Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
File:                     xorAnHI17TE4Ph_ThzkY3RgzNCo.cer (raw, json)
Hash identifier:          scBN94kC5Ryb69k9Y1vc4RTQWSbquzFZWW6fOy9wzQI=
Subject key identifier:   C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427474F89D19D4FA3635B048B95FF918E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 13:49:32 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 209515
                          IP: 91.132.16.0/22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:47:4f:89:d1:9d:4f:a3:63:5b:04:8b:95:ff:91:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 13:49:32 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c68ac09c7235ed31383e1fd3873918dd1833342a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:60:d7:59:2b:7c:30:33:a1:09:54:a8:ac:32:
                    be:15:70:88:26:87:c4:2b:b0:49:62:8f:46:1d:78:
                    40:70:6c:cf:31:2f:b9:4f:4c:2f:30:af:da:ff:85:
                    07:b1:42:bb:2d:f4:93:be:5b:32:00:0d:99:b7:ef:
                    f6:ed:82:9b:5a:87:8b:1c:f2:4f:6b:2a:08:10:49:
                    ce:0b:b5:96:9c:71:ae:c0:f2:73:e0:b5:66:7c:1c:
                    57:e1:04:30:ee:3b:90:6e:98:3f:d5:68:13:af:5c:
                    df:3a:c6:59:6e:88:23:11:32:23:71:84:b9:4c:b2:
                    20:ae:fc:83:fe:8c:c1:7e:1a:9b:94:a9:c0:95:53:
                    72:63:16:65:4a:28:9b:dc:93:0b:1b:40:48:3a:cf:
                    89:9b:27:cb:b6:89:3f:ba:d7:f0:7c:b5:c6:62:b6:
                    be:20:70:fb:7e:fd:6d:67:8f:a6:2f:ae:23:c2:9b:
                    31:13:02:61:15:bc:9b:43:fb:6e:07:c5:bf:3c:db:
                    21:82:5d:a0:0d:6b:f0:2b:7e:90:10:82:da:14:28:
                    6e:21:f9:26:f7:1c:56:05:4c:13:f7:db:41:2b:6b:
                    41:8c:fe:bc:40:d0:b5:39:be:65:6e:ba:5c:c6:9c:
                    ab:87:d5:7e:b3:e3:86:56:90:22:91:47:48:ea:07:
                    f9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.16.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209515

    Signature Algorithm: sha256WithRSAEncryption
         05:e2:55:3d:52:b8:74:43:c7:76:47:96:d9:e8:39:9d:b4:04:
         cb:83:12:5c:ba:b0:a4:17:fd:f6:a8:c0:e9:a3:14:fa:88:cb:
         e2:c8:f3:52:3b:41:a4:39:bf:21:2d:90:3a:04:76:1b:b9:61:
         54:b9:60:b7:9e:a0:1f:23:c8:37:d7:63:0a:bd:6a:3c:1e:cf:
         c2:70:73:aa:46:a1:5f:aa:6a:23:8b:ed:1a:68:dc:34:02:d4:
         49:47:40:ab:78:fc:a6:ee:04:ce:eb:99:c7:34:8b:ad:01:b2:
         2a:e8:61:e3:52:75:6b:33:d9:8c:14:25:19:0c:bf:af:20:1f:
         9b:1f:56:6c:18:09:8c:95:9b:78:7b:d8:cc:5b:0c:78:55:56:
         25:83:6a:40:8a:ee:85:20:8d:b2:ac:e4:95:61:77:53:f2:62:
         93:dd:07:8d:cc:29:47:da:9f:2d:c2:15:22:a8:58:04:75:5b:
         47:40:64:df:1c:be:15:4f:e5:42:0d:81:b7:74:ef:e2:4c:a3:
         20:3f:8f:da:c7:9d:78:53:c3:87:40:e9:09:a8:24:8f:6c:82:
         83:b9:0b:9a:68:e0:29:df:59:87:dc:0b:ed:18:6c:e7:f5:ea:
         80:86:2e:e6:16:b8:3e:6e:5b:48:e4:75:26:fd:31:21:3c:ae:
         b0:e8:22:9d
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQnR0+J0Z1Po2NbBIuV/5GOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhhYzA5YzcyMzVlZDMxMzgzZTFmZDM4NzM5MThkZDE4MzMzNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumDXWSt8MDOhCVSorDK+FXCIJofE
K7BJYo9GHXhAcGzPMS+5T0wvMK/a/4UHsUK7LfSTvlsyAA2Zt+/27YKbWoeLHPJP
ayoIEEnOC7WWnHGuwPJz4LVmfBxX4QQw7juQbpg/1WgTr1zfOsZZbogjETIjcYS5
TLIgrvyD/ozBfhqblKnAlVNyYxZlSiib3JMLG0BIOs+JmyfLtok/utfwfLXGYra+
IHD7fv1tZ4+mL64jwpsxEwJhFbybQ/tuB8W/PNshgl2gDWvwK36QEILaFChuIfkm
9xxWBUwT99tBK2tBjP68QNC1Ob5lbrpcxpyrh9V+s+OGVpAikUdI6gf55QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFMaKwJxyNe0xOD4f04c5GN0YMzQqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlhLzQ5MmJk
MC05OTNiLTQ3NmUtOGZhYy05ZGU0OGQ0M2IxZGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvNDkyYmQw
LTk5M2ItNDc2ZS04ZmFjLTlkZTQ4ZDQzYjFkYi8xL3hvckFuSEkxN1RFNFBoX1Ro
emtZM1Jnek5Dby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCW4QQMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMyazANBgkqhkiG9w0BAQsFAAOCAQEABeJVPVK4dEPHdkeW2eg5nbQEy4MSXLqw
pBf99qjA6aMU+ojL4sjzUjtBpDm/IS2QOgR2G7lhVLlgt56gHyPIN9djCr1qPB7P
wnBzqkahX6pqI4vtGmjcNALUSUdAq3j8pu4EzuuZxzSLrQGyKuhh41J1azPZjBQl
GQy/ryAfmx9WbBgJjJWbeHvYzFsMeFVWJYNqQIruhSCNsqzklWF3U/Jik90Hjcwp
R9qfLcIVIqhYBHVbR0Bk3xy+FU/lQg2Bt3Tv4kyjID+P2sedeFPDh0DpCagkj2yC
g7kLmmjgKd9Zh9wL7Rhs5/XqgIYu5ha4Pm5bSOR1Jv0xITyusOginQ==
-----END CERTIFICATE-----