Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wn3SnCLMMlYXEQpa_qPtKvAcgGw.cer
File:                     wn3SnCLMMlYXEQpa_qPtKvAcgGw.cer (raw, json)
Hash identifier:          SF5Rqe/9ZELSi2hQ0KARr8PzSP0hbXZAXrYG1SBxxPQ=
Subject key identifier:   C2:7D:D2:9C:22:CC:32:56:17:11:0A:5A:FE:A3:ED:2A:F0:1C:80:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019426D95DBA0712D191F7C3E488D8983054
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/wn3SnCLMMlYXEQpa_qPtKvAcgGw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 11:49:27 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 214547
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:26:d9:5d:ba:07:12:d1:91:f7:c3:e4:88:d8:98:30:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 11:49:27 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c27dd29c22cc325617110a5afea3ed2af01c806c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:96:46:51:24:d4:a6:ef:6f:b7:11:eb:98:70:
                    48:09:25:73:e1:00:0f:e4:2e:82:23:c0:45:c3:29:
                    6b:51:a7:61:c6:04:e2:7f:9e:78:17:af:14:29:33:
                    12:c6:e8:7e:3a:96:0e:5b:ee:f3:52:e9:fb:57:3e:
                    c4:24:67:f5:02:84:d3:35:6b:6b:44:60:52:3b:8d:
                    71:d3:ec:76:70:16:39:e5:08:dc:1e:f9:5c:a5:36:
                    20:90:8f:bd:7c:43:6b:c5:d8:ff:4a:25:21:80:11:
                    03:b7:a3:2d:34:fe:f3:c9:93:84:25:21:ca:ad:1b:
                    b6:1f:3e:bb:de:d1:d1:4d:bc:b7:5f:f5:b5:2d:cf:
                    af:bf:87:0a:a3:53:10:a5:4a:7f:e8:fa:2f:f4:e3:
                    ac:b9:7a:88:8a:28:21:00:0d:92:02:74:45:18:df:
                    2d:86:87:32:82:b6:9d:20:0d:07:c5:cc:e0:a4:f8:
                    fb:f2:e9:07:2a:b4:3a:5c:87:e7:c5:b1:09:01:c7:
                    0c:ba:a6:49:a3:2e:f0:d6:cc:77:ee:be:7b:20:91:
                    73:f2:3c:8b:68:07:a5:7f:84:12:90:87:45:76:9d:
                    bd:2c:83:84:dd:38:0e:a2:69:f7:6f:bf:70:b6:a0:
                    f5:33:08:3b:2b:22:63:26:e8:ed:f8:a9:43:47:ec:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7D:D2:9C:22:CC:32:56:17:11:0A:5A:FE:A3:ED:2A:F0:1C:80:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e173ab-46b4-4574-a479-891a35ecbb5b/1/wn3SnCLMMlYXEQpa_qPtKvAcgGw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214547

    Signature Algorithm: sha256WithRSAEncryption
         94:5e:37:86:2f:bc:df:d8:86:25:7d:33:51:95:64:63:c1:be:
         66:9a:c6:fd:51:2c:1b:17:83:37:f6:b1:5b:1c:bf:3e:86:8b:
         4c:88:bd:af:32:6a:e1:a0:b5:c4:3b:28:12:1a:b8:64:88:52:
         39:4a:89:3f:b9:a8:e9:02:b4:0d:90:d2:dc:a7:50:74:ed:8c:
         59:ff:0d:eb:fb:c6:8e:eb:bf:72:05:83:7d:db:0d:dc:df:bf:
         f7:47:38:d4:f4:80:a0:58:5e:f4:51:1f:fa:2e:69:eb:8c:fe:
         0e:7b:fa:7e:51:f1:62:12:67:34:8f:84:17:cf:db:74:4d:86:
         26:a3:cc:26:37:e4:5d:a3:64:58:f6:2f:4b:92:eb:de:78:7a:
         3b:83:38:e2:57:99:e8:22:31:81:e6:27:fa:d9:5c:80:b3:88:
         27:43:80:1a:f8:a7:52:b1:0e:33:fc:aa:0d:8d:55:dc:53:fc:
         67:e8:f5:d0:b3:75:e9:f8:2c:5f:a9:d0:4c:1e:30:fb:45:ed:
         52:ea:09:63:d7:d2:b1:a2:b4:2b:a2:21:df:91:3b:9e:a5:23:
         1d:9d:27:37:58:6b:b8:96:ac:3a:38:e4:77:c8:5b:c1:00:3f:
         a2:7c:af:06:b5:3d:0d:a0:f7:ba:53:86:19:9e:1d:46:bd:49:
         f6:bd:3b:29
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQm2V26BxLRkffD5IjYmDBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjdkZDI5YzIyY2MzMjU2MTcxMTBhNWFmZWEzZWQyYWYwMWM4MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJZGUSTUpu9vtxHrmHBICSVz4QAP
5C6CI8BFwylrUadhxgTif554F68UKTMSxuh+OpYOW+7zUun7Vz7EJGf1AoTTNWtr
RGBSO41x0+x2cBY55QjcHvlcpTYgkI+9fENrxdj/SiUhgBEDt6MtNP7zyZOEJSHK
rRu2Hz673tHRTby3X/W1Lc+vv4cKo1MQpUp/6Pov9OOsuXqIiighAA2SAnRFGN8t
hocygradIA0HxczgpPj78ukHKrQ6XIfnxbEJAccMuqZJoy7w1sx37r57IJFz8jyL
aAelf4QSkIdFdp29LIOE3TgOomn3b79wtqD1Mwg7KyJjJujt+KlDR+yEGwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMJ90pwizDJWFxEKWv6j7SrwHIBsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxL2UxNzNh
Yi00NmI0LTQ1NzQtYTQ3OS04OTFhMzVlY2JiNWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvZTE3M2Fi
LTQ2YjQtNDU3NC1hNDc5LTg5MWEzNWVjYmI1Yi8xL3duM1NuQ0xNTWxZWEVRcGFf
cVB0S3ZBY2dHdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNGEzANBgkqhkiG9w0BAQsFAAOCAQEAlF43hi+839iG
JX0zUZVkY8G+ZprG/VEsGxeDN/axWxy/PoaLTIi9rzJq4aC1xDsoEhq4ZIhSOUqJ
P7mo6QK0DZDS3KdQdO2MWf8N6/vGjuu/cgWDfdsN3N+/90c41PSAoFhe9FEf+i5p
64z+Dnv6flHxYhJnNI+EF8/bdE2GJqPMJjfkXaNkWPYvS5Lr3nh6O4M44leZ6CIx
geYn+tlcgLOIJ0OAGvinUrEOM/yqDY1V3FP8Z+j10LN16fgsX6nQTB4w+0XtUuoJ
Y9fSsaK0K6Ih35E7nqUjHZ0nN1hruJasOjjkd8hbwQA/onyvBrU9DaD3ulOGGZ4d
Rr1J9r07KQ==
-----END CERTIFICATE-----