dc:b8:86:9e:27:82:cb:a9:a4:7b:40:ff:00:0a:5f:bf:65:
         54:f0:db:57:9b:2f:7b:ac:40:6a:50:50:c7:ac:56:39:ec:33:
         cc:35:b2:d8:6f:2b:95:d7:49:ab:72:bc:56:01:b1:47:bf:8d:
         87:7a:21:ec:34:f1:a6:8b:45:69:7d:c2:39:4c:7f:2c:73:4e:
         80:12:b0:12:c6:db:9c:ba:46:03:e9:7b:8f:f3:cd:e2:8b:73:
         0f:13:5e:c2:be:6e:33:64:ec:20:d3:55:b2:6e:df:43:9f:fc:
         62:d8:7e:13:bf:ab:10:54:35:65:14:03:7f:03:4e:47:ac:04:
         6c:53:60:ea
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzF29/SVjkv5oQr8mrk6vXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTYwZjdiYmU4ZDc2MzY3Nzc2MTQ4YWNiOGM0Y2EzNWY5NmJlOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp474GddHso7B4nLCu73mqHNa3xBx
I9RPqYK23NW+YaRWFwYUVBv5ODoiiLrQM4QSXTU5EKgd4Qew9d3bQa401MyKXolC
6TKA0t7M5FHeEGgR5if+griDg+qKiVx6SzMgokmyS+XXpg5dPq1AO+mlzwJV1Mks
HAbzejQBdFRtxrUL0N0CvGy0vTlwTxL3tkTHR61rYrJP82ZGAK8F6wpFLLlY0ipA
dj0YT+Jf4AHh5C3BAhsYpOCMXtYHWaHz8UvH4m1rFb5BjCEOXb3a91Cc3ZnqMi+W
5jZvaRNiwd1CptStXQy6yfSjxxlVpu0stBNzdscmnCS8TbEB9+yU5dG+RQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFMFg97vo12Nnd2FIrLjEyjX5a+lXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzQ2MWE4
My04MTBjLTQzYWUtYWMyNS02NGUyYmQ2MTkzMTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvNDYxYTgz
LTgxMGMtNDNhZS1hYzI1LTY0ZTJiZDYxOTMxOC8xL3dXRDN1LWpYWTJkM1lVaXN1
TVRLTmZscjZWYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAmP6MA0GCSqGSIb3DQEBCwUAA4IBAQBVfnDqwZP+hPLf
yPjYRk0Jd1zpd6YfQ3Il3Aq7RddMO8NBwaoVQ2DNnrkmUSosm1ORpop48VHezOew
HWgJcL/hv/cEypCZRqwg2VsYca4YZ0s9J8T0+ziOOsbSGc9f+Tfyc40bEe0ZG1up
28zIniY0BbInFDECFd4oPbTViHXJ3LiGnieCy6mke0D/AApfv2VU8NtXmy97rEBq
UFDHrFY57DPMNbLYbyuV10mrcrxWAbFHv42HeiHsNPGmi0VpfcI5TH8sc06AErAS
xtucukYD6XuP883ii3MPE17Cvm4zZOwg01Wybt9Dn/xi2H4Tv6sQVDVlFAN/A05H
rARsU2Dq
-----END CERTIFICATE-----