Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yrjSpYc51mIvFaU8wb1U-dsIAcY.cer
File:                     yrjSpYc51mIvFaU8wb1U-dsIAcY.cer (raw, json)
Hash identifier:          mWB07VQ8Ifyy3olqOJ5Gzh2k7FLoj9hjrgvUNhSxBX4=
Subject key identifier:   CA:B8:D2:A5:87:39:D6:62:2F:15:A5:3C:C1:BD:54:F9:DB:08:01:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427B5ABBD3659E27951C42AA147DC4857
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 15:50:04 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 207977
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b5:ab:bd:36:59:e2:79:51:c4:2a:a1:47:dc:48:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 15:50:04 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=cab8d2a58739d6622f15a53cc1bd54f9db0801c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2c:dd:ca:83:a5:cb:c5:64:db:8d:60:c7:4c:
                    ef:93:40:79:0b:60:34:39:d5:57:0a:75:0c:07:a6:
                    97:40:d0:dc:16:af:cd:54:a7:66:52:84:53:bb:17:
                    9d:4e:80:db:c5:f7:0b:29:a3:5d:c8:d3:18:91:8a:
                    f2:1a:bb:4e:d7:d9:7c:26:77:92:5a:f6:a2:d6:d9:
                    33:3c:13:9b:0e:6a:a8:18:a2:1d:3d:5b:be:5c:c6:
                    fb:dc:88:9c:c2:28:5d:20:11:54:48:e9:da:8c:7d:
                    b1:02:06:33:5d:d4:f6:b8:aa:24:51:e5:a3:98:6f:
                    9e:37:25:2d:ee:69:a5:0d:43:fe:ca:1a:0a:53:1f:
                    91:6c:2a:88:bb:6c:5e:8e:07:76:dc:bd:b0:74:27:
                    d6:ce:dc:fa:8e:0d:dc:a5:63:f1:b2:a7:b4:52:00:
                    88:78:0d:59:f2:6d:bb:c4:3d:e3:95:7f:33:16:83:
                    95:a3:c5:3f:e5:8b:51:df:06:68:e6:93:f7:ea:11:
                    f2:73:0f:02:dd:94:f9:8f:77:0e:21:c2:62:95:95:
                    26:90:92:bb:8b:fb:d5:fd:74:2e:60:6c:07:81:36:
                    01:79:aa:33:d2:01:a1:45:50:4e:40:d5:ba:b3:c5:
                    dc:00:b9:bd:3a:b8:d1:97:a9:c9:51:0c:a8:d7:e8:
                    79:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:B8:D2:A5:87:39:D6:62:2F:15:A5:3C:C1:BD:54:F9:DB:08:01:C6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/66cecf-bdfc-4278-ae03-ad1cde1b8542/1/yrjSpYc51mIvFaU8wb1U-dsIAcY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207977

    Signature Algorithm: sha256WithRSAEncryption
         1e:16:eb:d0:17:b7:2f:b7:e7:18:71:b2:08:43:43:a0:7b:2a:
         31:82:47:70:49:0d:72:f1:d7:e7:a2:11:13:fa:ff:c4:6b:57:
         e7:06:fe:ac:87:8d:9b:cf:53:51:84:71:1d:b5:f9:9e:87:7a:
         8b:02:c1:23:21:5a:04:5d:7f:a3:5f:5e:f7:45:20:a8:64:50:
         8b:cd:d0:30:c3:2c:a5:09:cd:0e:32:ad:77:ba:d9:b4:f0:19:
         ac:a3:b5:af:c8:5a:be:c6:b6:66:ec:8c:ff:5e:fe:bd:84:b0:
         d8:36:de:ad:ef:1a:0a:fe:81:7a:a0:ed:74:2e:81:cf:b9:21:
         7b:67:79:16:69:29:9c:88:14:74:b6:78:37:4b:d6:9c:03:1a:
         9a:7f:51:1d:ef:dd:09:cf:33:39:71:3b:1c:87:4b:9d:ea:e7:
         f8:04:5b:fa:16:41:fe:23:90:56:14:6d:61:26:d6:d8:f6:ba:
         71:62:0a:24:99:54:7a:00:c9:0c:36:2e:38:a3:25:cc:e8:ca:
         10:a2:07:77:85:a5:18:23:0d:41:72:0b:2e:bf:90:05:5a:70:
         27:5c:7f:74:47:78:41:3e:f8:c1:83:65:23:98:32:f6:e5:46:
         5e:74:c4:11:2d:1c:9c:b8:9b:16:8f:3d:fc:31:87:72:da:3d:
         4c:e6:16:f9
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQntau9NlnieVHEKqFH3EhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI4ZDJhNTg3MzlkNjYyMmYxNWE1M2NjMWJkNTRmOWRiMDgwMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsizdyoOly8Vk241gx0zvk0B5C2A0
OdVXCnUMB6aXQNDcFq/NVKdmUoRTuxedToDbxfcLKaNdyNMYkYryGrtO19l8JneS
Wvai1tkzPBObDmqoGKIdPVu+XMb73IicwihdIBFUSOnajH2xAgYzXdT2uKokUeWj
mG+eNyUt7mmlDUP+yhoKUx+RbCqIu2xejgd23L2wdCfWztz6jg3cpWPxsqe0UgCI
eA1Z8m27xD3jlX8zFoOVo8U/5YtR3wZo5pP36hHycw8C3ZT5j3cOIcJilZUmkJK7
i/vV/XQuYGwHgTYBeaoz0gGhRVBOQNW6s8XcALm9OrjRl6nJUQyo1+h5PwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMq40qWHOdZiLxWlPMG9VPnbCAHGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzY2Y2Vj
Zi1iZGZjLTQyNzgtYWUwMy1hZDFjZGUxYjg1NDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvNjZjZWNm
LWJkZmMtNDI3OC1hZTAzLWFkMWNkZTFiODU0Mi8xL3lyalNwWWM1MW1JdkZhVTh3
YjFVLWRzSUFjWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMsaTANBgkqhkiG9w0BAQsFAAOCAQEAHhbr0Be3L7fn
GHGyCENDoHsqMYJHcEkNcvHX56IRE/r/xGtX5wb+rIeNm89TUYRxHbX5nod6iwLB
IyFaBF1/o19e90UgqGRQi83QMMMspQnNDjKtd7rZtPAZrKO1r8havsa2ZuyM/17+
vYSw2Dbere8aCv6BeqDtdC6Bz7khe2d5FmkpnIgUdLZ4N0vWnAMamn9RHe/dCc8z
OXE7HIdLnern+ARb+hZB/iOQVhRtYSbW2Pa6cWIKJJlUegDJDDYuOKMlzOjKEKIH
d4WlGCMNQXILLr+QBVpwJ1x/dEd4QT74wYNlI5gy9uVGXnTEES0cnLibFo89/DGH
cto9TOYW+Q==
-----END CERTIFICATE-----