Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kyaS6Ot0AjVQHBEICQCFjjMvEGA.cer
File:                     kyaS6Ot0AjVQHBEICQCFjjMvEGA.cer (raw, json)
Hash identifier:          faBo4dM7ZdJ3KceHLOl7OSW2BZGCQ5IWPW/fYA8XLPs=
Subject key identifier:   93:26:92:E8:EB:74:02:35:50:1C:11:08:09:00:85:8E:33:2F:10:60
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01974F5AEDB910A3B1C849DD2333217FDCF4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0c/804c83-2bdd-4067-83f4-8f24c14af0ae/1/kyaS6Ot0AjVQHBEICQCFjjMvEGA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0c/804c83-2bdd-4067-83f4-8f24c14af0ae/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 08 Jun 2025 11:44:08 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 207299
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:5a:ed:b9:10:a3:b1:c8:49:dd:23:33:21:7f:dc:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun  8 11:44:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=932692e8eb740235501c11080900858e332f1060
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:75:45:d1:2a:a8:8e:e2:8f:be:9a:5a:2d:0c:
                    83:d1:09:62:11:59:a2:b8:02:4e:c2:5c:64:b9:d0:
                    e9:f6:66:5e:0b:77:43:75:2c:f4:5b:63:e8:3f:ec:
                    55:f1:6b:55:e3:33:56:52:59:a5:44:0e:64:1b:da:
                    65:91:3d:23:df:14:b9:fb:b7:b5:20:bb:1c:2f:f5:
                    22:02:c0:00:7a:bf:a2:c9:c8:f4:40:a2:92:45:df:
                    98:78:88:30:5c:a8:f2:a4:36:52:dd:63:94:75:1c:
                    c3:f8:03:70:d3:75:ea:f2:51:81:ec:31:a3:2e:8b:
                    56:14:20:89:0a:ae:06:71:2b:1a:40:62:4f:09:3c:
                    62:f5:af:e1:4f:0c:2a:45:cc:da:71:33:b6:bf:9a:
                    ec:9f:b6:e5:f3:8c:3b:67:1b:45:81:2b:d0:a2:f9:
                    ef:11:94:1e:45:af:f8:3f:59:ba:b5:70:f3:7a:0d:
                    42:c3:50:08:44:4e:3e:01:35:8d:fd:6f:a9:fc:69:
                    a8:3d:8e:10:87:56:de:0f:0d:43:f9:5e:a2:e2:7e:
                    1f:a7:26:22:d8:2c:71:9f:b0:98:87:10:24:9e:98:
                    bb:02:7e:d4:11:aa:e9:65:01:a0:4e:16:76:35:34:
                    7b:46:a2:91:a1:f0:d3:80:a3:af:ef:c0:0d:0d:cb:
                    66:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:26:92:E8:EB:74:02:35:50:1C:11:08:09:00:85:8E:33:2F:10:60
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/804c83-2bdd-4067-83f4-8f24c14af0ae/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/804c83-2bdd-4067-83f4-8f24c14af0ae/1/kyaS6Ot0AjVQHBEICQCFjjMvEGA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207299

    Signature Algorithm: sha256WithRSAEncryption
         03:f7:d9:e2:b9:2c:db:a1:af:b7:fb:2a:f4:21:a1:2e:06:8b:
         b6:12:8f:6d:63:fb:9f:62:8a:34:ae:a9:63:9e:5b:41:26:4f:
         73:25:35:18:28:36:fb:19:7d:dd:6e:53:f4:0e:be:84:94:b4:
         b0:2d:61:64:9c:51:f6:c1:ee:d5:ad:48:7a:6d:23:c6:20:63:
         b4:3b:43:b8:2f:69:b3:a2:5e:3e:13:80:cc:42:ac:55:81:a4:
         b7:67:1e:ac:8b:ae:f4:f9:b5:bb:82:94:ad:0a:9e:ad:f8:84:
         7d:d2:03:b3:7a:bb:85:0b:f5:b5:61:99:59:c5:d3:66:39:22:
         be:9a:a4:1e:47:f1:fd:f7:96:dd:c6:4d:c8:71:68:5b:01:6d:
         87:c8:d1:c9:96:44:3d:12:e6:80:f6:f5:ba:1e:d3:50:92:21:
         7e:c0:99:d1:54:91:81:9b:c3:78:61:b2:ea:24:2b:b0:c0:3f:
         c8:24:09:53:29:49:39:b1:5b:bd:57:ee:42:13:d0:26:96:3c:
         a5:df:68:3f:ef:c8:a7:68:44:70:9f:8f:ee:4d:b6:ba:2e:07:
         6d:37:0c:97:07:f8:d5:d0:dc:71:4c:56:00:38:08:30:9b:ef:
         fc:48:c6:c3:a3:37:42:85:05:1c:85:22:3b:37:7f:8c:0c:46:
         54:15:a8:60
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZdPWu25EKOxyEndIzMhf9z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjA4MTE0NDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzI2OTJlOGViNzQwMjM1NTAxYzExMDgwOTAwODU4ZTMzMmYxMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3VF0SqojuKPvppaLQyD0QliEVmi
uAJOwlxkudDp9mZeC3dDdSz0W2PoP+xV8WtV4zNWUlmlRA5kG9plkT0j3xS5+7e1
ILscL/UiAsAAer+iycj0QKKSRd+YeIgwXKjypDZS3WOUdRzD+ANw03Xq8lGB7DGj
LotWFCCJCq4GcSsaQGJPCTxi9a/hTwwqRczacTO2v5rsn7bl84w7ZxtFgSvQovnv
EZQeRa/4P1m6tXDzeg1Cw1AIRE4+ATWN/W+p/GmoPY4Qh1beDw1D+V6i4n4fpyYi
2Cxxn7CYhxAknpi7An7UEarpZQGgThZ2NTR7RqKRofDTgKOv78ANDctmCQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJMmkujrdAI1UBwRCAkAhY4zLxBgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBjLzgwNGM4
My0yYmRkLTQwNjctODNmNC04ZjI0YzE0YWYwYWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvODA0Yzgz
LTJiZGQtNDA2Ny04M2Y0LThmMjRjMTRhZjBhZS8xL2t5YVM2T3QwQWpWUUhCRUlD
UUNGampNdkVHQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMpwzANBgkqhkiG9w0BAQsFAAOCAQEAA/fZ4rks26Gv
t/sq9CGhLgaLthKPbWP7n2KKNK6pY55bQSZPcyU1GCg2+xl93W5T9A6+hJS0sC1h
ZJxR9sHu1a1Iem0jxiBjtDtDuC9ps6JePhOAzEKsVYGkt2cerIuu9Pm1u4KUrQqe
rfiEfdIDs3q7hQv1tWGZWcXTZjkivpqkHkfx/feW3cZNyHFoWwFth8jRyZZEPRLm
gPb1uh7TUJIhfsCZ0VSRgZvDeGGy6iQrsMA/yCQJUylJObFbvVfuQhPQJpY8pd9o
P+/Ip2hEcJ+P7k22ui4HbTcMlwf41dDccUxWADgIMJvv/EjGw6M3QoUFHIUiOzd/
jAxGVBWoYA==
-----END CERTIFICATE-----