Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yugVDpWV2-mnSiib_Q6NKxzms40.cer
File:                     yugVDpWV2-mnSiib_Q6NKxzms40.cer (raw, json)
Hash identifier:          5CKSBdbkldbswo2pcjNUOPqKEZnT3pGW0ZqxCOqoRnQ=
Subject key identifier:   CA:E8:15:0E:95:95:DB:E9:A7:4A:28:9B:FD:0E:8D:2B:1C:E6:B3:8D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B78A345161489650FABA25A8691E52A75
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://repo.rpki.space/repo/Pfcloud/2/CAE8150E9595DBE9A74A289BFD0E8D2B1CE6B38D.mft
caRepository:             rsync://repo.rpki.space/repo/Pfcloud/2/
Notify URL:               https://repo.rpki.space/rrdp/notification.xml
Certificate not before:   Thu 01 Jan 2026 08:18:44 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 51396
                          AS: 215310
                          IP: 2a14:8000::/29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 09:38:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a3:45:16:14:89:65:0f:ab:a2:5a:86:91:e5:2a:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:18:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=cae8150e9595dbe9a74a289bfd0e8d2b1ce6b38d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:4a:5e:86:12:c6:f8:a8:5b:00:16:d8:56:a7:
                    41:a8:a5:f0:c9:b9:29:b8:8e:2b:b4:8b:07:91:73:
                    2c:29:51:32:dc:bc:4b:8b:50:9f:89:aa:b0:5d:06:
                    3c:87:3d:73:66:3b:01:6a:e9:18:02:c1:1e:58:a1:
                    15:dc:c2:c6:20:01:8b:d3:76:f7:3c:c2:13:17:7b:
                    d9:64:53:98:34:0d:ce:fa:b2:cc:a3:40:d6:75:a9:
                    53:c9:d9:0a:53:99:1c:2f:5a:57:63:33:cd:73:44:
                    ea:8e:84:2e:08:7d:af:55:96:89:c0:5b:a0:88:11:
                    1b:e8:a1:70:20:00:19:c3:bd:d8:f7:ae:f2:1b:69:
                    15:e6:15:4f:cc:54:9b:54:15:3b:5d:36:94:a9:1f:
                    98:1c:9e:e7:05:a2:73:5e:ea:a6:6b:a6:be:d9:df:
                    a1:6e:92:fa:8d:33:3f:dc:06:6a:f6:89:db:51:33:
                    eb:d4:5c:91:a6:4e:f0:e2:df:c0:bd:ee:b1:1e:33:
                    73:91:ad:c2:61:b5:f1:d7:47:81:c5:7a:c8:85:36:
                    0c:b2:ef:4d:4a:87:2c:b6:58:ab:e3:16:d3:e0:33:
                    91:41:3e:74:71:96:57:3a:d7:17:e8:0c:60:8b:47:
                    c5:06:6e:99:7d:c2:2d:4f:a8:9c:e3:64:dd:40:07:
                    da:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:E8:15:0E:95:95:DB:E9:A7:4A:28:9B:FD:0E:8D:2B:1C:E6:B3:8D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo.rpki.space/repo/Pfcloud/2/
                RPKI Manifest - URI:rsync://repo.rpki.space/repo/Pfcloud/2/CAE8150E9595DBE9A74A289BFD0E8D2B1CE6B38D.mft
