Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wsej20o9La--GGqmhfRzbqfQjDg.cer
File:                     wsej20o9La--GGqmhfRzbqfQjDg.cer (raw, json)
Hash identifier:          T6AcMUBRMKpP9QbQIGyRvzaZqg6f99yiy9R7K+r7gJE=
Subject key identifier:   C2:C7:A3:DB:4A:3D:2D:AF:BE:18:6A:A6:85:F4:73:6E:A7:D0:8C:38
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC79372C6C500311FEA4F70FAD91F2028
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3f/652bef-6f4e-4997-bb3a-4c9e49239624/1/wsej20o9La--GGqmhfRzbqfQjDg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3f/652bef-6f4e-4997-bb3a-4c9e49239624/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 00:29:38 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 42993

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:72:c6:c5:00:31:1f:ea:4f:70:fa:d9:1f:20:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c2c7a3db4a3d2dafbe186aa685f4736ea7d08c38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:09:fd:ab:bc:ad:7c:fe:1c:26:12:43:d6:90:
                    bd:4e:b1:71:d8:d7:76:ec:64:62:9b:f3:58:c5:6c:
                    6a:ef:5d:b8:a4:06:1d:28:15:74:e3:74:16:d5:3a:
                    01:67:3e:4f:6d:15:39:e5:2d:50:dd:1d:9b:56:3b:
                    8a:57:fc:61:f6:58:48:b6:7f:46:c4:6c:46:c5:ce:
                    2d:22:41:82:a5:61:65:98:30:b1:d7:3a:b6:5d:74:
                    8d:ea:66:13:52:5d:b0:8f:c5:00:db:7b:46:57:e8:
                    28:d2:a4:e9:5b:c8:de:18:9f:2a:94:1c:59:17:98:
                    5a:fd:61:ed:2e:5e:b6:a3:a6:3f:f9:1f:69:43:5b:
                    eb:2c:71:4c:be:93:38:f4:20:e0:e9:bc:e3:28:27:
                    30:58:b3:fc:1c:d4:52:5f:0e:99:72:10:c4:d6:08:
                    f8:2c:45:44:ce:56:cd:26:82:50:63:ee:91:3a:f0:
                    ae:17:e9:f9:f1:9e:f6:be:8e:d7:9a:0b:79:fd:f9:
                    dc:30:9e:5d:19:5a:73:93:8d:a5:10:6a:af:b3:30:
                    cc:ea:15:8c:a8:dc:91:03:99:ff:27:78:7a:e4:dc:
                    20:e6:74:58:3d:36:89:72:9f:43:e3:72:e1:76:ec:
                    5d:9c:25:a1:c3:d3:9d:fe:f1:34:33:32:85:d5:d0:
                    6b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:C7:A3:DB:4A:3D:2D:AF:BE:18:6A:A6:85:F4:73:6E:A7:D0:8C:38
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/652bef-6f4e-4997-bb3a-4c9e49239624/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/652bef-6f4e-4997-bb3a-4c9e49239624/1/wsej20o9La--GGqmhfRzbqfQjDg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  42993

    Signature Algorithm: sha256WithRSAEncryption
         82:96:98:b5:50:75:ab:95:76:55:1f:d5:31:98:60:b7:bd:4c:
         64:b7:a2:6a:ae:03:43:2d:a7:79:50:c7:00:5f:ac:16:c7:27:
         e5:e5:b3:8c:ce:37:9e:72:38:a0:7b:98:2d:0b:ae:51:20:38:
         b2:11:a5:bf:2e:1a:aa:93:61:43:a4:0f:3f:f0:4e:81:55:c4:
         14:33:46:58:c9:d2:d9:57:d4:3a:2b:4d:b1:51:58:b9:1a:e4:
         d7:57:1d:4c:2c:4a:b3:3a:29:3c:6d:f4:de:0d:0d:38:3b:5f:
         cf:93:cd:ec:49:8b:9b:10:89:62:65:5d:ca:ac:e5:88:f7:1e:
         ef:8f:f3:a1:dd:6c:d1:e5:93:98:ea:31:70:09:59:80:ef:45:
         8f:88:73:6e:bb:dd:68:fd:27:d7:16:ce:e8:15:2e:4d:5a:c7:
         bb:c7:cc:4d:96:c5:84:61:76:c1:9a:59:ba:5e:46:6a:b7:1e:
         67:31:a5:e2:31:d7:53:61:5a:f2:8c:2e:6b:52:4a:d7:8b:3c:
         c3:04:ee:a1:4f:7a:60:87:7a:4d:63:6f:f8:46:38:20:88:69:
         b7:6b:e6:04:46:78:76:98:72:ff:fa:5f:78:9c:04:ac:96:43:
         49:a9:bd:a1:fa:2a:75:98:89:12:36:c8:48:3b:77:6a:38:e7:
         ee:5a:b0:20
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHk3LGxQAxH+pPcPrZHyAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmM3YTNkYjRhM2QyZGFmYmUxODZhYTY4NWY0NzM2ZWE3ZDA4YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwn9q7ytfP4cJhJD1pC9TrFx2Nd2
7GRim/NYxWxq7124pAYdKBV043QW1ToBZz5PbRU55S1Q3R2bVjuKV/xh9lhItn9G
xGxGxc4tIkGCpWFlmDCx1zq2XXSN6mYTUl2wj8UA23tGV+go0qTpW8jeGJ8qlBxZ
F5ha/WHtLl62o6Y/+R9pQ1vrLHFMvpM49CDg6bzjKCcwWLP8HNRSXw6ZchDE1gj4
LEVEzlbNJoJQY+6ROvCuF+n58Z72vo7Xmgt5/fncMJ5dGVpzk42lEGqvszDM6hWM
qNyRA5n/J3h65Nwg5nRYPTaJcp9D43LhduxdnCWhw9Od/vE0MzKF1dBrBwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMLHo9tKPS2vvhhqpoX0c26n0Iw4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNmLzY1MmJl
Zi02ZjRlLTQ5OTctYmIzYS00YzllNDkyMzk2MjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvNjUyYmVm
LTZmNGUtNDk5Ny1iYjNhLTRjOWU0OTIzOTYyNC8xL3dzZWoyMG85TGEtLUdHcW1o
ZlJ6YnFmUWpEZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCn8TANBgkqhkiG9w0BAQsFAAOCAQEAgpaYtVB1q5V2
VR/VMZhgt71MZLeiaq4DQy2neVDHAF+sFscn5eWzjM43nnI4oHuYLQuuUSA4shGl
vy4aqpNhQ6QPP/BOgVXEFDNGWMnS2VfUOitNsVFYuRrk11cdTCxKszopPG303g0N
ODtfz5PN7EmLmxCJYmVdyqzliPce74/zod1s0eWTmOoxcAlZgO9Fj4hzbrvdaP0n
1xbO6BUuTVrHu8fMTZbFhGF2wZpZul5GarceZzGl4jHXU2Fa8owua1JK14s8wwTu
oU96YId6TWNv+EY4IIhpt2vmBEZ4dphy//pfeJwErJZDSam9ofoqdZiJEjbISDt3
ajjn7lqwIA==
-----END CERTIFICATE-----