Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pLcHMA6GlGe-XlJzIi2Q4LYY-SQ.cer
File:                     pLcHMA6GlGe-XlJzIi2Q4LYY-SQ.cer (raw, json)
Hash identifier:          OcTnDbFXbib0+HNxXl30pL4weCsaTsPJjhVTGTknHxo=
Subject key identifier:   A4:B7:07:30:0E:86:94:67:BE:5E:52:73:22:2D:90:E0:B6:18:F9:24
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01986548EA1BFA3410496DE9A1460C74A593
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/41/fc8519-62e4-4289-9917-3e55c49f2d4e/1/pLcHMA6GlGe-XlJzIi2Q4LYY-SQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/41/fc8519-62e4-4289-9917-3e55c49f2d4e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Aug 2025 10:58:54 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 45.152.56.0/22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:65:48:ea:1b:fa:34:10:49:6d:e9:a1:46:0c:74:a5:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug  1 10:58:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=a4b707300e869467be5e5273222d90e0b618f924
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fe:7f:0e:6a:db:35:4d:ba:49:8a:d6:38:bf:
                    a2:ed:9c:ac:a6:fb:d9:67:26:43:d2:7d:25:01:8f:
                    62:94:47:b6:e4:88:cc:6f:c5:a7:8d:df:58:da:e9:
                    a8:9a:05:82:40:4d:8b:2f:a1:d4:d2:3d:39:91:d0:
                    33:62:d9:06:7c:7b:97:b7:8b:94:e8:53:7e:7e:01:
                    24:e6:bf:37:b0:d5:c3:47:62:79:23:ff:7b:4a:63:
                    e6:88:08:25:33:bc:bf:5b:f1:b8:97:94:3a:a3:71:
                    e8:99:54:e5:06:a2:c3:5c:12:e4:c5:39:87:bf:49:
                    85:9e:48:89:96:48:ef:1e:69:03:a0:3e:0f:7a:56:
                    97:2a:9a:20:a7:66:0c:75:3b:d0:84:0e:38:a4:da:
                    fa:c9:71:b8:f3:7e:72:9d:fd:d1:64:69:de:42:6d:
                    6a:bd:5f:7a:6c:36:a2:3b:d7:5a:0c:04:7c:2f:79:
                    b2:d9:61:ad:f5:5c:0c:60:cf:41:aa:fb:08:f5:d2:
                    ed:e1:5b:64:5f:72:5d:d0:b3:05:47:24:d6:a3:11:
                    ea:7b:6f:21:77:ce:25:2e:1c:00:0f:b6:c0:1c:91:
                    e5:93:0a:96:43:9b:1c:e6:93:d9:49:7c:1b:fb:35:
                    87:7b:82:53:6e:a3:1e:72:36:86:b3:0d:01:1f:32:
                    b5:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:B7:07:30:0E:86:94:67:BE:5E:52:73:22:2D:90:E0:B6:18:F9:24
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc8519-62e4-4289-9917-3e55c49f2d4e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc8519-62e4-4289-9917-3e55c49f2d4e/1/pLcHMA6GlGe-XlJzIi2Q4LYY-SQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:93:da:15:10:e5:a1:18:a6:e4:5f:e5:29:0b:70:7b:9c:cd:
         6d:c5:22:ab:ca:e5:97:72:fb:ba:a2:b7:0f:d9:03:73:1c:c3:
         1c:69:40:a0:53:e4:ad:37:43:8b:19:01:6e:3a:c4:87:ef:51:
         80:e7:3a:02:a2:31:cc:08:ad:f4:f9:a3:0d:1b:cb:0c:2a:e5:
         41:4b:9e:c4:88:45:e7:11:38:f6:08:21:c0:23:45:f8:96:c8:
         85:fe:f0:d3:93:31:74:ff:85:3a:34:b9:aa:00:91:83:9f:36:
         dc:97:01:6e:87:d0:e6:c8:db:dc:09:7b:72:3c:3a:91:c0:e0:
         7e:f9:ea:b7:2f:f8:b9:3e:84:18:4c:4d:da:41:01:4d:05:16:
         54:ae:91:dd:4f:c3:0e:fa:69:b8:f6:ad:75:2c:6b:dd:60:9d:
         3e:9f:64:db:d0:e5:4e:13:60:5c:f4:15:3f:32:c3:16:91:4c:
         ba:b1:ca:a3:f0:eb:bb:6d:66:20:28:fd:f5:3c:d8:25:c2:81:
         59:47:dd:36:0c:d4:d0:ed:26:e9:8b:38:96:5c:e2:73:c1:8c:
         67:15:bd:3e:03:db:b1:85:f3:20:f3:b9:4c:a5:e3:4f:87:ef:
         22:a6:1f:8f:fe:66:4f:00:a1:06:19:5e:ee:7b:f9:21:66:4f:
         d5:68:72:c0
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZhlSOob+jQQSW3poUYMdKWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODAxMTA1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI3MDczMDBlODY5NDY3YmU1ZTUyNzMyMjJkOTBlMGI2MThmOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv5/DmrbNU26SYrWOL+i7ZyspvvZ
ZyZD0n0lAY9ilEe25IjMb8Wnjd9Y2umomgWCQE2LL6HU0j05kdAzYtkGfHuXt4uU
6FN+fgEk5r83sNXDR2J5I/97SmPmiAglM7y/W/G4l5Q6o3HomVTlBqLDXBLkxTmH
v0mFnkiJlkjvHmkDoD4PelaXKpogp2YMdTvQhA44pNr6yXG4835ynf3RZGneQm1q
vV96bDaiO9daDAR8L3my2WGt9VwMYM9BqvsI9dLt4VtkX3Jd0LMFRyTWoxHqe28h
d84lLhwAD7bAHJHlkwqWQ5sc5pPZSXwb+zWHe4JTbqMecjaGsw0BHzK1iQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFKS3BzAOhpRnvl5ScyItkOC2GPkkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxL2ZjODUx
OS02MmU0LTQyODktOTkxNy0zZTU1YzQ5ZjJkNGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvZmM4NTE5
LTYyZTQtNDI4OS05OTE3LTNlNTVjNDlmMmQ0ZS8xL3BMY0hNQTZHbEdlLVhsSnpJ
aTJRNExZWS1TUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCLZg4MA0GCSqGSIb3DQEBCwUAA4IBAQAgk9oV
EOWhGKbkX+UpC3B7nM1txSKryuWXcvu6orcP2QNzHMMcaUCgU+StN0OLGQFuOsSH
71GA5zoCojHMCK30+aMNG8sMKuVBS57EiEXnETj2CCHAI0X4lsiF/vDTkzF0/4U6
NLmqAJGDnzbclwFuh9DmyNvcCXtyPDqRwOB++eq3L/i5PoQYTE3aQQFNBRZUrpHd
T8MO+mm49q11LGvdYJ0+n2Tb0OVOE2Bc9BU/MsMWkUy6scqj8Ou7bWYgKP31PNgl
woFZR902DNTQ7SbpiziWXOJzwYxnFb0+A9uxhfMg87lMpeNPh+8iph+P/mZPAKEG
GV7ue/khZk/VaHLA
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:06:09 2025 by rpki-client