Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VmczL0gJQe01gDssBLhPNyjTkpc.cer
File:                     VmczL0gJQe01gDssBLhPNyjTkpc.cer (raw, json)
Hash identifier:          Zah5CniL367i2eU+usCllJC4lc6Q3u6PN8n9DjZp3Vk=
Subject key identifier:   56:67:33:2F:48:09:41:ED:35:80:3B:2C:04:B8:4F:37:28:D3:92:97
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0198673065135B7D46D7165684F386E3CA02
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Aug 2025 19:51:21 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 206877
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:67:30:65:13:5b:7d:46:d7:16:56:84:f3:86:e3:ca:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug  1 19:51:21 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5667332f480941ed35803b2c04b84f3728d39297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ad:7a:63:43:54:18:f4:4a:e6:0b:23:95:b3:
                    e0:75:2f:a8:62:c2:84:ea:f0:54:51:8c:a4:8f:b5:
                    97:77:98:e5:98:e7:69:0c:01:13:4a:7c:8b:e5:9a:
                    a6:c6:31:c4:6c:17:c9:21:f7:48:12:42:d4:02:d7:
                    80:0a:e6:e1:80:e6:98:0c:6d:54:ba:5e:ae:8e:b0:
                    56:5b:41:4e:d5:95:17:70:70:e2:3b:b2:36:33:0a:
                    c3:3f:c1:89:09:25:d7:88:29:c5:77:14:03:e6:55:
                    df:79:33:9e:e4:68:08:9e:77:2b:fe:45:99:c6:1c:
                    b7:59:14:64:37:dc:ee:94:17:5e:0d:89:c0:5d:e8:
                    2a:d2:e0:d8:34:27:f4:e3:d5:c7:0b:69:e7:51:72:
                    e1:00:9f:37:90:dd:df:6a:cf:af:04:96:09:52:1b:
                    cf:e5:b0:8a:72:a8:2d:da:91:d2:45:52:52:c6:87:
                    43:99:e1:d9:d2:24:38:a0:b9:62:ce:ec:2c:4f:44:
                    98:7d:28:f5:11:99:47:08:3a:de:5c:4c:2c:a0:41:
                    b2:25:5e:4f:73:03:f7:aa:5c:4a:4a:97:54:3c:1c:
                    b4:af:32:e3:69:59:28:88:0d:41:7a:61:c1:ad:18:
                    ce:ff:8c:3c:42:4d:fc:08:8d:b4:4b:40:a9:3f:9b:
                    23:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:67:33:2F:48:09:41:ED:35:80:3B:2C:04:B8:4F:37:28:D3:92:97
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206877

    Signature Algorithm: sha256WithRSAEncryption
         14:63:20:b6:c4:ce:8c:ec:15:02:a2:2c:d5:64:2f:0b:8b:b3:
         9a:b9:2f:b5:1f:1a:48:c1:1e:a7:f2:4d:76:8d:ad:1d:4c:b0:
         4e:b1:73:3b:c3:d4:a8:93:a1:72:fb:d8:7b:67:17:4d:ad:3c:
         28:cb:39:23:f4:0e:ea:9a:7c:9d:f2:bd:e1:8c:35:45:88:65:
         32:2e:4d:48:1d:37:e9:94:1b:54:f1:ba:c7:a2:dd:dc:77:03:
         fb:30:b1:e6:e8:66:1c:17:20:b6:d3:50:db:18:90:62:1b:26:
         88:aa:1d:a7:f1:df:78:09:f8:10:94:41:71:2b:8b:7d:3c:e2:
         76:97:41:15:8e:be:91:50:29:8f:6d:07:22:d6:ec:9a:00:52:
         35:71:68:db:cd:85:eb:ff:68:8e:b5:b1:a2:59:f1:60:14:a4:
         04:f8:05:c7:2a:44:16:92:2d:93:32:f2:ed:2c:ec:3b:f7:9a:
         ec:3a:d5:61:f3:c2:bd:5b:3f:f4:f8:41:08:bd:f8:c0:e2:6e:
         af:cc:f0:c4:4c:eb:02:7a:18:08:36:da:2f:9e:b3:c8:f7:ce:
         e6:34:e8:13:82:14:ad:b8:f7:ff:d5:b8:0d:27:1c:01:20:83:
         1f:a3:4a:0e:07:fa:ce:83:29:99:c0:72:cc:24:f1:aa:71:aa:
         c3:20:03:61
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZhnMGUTW31G1xZWhPOG48oCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODAxMTk1MTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY3MzMyZjQ4MDk0MWVkMzU4MDNiMmMwNGI4NGYzNzI4ZDM5Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK16Y0NUGPRK5gsjlbPgdS+oYsKE
6vBUUYykj7WXd5jlmOdpDAETSnyL5ZqmxjHEbBfJIfdIEkLUAteACubhgOaYDG1U
ul6ujrBWW0FO1ZUXcHDiO7I2MwrDP8GJCSXXiCnFdxQD5lXfeTOe5GgInncr/kWZ
xhy3WRRkN9zulBdeDYnAXegq0uDYNCf049XHC2nnUXLhAJ83kN3fas+vBJYJUhvP
5bCKcqgt2pHSRVJSxodDmeHZ0iQ4oLlizuwsT0SYfSj1EZlHCDreXEwsoEGyJV5P
cwP3qlxKSpdUPBy0rzLjaVkoiA1BemHBrRjO/4w8Qk38CI20S0CpP5sjawIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFZnMy9ICUHtNYA7LAS4Tzco05KXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyLzJmOTBm
MS1lMjU3LTRlNTQtYjI1ZC0yNTk0YzJmZjZjYjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvMmY5MGYx
LWUyNTctNGU1NC1iMjVkLTI1OTRjMmZmNmNiNy8xL1ZtY3pMMGdKUWUwMWdEc3NC
TGhQTnlqVGtwYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMoHTANBgkqhkiG9w0BAQsFAAOCAQEAFGMgtsTOjOwV
AqIs1WQvC4uzmrkvtR8aSMEep/JNdo2tHUywTrFzO8PUqJOhcvvYe2cXTa08KMs5
I/QO6pp8nfK94Yw1RYhlMi5NSB036ZQbVPG6x6Ld3HcD+zCx5uhmHBcgttNQ2xiQ
YhsmiKodp/HfeAn4EJRBcSuLfTzidpdBFY6+kVApj20HItbsmgBSNXFo282F6/9o
jrWxolnxYBSkBPgFxypEFpItkzLy7SzsO/ea7DrVYfPCvVs/9PhBCL34wOJur8zw
xEzrAnoYCDbaL56zyPfO5jToE4IUrbj3/9W4DSccASCDH6NKDgf6zoMpmcByzCTx
qnGqwyADYQ==
-----END CERTIFICATE-----