Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yrjSpYc51mIvFaU8wb1U-dsIAcY.cer
File:                     yrjSpYc51mIvFaU8wb1U-dsIAcY.cer (raw, json)
Hash identifier:          g3IN9ud1tFjtPKy5TzY7UiWDl7qLkwoRkJiPbLtNZSA=
Subject key identifier:   CA:B8:D2:A5:87:39:D6:62:2F:15:A5:3C:C1:BD:54:F9:DB:08:01:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0190266A93C42660A7BD06AB1076F87FA0C1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 17 Jun 2024 13:37:17 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207977

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Sep 2024 14:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:26:6a:93:c4:26:60:a7:bd:06:ab:10:76:f8:7f:a0:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 17 13:37:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cab8d2a58739d6622f15a53cc1bd54f9db0801c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2c:dd:ca:83:a5:cb:c5:64:db:8d:60:c7:4c:
                    ef:93:40:79:0b:60:34:39:d5:57:0a:75:0c:07:a6:
                    97:40:d0:dc:16:af:cd:54:a7:66:52:84:53:bb:17:
                    9d:4e:80:db:c5:f7:0b:29:a3:5d:c8:d3:18:91:8a:
                    f2:1a:bb:4e:d7:d9:7c:26:77:92:5a:f6:a2:d6:d9:
                    33:3c:13:9b:0e:6a:a8:18:a2:1d:3d:5b:be:5c:c6:
                    fb:dc:88:9c:c2:28:5d:20:11:54:48:e9:da:8c:7d:
                    b1:02:06:33:5d:d4:f6:b8:aa:24:51:e5:a3:98:6f:
                    9e:37:25:2d:ee:69:a5:0d:43:fe:ca:1a:0a:53:1f:
                    91:6c:2a:88:bb:6c:5e:8e:07:76:dc:bd:b0:74:27:
                    d6:ce:dc:fa:8e:0d:dc:a5:63:f1:b2:a7:b4:52:00:
                    88:78:0d:59:f2:6d:bb:c4:3d:e3:95:7f:33:16:83:
                    95:a3:c5:3f:e5:8b:51:df:06:68:e6:93:f7:ea:11:
                    f2:73:0f:02:dd:94:f9:8f:77:0e:21:c2:62:95:95:
                    26:90:92:bb:8b:fb:d5:fd:74:2e:60:6c:07:81:36:
                    01:79:aa:33:d2:01:a1:45:50:4e:40:d5:ba:b3:c5:
                    dc:00:b9:bd:3a:b8:d1:97:a9:c9:51:0c:a8:d7:e8:
                    79:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:B8:D2:A5:87:39:D6:62:2F:15:A5:3C:C1:BD:54:F9:DB:08:01:C6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207977

    Signature Algorithm: sha256WithRSAEncryption
         74:8c:e2:0a:5a:f9:e8:4c:78:4f:74:af:da:1f:b7:ac:10:9d:
         cf:12:81:da:48:88:3f:45:27:e6:80:92:f4:7e:0e:fd:8a:e6:
         58:21:5c:47:87:f9:ef:f7:2d:cc:ac:db:fb:5c:39:b8:f0:dd:
         68:49:08:05:6c:ef:99:26:78:67:03:e1:61:43:51:df:be:f5:
         82:a5:6f:a6:9d:3d:db:32:3e:06:7d:03:35:59:ff:32:b8:a4:
         43:44:49:97:98:4a:3f:c6:e7:a4:fa:31:c9:f2:6b:41:89:0d:
         cd:be:ff:7e:bd:72:d1:45:7f:a1:39:4e:b1:84:de:40:df:fc:
         23:f1:b8:0e:01:d8:eb:c1:5e:af:ee:f2:63:71:e5:d0:22:94:
         44:af:75:95:5a:97:a8:78:09:f5:34:0b:7d:3d:19:e0:e8:8a:
         8d:9b:8f:e3:fe:93:4f:e1:30:b6:bc:bd:a0:ac:c8:24:74:1c:
         8b:16:a8:2a:46:02:a1:33:b9:e8:d5:52:a4:42:4c:75:6e:b3:
         cb:bf:27:b2:16:33:44:31:0a:09:6e:ff:27:a6:ce:ec:e3:1c:
         f0:bb:3e:d4:3e:76:b8:f3:be:2a:d3:6c:c6:f2:7a:51:c0:6b:
         2d:cd:48:1b:6a:1f:c4:7d:87:c7:68:dd:e1:d0:d2:0a:91:37:
         05:e4:aa:12
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZAmapPEJmCnvQarEHb4f6DBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjE3MTMzNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI4ZDJhNTg3MzlkNjYyMmYxNWE1M2NjMWJkNTRmOWRiMDgwMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsizdyoOly8Vk241gx0zvk0B5C2A0
OdVXCnUMB6aXQNDcFq/NVKdmUoRTuxedToDbxfcLKaNdyNMYkYryGrtO19l8JneS
Wvai1tkzPBObDmqoGKIdPVu+XMb73IicwihdIBFUSOnajH2xAgYzXdT2uKokUeWj
mG+eNyUt7mmlDUP+yhoKUx+RbCqIu2xejgd23L2wdCfWztz6jg3cpWPxsqe0UgCI
eA1Z8m27xD3jlX8zFoOVo8U/5YtR3wZo5pP36hHycw8C3ZT5j3cOIcJilZUmkJK7
i/vV/XQuYGwHgTYBeaoz0gGhRVBOQNW6s8XcALm9OrjRl6nJUQyo1+h5PwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMq40qWHOdZiLxWlPMG9VPnbCAHGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzY2Y2Vj
Zi1iZGZjLTQyNzgtYWUwMy1hZDFjZGUxYjg1NDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvNjZjZWNm
LWJkZmMtNDI3OC1hZTAzLWFkMWNkZTFiODU0Mi8xL3lyalNwWWM1MW1JdkZhVTh3
YjFVLWRzSUFjWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMsaTANBgkqhkiG9w0BAQsFAAOCAQEAdIziClr56Ex4
T3Sv2h+3rBCdzxKB2kiIP0Un5oCS9H4O/YrmWCFcR4f57/ctzKzb+1w5uPDdaEkI
BWzvmSZ4ZwPhYUNR3771gqVvpp092zI+Bn0DNVn/MrikQ0RJl5hKP8bnpPoxyfJr
QYkNzb7/fr1y0UV/oTlOsYTeQN/8I/G4DgHY68Fer+7yY3Hl0CKURK91lVqXqHgJ
9TQLfT0Z4OiKjZuP4/6TT+Ewtry9oKzIJHQcixaoKkYCoTO56NVSpEJMdW6zy78n
shYzRDEKCW7/J6bO7OMc8Ls+1D52uPO+KtNsxvJ6UcBrLc1IG2ofxH2Hx2jd4dDS
CpE3BeSqEg==
-----END CERTIFICATE-----