Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
File:                     yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer (raw, json)
Hash identifier:          L95nqPYx/kZjp2YhIrWaW42v+Hofj+ASikv7JFsQYrE=
Subject key identifier:   C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94CD945FABFEEAB72B76378F1A5D85C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:31:45 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 34323

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4c:d9:45:fa:bf:ee:ab:72:b7:63:78:f1:a5:d8:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:31:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:38:74:f7:aa:7f:5d:ac:a6:8d:b3:3c:5e:b8:
                    db:20:f3:d5:4b:c9:bd:cc:35:8a:1f:f7:af:2f:9d:
                    f0:af:10:0c:24:a0:cd:ba:15:61:e2:1c:f2:ac:a5:
                    f9:a0:65:0d:aa:e5:3f:9c:7d:28:a6:d1:1c:5d:48:
                    61:9e:42:92:3f:b6:b6:3e:fe:82:b3:c5:94:eb:db:
                    3b:f8:75:11:45:85:9e:a3:a7:38:87:de:3f:47:39:
                    98:ba:81:b3:98:80:1c:28:8e:6a:fd:ac:3e:45:d7:
                    97:e9:4d:2a:38:bd:0c:64:28:30:1b:3b:43:9b:e0:
                    57:b9:61:9b:45:4a:ea:b1:9e:2d:60:da:b2:b4:b7:
                    a6:85:09:0d:a1:ad:39:1b:28:e2:9e:4c:a4:10:07:
                    7b:99:1c:06:60:02:1c:dc:11:0c:a2:52:f9:6d:0e:
                    d7:9f:fb:fd:de:10:49:92:a7:1b:fa:62:cb:31:7b:
                    1f:77:66:02:db:e7:c9:57:7f:fd:e6:cd:c2:87:d3:
                    5f:c7:90:6d:f6:79:ee:f1:7a:25:d6:c9:ad:d2:15:
                    38:96:9b:17:e5:27:eb:c1:71:89:b2:8b:12:6e:c2:
                    39:36:a4:b6:44:a8:83:97:42:85:2d:3c:6f:11:2d:
                    f5:76:2a:79:4f:70:4c:8f:92:27:b6:03:da:25:25:
                    0c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  34323

    Signature Algorithm: sha256WithRSAEncryption
         3e:e4:dc:e9:93:e0:49:05:4f:73:c9:0e:ab:15:f0:29:2e:49:
         c5:3e:31:ac:9a:f9:74:7f:8b:4a:cd:b3:04:1c:24:31:d7:25:
         89:34:22:a1:e7:70:e6:d1:e2:43:d4:21:1f:c6:4b:28:7f:00:
         3d:9f:97:99:fe:47:c5:14:81:c8:dd:23:c0:a9:69:15:ca:bb:
         c2:01:91:4e:bf:5f:81:09:2d:ff:f5:1b:73:10:48:eb:a8:55:
         ed:a8:b3:04:91:4b:27:26:64:50:55:38:d3:1c:e3:0c:e6:fc:
         2c:b5:66:32:25:2b:9e:72:58:9b:52:c1:31:ea:12:55:6f:76:
         35:91:63:36:7d:00:e4:27:2b:f3:fb:83:44:7f:44:13:30:82:
         da:3e:6b:a6:51:54:53:24:bb:2e:06:c0:98:e4:c4:42:78:26:
         8e:34:fb:f6:50:51:8c:ba:4c:f7:41:eb:c6:71:de:9e:b7:ee:
         28:fc:3f:cb:99:63:dd:c8:5a:74:12:12:41:b8:41:ac:f7:25:
         a4:2a:ae:7e:ad:7d:f7:0a:14:4a:be:88:f1:32:75:5f:73:2e:
         b8:e5:c0:df:9b:0f:ea:34:cd:90:b7:e2:ae:eb:c9:97:c8:29:
         a6:58:e2:f3:67:da:a9:8a:7a:52:14:46:f9:42:73:47:4b:2a:
         c5:91:f2:53
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzJTNlF+r/uq3K3Y3jxpdhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY3NmZmZGUzMTdmMmVjMWI4MTAwZDJkOWQ0NGEzZTdkOGY3OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjh096p/XaymjbM8XrjbIPPVS8m9
zDWKH/evL53wrxAMJKDNuhVh4hzyrKX5oGUNquU/nH0optEcXUhhnkKSP7a2Pv6C
s8WU69s7+HURRYWeo6c4h94/RzmYuoGzmIAcKI5q/aw+RdeX6U0qOL0MZCgwGztD
m+BXuWGbRUrqsZ4tYNqytLemhQkNoa05GyjinkykEAd7mRwGYAIc3BEMolL5bQ7X
n/v93hBJkqcb+mLLMXsfd2YC2+fJV3/95s3Ch9Nfx5Bt9nnu8Xol1smt0hU4lpsX
5SfrwXGJsosSbsI5NqS2RKiDl0KFLTxvES31dip5T3BMj5IntgPaJSUMxwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMhnb/3jF/LsG4EA0tnUSj59j3jWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhLzQ5YjMw
Ny1mZGNhLTRjNTctYWZkZi03MDk3OTNjZDAxMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEvNDliMzA3
LWZkY2EtNGM1Ny1hZmRmLTcwOTc5M2NkMDEyMy8xL3lHZHZfZU1YOHV3YmdRRFMy
ZFJLUG4yUGVOWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCGEzANBgkqhkiG9w0BAQsFAAOCAQEAPuTc6ZPgSQVP
c8kOqxXwKS5JxT4xrJr5dH+LSs2zBBwkMdcliTQioedw5tHiQ9QhH8ZLKH8APZ+X
mf5HxRSByN0jwKlpFcq7wgGRTr9fgQkt//UbcxBI66hV7aizBJFLJyZkUFU40xzj
DOb8LLVmMiUrnnJYm1LBMeoSVW92NZFjNn0A5Ccr8/uDRH9EEzCC2j5rplFUUyS7
LgbAmOTEQngmjjT79lBRjLpM90HrxnHenrfuKPw/y5lj3chadBISQbhBrPclpCqu
fq199woUSr6I8TJ1X3MuuOXA35sP6jTNkLfiruvJl8gpplji82faqYp6UhRG+UJz
R0sqxZHyUw==
-----END CERTIFICATE-----