Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wn3SnCLMMlYXEQpa_qPtKvAcgGw.cer
File:                     wn3SnCLMMlYXEQpa_qPtKvAcgGw.cer (raw, json)
Hash identifier:          sfEjThjUoiJgFmPDuRE8jwdQ3kFu8mJQ9cozJVZgy5Y=
Subject key identifier:   C2:7D:D2:9C:22:CC:32:56:17:11:0A:5A:FE:A3:ED:2A:F0:1C:80:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0190A0896BC78BA5C929CB44A0CBB411B260
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/wn3SnCLMMlYXEQpa_qPtKvAcgGw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 11 Jul 2024 06:44:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 214547

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Sep 2024 14:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:a0:89:6b:c7:8b:a5:c9:29:cb:44:a0:cb:b4:11:b2:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul 11 06:44:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c27dd29c22cc325617110a5afea3ed2af01c806c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:96:46:51:24:d4:a6:ef:6f:b7:11:eb:98:70:
                    48:09:25:73:e1:00:0f:e4:2e:82:23:c0:45:c3:29:
                    6b:51:a7:61:c6:04:e2:7f:9e:78:17:af:14:29:33:
                    12:c6:e8:7e:3a:96:0e:5b:ee:f3:52:e9:fb:57:3e:
                    c4:24:67:f5:02:84:d3:35:6b:6b:44:60:52:3b:8d:
                    71:d3:ec:76:70:16:39:e5:08:dc:1e:f9:5c:a5:36:
                    20:90:8f:bd:7c:43:6b:c5:d8:ff:4a:25:21:80:11:
                    03:b7:a3:2d:34:fe:f3:c9:93:84:25:21:ca:ad:1b:
                    b6:1f:3e:bb:de:d1:d1:4d:bc:b7:5f:f5:b5:2d:cf:
                    af:bf:87:0a:a3:53:10:a5:4a:7f:e8:fa:2f:f4:e3:
                    ac:b9:7a:88:8a:28:21:00:0d:92:02:74:45:18:df:
                    2d:86:87:32:82:b6:9d:20:0d:07:c5:cc:e0:a4:f8:
                    fb:f2:e9:07:2a:b4:3a:5c:87:e7:c5:b1:09:01:c7:
                    0c:ba:a6:49:a3:2e:f0:d6:cc:77:ee:be:7b:20:91:
                    73:f2:3c:8b:68:07:a5:7f:84:12:90:87:45:76:9d:
                    bd:2c:83:84:dd:38:0e:a2:69:f7:6f:bf:70:b6:a0:
                    f5:33:08:3b:2b:22:63:26:e8:ed:f8:a9:43:47:ec:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7D:D2:9C:22:CC:32:56:17:11:0A:5A:FE:A3:ED:2A:F0:1C:80:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/wn3SnCLMMlYXEQpa_qPtKvAcgGw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214547

    Signature Algorithm: sha256WithRSAEncryption
         12:7a:0d:25:6f:98:15:70:69:cc:4e:50:b8:6f:8c:79:a1:5c:
         aa:cf:6e:e3:8f:3e:64:97:26:50:29:60:01:5e:2c:f5:67:a9:
         9b:2c:ed:85:72:f6:cc:2a:33:1e:89:d5:81:27:79:c4:a7:e1:
         70:a1:81:d2:27:8d:ee:65:aa:ed:c9:cd:8a:88:5e:83:cc:af:
         d6:8c:b5:a5:bd:b5:f0:f1:47:b0:fe:8c:7a:0f:00:41:06:07:
         69:b8:d3:ab:26:dc:02:02:90:a2:c8:8d:76:4b:41:69:f8:01:
         36:54:a1:55:6e:d4:f7:83:00:1e:7d:92:81:0d:db:b2:44:51:
         3e:93:9d:0f:c2:f3:43:1a:3a:fb:13:43:27:11:e5:48:be:2f:
         59:17:0f:b3:97:a4:15:b7:95:f0:be:1e:ba:a1:02:9b:2e:a4:
         d6:93:01:a8:10:d0:bb:99:af:0a:1c:c4:f2:37:77:e3:f9:3e:
         b0:cc:37:c3:58:6b:4c:8f:fd:7e:ee:eb:c7:e9:95:19:c3:9b:
         d1:bd:1e:bb:01:88:20:ef:52:1c:b2:19:c2:6b:c4:f5:1e:8a:
         05:e5:61:27:cd:c7:7a:97:2c:2d:ac:54:0e:06:63:1e:70:7d:
         df:e0:3d:7a:71:fc:bf:65:fc:ce:03:19:69:62:21:a6:56:16:
         49:ce:69:8c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZCgiWvHi6XJKctEoMu0EbJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNzExMDY0NDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjdkZDI5YzIyY2MzMjU2MTcxMTBhNWFmZWEzZWQyYWYwMWM4MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJZGUSTUpu9vtxHrmHBICSVz4QAP
5C6CI8BFwylrUadhxgTif554F68UKTMSxuh+OpYOW+7zUun7Vz7EJGf1AoTTNWtr
RGBSO41x0+x2cBY55QjcHvlcpTYgkI+9fENrxdj/SiUhgBEDt6MtNP7zyZOEJSHK
rRu2Hz673tHRTby3X/W1Lc+vv4cKo1MQpUp/6Pov9OOsuXqIiighAA2SAnRFGN8t
hocygradIA0HxczgpPj78ukHKrQ6XIfnxbEJAccMuqZJoy7w1sx37r57IJFz8jyL
aAelf4QSkIdFdp29LIOE3TgOomn3b79wtqD1Mwg7KyJjJujt+KlDR+yEGwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMJ90pwizDJWFxEKWv6j7SrwHIBsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxL2UxNzNh
Yi00NmI0LTQ1NzQtYTQ3OS04OTFhMzVlY2JiNWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvZTE3M2Fi
LTQ2YjQtNDU3NC1hNDc5LTg5MWEzNWVjYmI1Yi8xL3duM1NuQ0xNTWxZWEVRcGFf
cVB0S3ZBY2dHdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNGEzANBgkqhkiG9w0BAQsFAAOCAQEAEnoNJW+YFXBp
zE5QuG+MeaFcqs9u448+ZJcmUClgAV4s9WepmyzthXL2zCozHonVgSd5xKfhcKGB
0ieN7mWq7cnNioheg8yv1oy1pb218PFHsP6Meg8AQQYHabjTqybcAgKQosiNdktB
afgBNlShVW7U94MAHn2SgQ3bskRRPpOdD8LzQxo6+xNDJxHlSL4vWRcPs5ekFbeV
8L4euqECmy6k1pMBqBDQu5mvChzE8jd34/k+sMw3w1hrTI/9fu7rx+mVGcOb0b0e
uwGIIO9SHLIZwmvE9R6KBeVhJ83HepcsLaxUDgZjHnB93+A9enH8v2X8zgMZaWIh
plYWSc5pjA==
-----END CERTIFICATE-----