                RPKI Notify - URI:https://repo.rpki.space/rrdp/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:8000::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  51396
                  215310

    Signature Algorithm: sha256WithRSAEncryption
         9a:3b:33:d8:a3:af:94:c5:9c:16:f5:c5:d7:2b:54:2c:98:55:
         dd:a1:9a:d9:b4:fa:78:f1:36:2e:29:65:f6:38:92:85:fe:33:
         0c:61:8a:87:2a:58:72:ee:7a:4e:72:04:57:0d:cc:c7:c0:a7:
         17:30:cf:eb:31:7a:ed:09:7d:33:ea:7c:20:65:ae:15:e4:c5:
         d7:a7:1a:ab:04:f3:75:de:2c:ff:96:cf:26:d1:d8:ae:ef:b7:
         52:7c:7a:e5:99:a2:d6:8f:e1:e8:49:0d:8b:d2:e5:e5:4d:0a:
         84:81:e8:38:8c:1c:1c:83:07:58:26:f2:37:9c:d7:f5:e5:8f:
         9c:be:ee:4c:14:13:f4:b8:43:f5:15:b0:a2:36:b6:72:a5:9b:
         f9:ea:c0:bd:75:b6:4a:d6:bb:5b:e4:71:ff:ec:3d:70:fb:2c:
         63:ff:db:d3:d2:3f:b8:69:c4:0e:86:25:1f:7e:9f:6a:75:98:
         bc:fc:3a:c8:27:83:0b:bb:76:38:6d:b9:04:19:0b:d2:a8:81:
         68:f4:78:37:c5:c8:11:49:0d:24:4a:e5:15:8a:ba:82:20:87:
         15:d0:d1:a8:e9:92:d2:bc:f7:4c:50:27:4a:ec:a0:d0:5c:93:
         9a:40:87:ff:cf:8d:23:d1:fc:9e:e4:af:cc:d8:0e:13:cd:a0:
         c6:7a:d5:4a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZt4o0UWFIllD6uiWoaR5Sp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDgxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU4MTUwZTk1OTVkYmU5YTc0YTI4OWJmZDBlOGQyYjFjZTZiMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0pehhLG+KhbABbYVqdBqKXwybkp
uI4rtIsHkXMsKVEy3LxLi1CfiaqwXQY8hz1zZjsBaukYAsEeWKEV3MLGIAGL03b3
PMITF3vZZFOYNA3O+rLMo0DWdalTydkKU5kcL1pXYzPNc0TqjoQuCH2vVZaJwFug
iBEb6KFwIAAZw73Y967yG2kV5hVPzFSbVBU7XTaUqR+YHJ7nBaJzXuqma6a+2d+h
bpL6jTM/3AZq9onbUTPr1FyRpk7w4t/Ave6xHjNzka3CYbXx10eBxXrIhTYMsu9N
Socstlir4xbT4DORQT50cZZXOtcX6Axgi0fFBm6ZfcItT6ic42TdQAfaWwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFMroFQ6Vldvpp0oom/0OjSsc5rONMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgeEGCCsGAQUFBwELBIHUMIHRMDMGCCsGAQUFBzAFhidyc3lu
YzovL3JlcG8ucnBraS5zcGFjZS9yZXBvL1BmY2xvdWQvMi8wXwYIKwYBBQUHMAqG
U3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vUGZjbG91ZC8yL0NBRTgxNTBF
OTU5NURCRTlBNzRBMjg5QkZEMEU4RDJCMUNFNkIzOEQubWZ0MDkGCCsGAQUFBzAN
hi1odHRwczovL3JlcG8ucnBraS5zcGFjZS9ycmRwL25vdGlmaWNhdGlvbi54bWww
WQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQMqFIAAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDIxAIDA0kOMA0GCSqGSIb3
DQEBCwUAA4IBAQCaOzPYo6+UxZwW9cXXK1QsmFXdoZrZtPp48TYuKWX2OJKF/jMM
YYqHKlhy7npOcgRXDczHwKcXMM/rMXrtCX0z6nwgZa4V5MXXpxqrBPN13iz/ls8m
0diu77dSfHrlmaLWj+HoSQ2L0uXlTQqEgeg4jBwcgwdYJvI3nNf15Y+cvu5MFBP0
uEP1FbCiNrZypZv56sC9dbZK1rtb5HH/7D1w+yxj/9vT0j+4acQOhiUffp9qdZi8
/DrIJ4MLu3Y4bbkEGQvSqIFo9Hg3xcgRSQ0kSuUVirqCIIcV0NGo6ZLSvPdMUCdK
7KDQXJOaQIf/z40j0fye5K/M2A4TzaDGetVK
-----END CERTIFICATE-----