Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-hSvFuWJ-YSPxpXQV_gcFn6PY9U.cer
File:                     1-hSvFuWJ-YSPxpXQV_gcFn6PY9U.cer (raw, json)
Hash identifier:          Ih7hWyVRqQ1uWb0ii+q7TE98ORHoes9seGQ8Geyg1Y0=
Subject key identifier:   FA:14:AF:16:E5:89:F9:84:8F:C6:95:D0:57:F8:1C:16:7E:8F:63:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7DCAB15D6F5D5CED992526706A4E6E7C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/84/6f502a-fd6f-4278-9ce8-ca51ebf3b35f/1/1-hSvFuWJ-YSPxpXQV_gcFn6PY9U.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/84/6f502a-fd6f-4278-9ce8-ca51ebf3b35f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 08:19:54 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 216264
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:ca:b1:5d:6f:5d:5c:ed:99:25:26:70:6a:4e:6e:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:19:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fa14af16e589f9848fc695d057f81c167e8f63d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:33:d4:e4:61:24:f0:90:e2:3d:bb:1b:30:9a:
                    5a:d9:08:ed:15:64:9d:c8:9d:a6:b3:d9:b2:9d:22:
                    cc:0d:c8:a8:d4:7d:8e:41:9e:aa:b9:d5:38:9d:d5:
                    55:f9:5c:3b:ff:2e:be:5a:a7:eb:3d:32:b3:e9:23:
                    c9:cf:a4:c0:18:34:90:4b:38:bd:7f:d8:24:92:6d:
                    c7:36:d4:13:fd:50:b2:da:ec:d8:1c:9e:b1:f5:a6:
                    2a:d5:18:93:32:c1:fb:41:9a:dc:4a:8a:88:c1:41:
                    4e:8a:30:a7:30:9f:5a:c7:43:41:5e:44:b7:0b:72:
                    7a:27:07:e6:7d:12:7d:c3:13:30:97:08:ee:11:05:
                    51:cc:69:dd:68:e4:6e:be:2f:c3:32:5c:57:1a:b6:
                    35:76:2b:c2:72:67:b9:9b:a2:e8:38:4d:8f:b1:e8:
                    a7:ab:71:3f:b5:a6:45:70:37:bf:09:b7:2d:f3:d7:
                    2d:80:8c:b6:be:4c:62:61:d7:67:bf:ca:12:78:92:
                    18:89:3f:74:04:a9:54:7e:a8:39:99:bd:28:26:4f:
                    0d:d8:0c:87:b9:b9:29:d7:6f:ca:30:20:95:0c:f1:
                    e2:60:32:99:88:51:a9:0e:b0:e4:c5:9a:f4:c9:a1:
                    1f:3e:d2:a9:ca:82:3b:d6:74:2c:16:be:2a:ea:87:
                    ca:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:14:AF:16:E5:89:F9:84:8F:C6:95:D0:57:F8:1C:16:7E:8F:63:D5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/6f502a-fd6f-4278-9ce8-ca51ebf3b35f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/6f502a-fd6f-4278-9ce8-ca51ebf3b35f/1/1-hSvFuWJ-YSPxpXQV_gcFn6PY9U.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216264

    Signature Algorithm: sha256WithRSAEncryption
         6a:34:24:a9:6c:a9:15:9f:e2:6f:ee:90:2d:a2:8f:91:8b:1f:
         5b:1c:dd:b6:e2:2a:6e:62:c1:04:25:ef:1f:96:30:19:ea:15:
         d7:43:75:9a:01:67:e5:51:c5:82:5f:a6:f4:3e:2a:2e:d9:df:
         52:3f:fa:55:eb:78:5d:84:4f:01:ec:2f:87:b7:22:ad:ba:b3:
         da:1f:d9:48:c6:7d:4b:4e:cd:48:21:05:d7:d8:ff:f8:82:4f:
         c6:2d:8d:41:12:fb:07:88:c1:4d:0e:de:da:f4:31:f0:cd:1f:
         a4:eb:02:ce:66:8b:70:59:fe:85:41:b8:7e:86:dc:c0:dc:68:
         94:94:c9:65:a9:ac:05:ed:a8:c9:e8:97:c5:63:c7:a5:23:e3:
         9b:87:9b:32:cc:82:9b:fb:93:69:68:90:3e:98:c8:35:59:7b:
         7d:11:6a:c3:ac:9e:18:e6:0f:d1:3c:5c:5f:23:27:77:da:dc:
         3b:c6:80:9c:c1:19:7b:27:e6:65:96:fc:b0:fd:61:65:4f:ed:
         0a:ee:ee:33:0c:d0:23:39:06:b4:b1:09:d1:25:ad:6d:d7:fa:
         94:92:dd:af:20:b9:6a:99:df:11:22:b9:c0:93:92:c4:6b:c1:
         72:18:45:84:15:26:c5:94:66:52:53:4e:46:5e:9b:ec:2f:e4:
         4f:f8:7f:cc
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZt9yrFdb11c7ZklJnBqTm58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDgxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE0YWYxNmU1ODlmOTg0OGZjNjk1ZDA1N2Y4MWMxNjdlOGY2M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzPU5GEk8JDiPbsbMJpa2QjtFWSd
yJ2ms9mynSLMDcio1H2OQZ6qudU4ndVV+Vw7/y6+WqfrPTKz6SPJz6TAGDSQSzi9
f9gkkm3HNtQT/VCy2uzYHJ6x9aYq1RiTMsH7QZrcSoqIwUFOijCnMJ9ax0NBXkS3
C3J6JwfmfRJ9wxMwlwjuEQVRzGndaORuvi/DMlxXGrY1divCcme5m6LoOE2Psein
q3E/taZFcDe/Cbct89ctgIy2vkxiYddnv8oSeJIYiT90BKlUfqg5mb0oJk8N2AyH
ubkp12/KMCCVDPHiYDKZiFGpDrDkxZr0yaEfPtKpyoI71nQsFr4q6ofKIwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFPoUrxblifmEj8aV0Ff4HBZ+j2PVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg0LzZmNTAy
YS1mZDZmLTQyNzgtOWNlOC1jYTUxZWJmM2IzNWYvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQvNmY1MDJh
LWZkNmYtNDI3OC05Y2U4LWNhNTFlYmYzYjM1Zi8xLzEtaFN2RnVXSi1ZU1B4cFhR
Vl9nY0ZuNlBZOVUubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMDTMgwDQYJKoZIhvcNAQELBQADggEBAGo0JKlsqRWf
4m/ukC2ij5GLH1sc3bbiKm5iwQQl7x+WMBnqFddDdZoBZ+VRxYJfpvQ+Ki7Z31I/
+lXreF2ETwHsL4e3Iq26s9of2UjGfUtOzUghBdfY//iCT8YtjUES+weIwU0O3tr0
MfDNH6TrAs5mi3BZ/oVBuH6G3MDcaJSUyWWprAXtqMnol8Vjx6Uj45uHmzLMgpv7
k2lokD6YyDVZe30RasOsnhjmD9E8XF8jJ3fa3DvGgJzBGXsn5mWW/LD9YWVP7Qru
7jMM0CM5BrSxCdElrW3X+pSS3a8guWqZ3xEiucCTksRrwXIYRYQVJsWUZlJTTkZe
m+wv5E/4f8w=
-----END CERTIFICATE-----