Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.cer
File:                     F1cnfwLOFR2Nhr6_ddrZDZwtb_k.cer (raw, json)
Hash identifier:          FbwZSv/q6MhbhQeynIFxUrEG+kjDOcUd34HUVbaFeFY=
Subject key identifier:   17:57:27:7F:02:CE:15:1D:8D:86:BE:BF:75:DA:D9:0D:9C:2D:6F:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C1321E6518CF2485B74AC7124F2AECB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 00:19:47 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 39453
                          IP: 193.16.104.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:21:e6:51:8c:f2:48:5b:74:ac:71:24:f2:ae:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:19:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1757277f02ce151d8d86bebf75dad90d9c2d6ff9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:63:7d:85:a8:65:d5:d0:c4:7f:f0:1d:e4:3d:
                    03:6c:53:56:1e:90:7f:c3:cd:3b:0d:e9:34:48:30:
                    3b:de:a0:dd:f3:fe:ab:38:22:c3:55:1d:b5:cf:4b:
                    14:ee:7f:09:d1:60:ae:82:14:74:0a:a1:26:3e:48:
                    27:8a:67:8a:aa:9f:93:91:8f:1e:07:82:91:99:83:
                    b9:63:1b:16:b5:0c:91:3f:be:41:a4:19:07:b5:0c:
                    f8:3b:1a:38:18:a7:92:87:31:dd:51:cb:0a:03:13:
                    61:4c:a4:4a:0c:51:ed:89:40:a6:84:05:44:43:1e:
                    80:77:7e:d1:0d:36:0a:a2:3e:f5:9f:cd:9f:ad:9d:
                    b1:00:06:2d:27:e5:13:12:9f:68:52:c2:cc:57:cf:
                    63:b8:b3:34:a3:5a:98:14:f9:1f:c6:63:f4:64:67:
                    fc:d3:90:c5:ae:3b:76:5a:a5:dc:86:17:05:fa:d1:
                    b8:fe:6b:00:59:bb:45:a4:3a:99:da:c3:86:79:e3:
                    37:75:ba:8f:4a:72:61:79:dd:33:fc:f3:8a:3a:d4:
                    97:2b:37:29:fb:54:7a:c8:f8:74:64:bc:c9:be:f0:
                    b3:75:fa:1f:00:db:2f:e8:a0:33:18:53:27:33:44:
                    38:df:4c:d8:af:87:7a:f9:82:c4:18:d4:af:f2:67:
                    4f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:57:27:7F:02:CE:15:1D:8D:86:BE:BF:75:DA:D9:0D:9C:2D:6F:F9
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.104.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  39453

    Signature Algorithm: sha256WithRSAEncryption
         3f:dd:50:08:e0:8e:89:c9:b8:a0:5e:7f:1a:31:17:90:f2:80:
         4b:34:28:5c:5c:e3:68:32:44:ff:ad:ed:b8:a9:0b:20:15:fd:
         27:71:ba:6a:5f:1e:a2:9d:1d:ad:24:17:db:99:13:9b:da:ad:
         03:ac:d7:a4:60:1b:5f:88:41:0f:d7:f9:e5:5a:0e:86:70:87:
         bb:cf:1c:3d:fa:fe:52:2d:c7:af:31:49:0f:64:aa:dc:27:7a:
         29:a2:78:43:71:ae:bd:26:b9:e0:8c:aa:e5:81:26:a3:6b:29:
         3d:bc:63:19:ca:fa:c0:6a:ee:e8:81:e4:b8:dd:16:04:9e:18:
         01:9a:c7:5f:d0:11:42:92:60:ea:df:3c:4c:21:9a:f9:58:a6:
         bc:9d:2a:d5:b0:22:f8:32:63:0f:38:38:7d:ca:89:9f:67:3e:
         c3:b4:c6:98:fe:91:4c:e4:c6:f9:0c:66:8a:6f:49:c1:cb:44:
         59:1f:f2:0a:83:4f:2f:73:be:f7:6b:a1:df:a1:c0:1d:74:63:
         fd:4d:a5:e3:5e:4e:50:33:ac:cb:79:cd:65:2c:b9:83:e8:2e:
         b9:62:28:58:65:e3:cb:6c:bd:8a:de:ce:35:31:f4:4b:78:f7:
         1e:41:16:d8:67:86:74:26:4d:51:1c:6f:62:b9:52:c4:82:e8:
         3f:fa:28:9d
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZt8EyHmUYzySFt0rHEk8q7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDAxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzU3Mjc3ZjAyY2UxNTFkOGQ4NmJlYmY3NWRhZDkwZDljMmQ2ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2N9hahl1dDEf/Ad5D0DbFNWHpB/
w807Dek0SDA73qDd8/6rOCLDVR21z0sU7n8J0WCughR0CqEmPkgnimeKqp+TkY8e
B4KRmYO5YxsWtQyRP75BpBkHtQz4Oxo4GKeShzHdUcsKAxNhTKRKDFHtiUCmhAVE
Qx6Ad37RDTYKoj71n82frZ2xAAYtJ+UTEp9oUsLMV89juLM0o1qYFPkfxmP0ZGf8
05DFrjt2WqXchhcF+tG4/msAWbtFpDqZ2sOGeeM3dbqPSnJhed0z/POKOtSXKzcp
+1R6yPh0ZLzJvvCzdfofANsv6KAzGFMnM0Q430zYr4d6+YLEGNSv8mdPkwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFBdXJ38CzhUdjYa+v3Xa2Q2cLW/5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNmL2RjMzUy
Yi0xYjNiLTQ1YTEtYWRjYy0yMjc1MGNmYTZlYmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvZGMzNTJi
LTFiM2ItNDVhMS1hZGNjLTIyNzUwY2ZhNmViZi8xL0YxY25md0xPRlIyTmhyNl9k
ZHJaRFp3dGJfay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwRBoMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCaHTANBgkqhkiG9w0BAQsFAAOCAQEAP91QCOCOicm4oF5/GjEXkPKASzQoXFzj
aDJE/63tuKkLIBX9J3G6al8eop0drSQX25kTm9qtA6zXpGAbX4hBD9f55VoOhnCH
u88cPfr+Ui3HrzFJD2Sq3Cd6KaJ4Q3GuvSa54Iyq5YEmo2spPbxjGcr6wGru6IHk
uN0WBJ4YAZrHX9ARQpJg6t88TCGa+VimvJ0q1bAi+DJjDzg4fcqJn2c+w7TGmP6R
TOTG+Qxmim9JwctEWR/yCoNPL3O+92uh36HAHXRj/U2l415OUDOsy3nNZSy5g+gu
uWIoWGXjy2y9it7ONTH0S3j3HkEW2GeGdCZNURxvYrlSxILoP/oonQ==
-----END CERTIFICATE-----