Certificate

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
File:                     ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer (raw, json)
Hash identifier:          wWQVq++H0snYOL2+/ufNVh7NJ3JPQRzuRKG7lvk6haQ=
Subject key identifier:   65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Certificate issuer:       /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial:       0198EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Manifest:                 rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
caRepository:             rsync://krill.rg.net/repo/rpki-beacons-ca/0/
Notify URL:               https://krill.rg.net/rrdp/notification.xml
Certificate not before:   Sun 20 Apr 2025 23:37:39 +0000
Certificate not after:    Mon 20 Apr 2026 17:25:43 +0000
Subordinate resources:    IP: 45.132.188.0/22
                          IP: 147.28.10.0/23
Validation:               OK
Signature path:           rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
                          rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 08:26:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104686 (0x198ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
        Validity
            Not Before: Apr 20 23:37:39 2025 GMT
            Not After : Apr 20 17:25:43 2026 GMT
        Subject: CN=656E4422ABF129649200EB019A815F2B12236E92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:a4:ff:bc:05:cb:cc:5c:56:04:71:12:51:75:
                    e0:47:5d:64:4b:29:02:1f:1f:56:b9:7f:83:45:70:
                    db:37:95:d9:c0:6a:6a:f7:e7:f3:c9:e0:b3:b6:1d:
                    e8:ad:78:c1:70:fd:fd:11:78:92:ab:57:d2:69:1f:
                    7e:b4:de:6f:cf:23:85:7e:52:5a:9c:a5:04:26:fd:
                    5f:60:22:8e:6c:db:b7:c2:a4:b9:18:8f:f3:45:d9:
                    33:c9:24:e1:fc:47:d5:fd:c8:1e:e1:a6:07:cf:fc:
                    3a:f6:24:6a:cd:6d:2f:f7:04:ac:66:cd:5f:95:f4:
                    51:e7:7c:b3:84:ca:9f:1b:1f:87:7a:5f:ad:ca:c9:
                    43:0d:cd:0b:e9:4a:a8:a4:7e:44:57:04:70:75:92:
                    b7:98:20:5b:91:5c:5d:5f:03:b0:69:98:7c:8a:ac:
                    90:60:95:af:c2:95:9c:13:fc:61:69:04:db:2e:58:
                    72:54:d9:bb:11:9e:5d:51:7d:28:55:33:1f:87:10:
                    aa:92:5c:b3:b6:9c:c0:cc:a4:65:86:fa:d0:15:21:
                    08:ca:d4:68:3c:4b:f1:86:b0:ac:72:82:a5:65:02:
                    7b:64:33:00:81:1c:6e:71:68:42:69:51:b7:6b:34:
                    fa:3e:22:7f:ce:90:be:a4:15:a1:16:69:83:78:ce:
                    54:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
            X509v3 Authority Key Identifier:
                keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/
                RPKI Manifest - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
                RPKI Notify - URI:https://krill.rg.net/rrdp/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.188.0/22
                  147.28.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:26:c3:70:aa:34:b8:85:ea:cf:a7:e6:70:5d:92:55:15:3e:
         19:49:e7:7a:93:ce:84:46:f7:a1:95:7b:ae:11:75:59:9b:c4:
         ad:ef:d1:7b:0e:e1:47:a1:8c:fc:49:a7:46:e4:67:e6:8d:09:
         f0:46:21:5f:05:fd:f3:28:12:b3:47:20:50:b9:f4:26:bd:26:
         85:6a:c4:98:5b:75:62:9d:ea:b8:2d:8f:44:24:ac:03:12:9b:
         5a:1c:f6:ef:02:8e:25:ea:4f:74:93:2d:0e:c1:51:64:9b:d8:
         06:6b:31:bd:ab:16:5b:8f:78:78:24:07:60:cb:17:f4:2e:ae:
         fc:4d:3c:8b:00:d2:c4:cc:8f:38:7a:83:7e:d9:1b:58:69:b5:
         22:ec:9c:87:6b:d4:fd:5f:cc:77:b3:5e:b2:18:a2:18:77:38:
         e9:04:83:88:39:05:7f:1d:09:7b:93:dd:de:f0:29:59:31:08:
         06:68:d1:05:84:3a:cb:7a:53:f8:c2:cf:87:81:aa:38:cd:00:
         33:61:06:c3:e8:e6:99:69:02:1e:d6:c4:f5:66:91:6d:d1:fd:
         8f:98:bb:e2:49:ae:88:dc:33:0a:35:83:65:85:fc:0d:65:96:
         09:b7:5e:a2:03:6c:90:53:c9:56:5e:37:fc:ce:bd:5c:57:b7:
         41:9e:a2:0a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIDAZjuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjUwNDIw
MjMzNzM5WhcNMjYwNDIwMTcyNTQzWjAzMTEwLwYDVQQDEyg2NTZFNDQyMkFCRjEy
OTY0OTIwMEVCMDE5QTgxNUYyQjEyMjM2RTkyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5KT/vAXLzFxWBHESUXXgR11kSykCHx9WuX+DRXDbN5XZwGpq
9+fzyeCzth3orXjBcP39EXiSq1fSaR9+tN5vzyOFflJanKUEJv1fYCKObNu3wqS5
GI/zRdkzySTh/EfV/cge4aYHz/w69iRqzW0v9wSsZs1flfRR53yzhMqfGx+Hel+t
yslDDc0L6UqopH5EVwRwdZK3mCBbkVxdXwOwaZh8iqyQYJWvwpWcE/xhaQTbLlhy
VNm7EZ5dUX0oVTMfhxCqklyztpzAzKRlhvrQFSEIytRoPEvxhrCscoKlZQJ7ZDMA
gRxucWhCaVG3azT6PiJ/zpC+pBWhFmmDeM5UdwIDAQABo4ICSTCCAkUwHQYDVR0O
BBYEFGVuRCKr8SlkkgDrAZqBXysSI26SMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA8GA1UdEwEB/wQFMAMBAf8wDgYD
VR0PAQH/BAQDAgEGMIHoBggrBgEFBQcBCwSB2zCB2DA4BggrBgEFBQcwBYYscnN5
bmM6Ly9rcmlsbC5yZy5uZXQvcmVwby9ycGtpLWJlYWNvbnMtY2EvMC8wZAYIKwYB
BQUHMAqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFjb25zLWNh
LzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5Mi5tZnQw
NgYIKwYBBQUHMA2GKmh0dHBzOi8va3JpbGwucmcubmV0L3JyZHAvbm90aWZpY2F0
aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2EvAMEAZMcCjAN
BgkqhkiG9w0BAQsFAAOCAQEADCbDcKo0uIXqz6fmcF2SVRU+GUnnepPOhEb3oZV7
rhF1WZvEre/Rew7hR6GM/EmnRuRn5o0J8EYhXwX98ygSs0cgULn0Jr0mhWrEmFt1
Yp3quC2PRCSsAxKbWhz27wKOJepPdJMtDsFRZJvYBmsxvasWW494eCQHYMsX9C6u
/E08iwDSxMyPOHqDftkbWGm1Iuych2vU/V/Md7NeshiiGHc46QSDiDkFfx0Je5Pd
3vApWTEIBmjRBYQ6y3pT+MLPh4GqOM0AM2EGw+jmmWkCHtbE9WaRbdH9j5i74kmu
iNwzCjWDZYX8DWWWCbdeogNskFPJVl43/M69XFe3QZ6iCg==
-----END CERTIFICATE-----