Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/R2ehIMt9otZLgS5viOE4CVMFVWw.cer
File:                     R2ehIMt9otZLgS5viOE4CVMFVWw.cer (raw, json)
Hash identifier:          tQgTMKCgMA084LoOg+3a5Xstlwwdv26Wy1EaRpwoBSc=
Subject key identifier:   47:67:A1:20:CB:7D:A2:D6:4B:81:2E:6F:88:E1:38:09:53:05:55:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019C6B933616298100291244CFC8FCEA4FA2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/8f/190ba6-c4b3-4a52-800b-4352e880a8f9/1/R2ehIMt9otZLgS5viOE4CVMFVWw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/8f/190ba6-c4b3-4a52-800b-4352e880a8f9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 17 Feb 2026 12:28:55 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 201033
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:6b:93:36:16:29:81:00:29:12:44:cf:c8:fc:ea:4f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 17 12:28:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4767a120cb7da2d64b812e6f88e138095305556c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bd:85:21:c8:8d:26:fa:68:5d:36:75:05:f6:
                    9b:c6:d2:44:09:29:a9:c6:be:a2:6d:52:e8:3b:d1:
                    15:d6:f3:44:c9:f2:9c:12:14:f9:2c:7c:a2:52:36:
                    fb:09:24:4a:aa:0c:af:3d:48:12:08:f7:f4:09:fc:
                    e7:34:15:5b:eb:0d:c9:83:31:ab:f7:a3:5c:ed:fd:
                    d7:59:2f:9f:6d:fe:39:eb:81:07:22:f7:fe:fa:4a:
                    e9:5c:22:3a:6a:57:8d:d6:be:c9:6d:82:f7:9e:a0:
                    1f:fa:df:72:b1:ec:40:60:e7:5c:0c:78:4c:7d:d2:
                    f6:71:bb:be:2d:d4:3d:f7:62:71:4e:1f:7a:5e:13:
                    3e:44:85:bb:6c:09:9d:61:4e:c4:e0:97:32:2c:da:
                    9d:da:8a:29:b8:4e:80:44:d9:db:6d:44:1d:62:6a:
                    a2:57:0d:81:96:ad:27:5a:cf:2d:e2:0e:a3:a7:aa:
                    b6:f3:3f:85:34:84:f3:90:3b:7b:43:34:e4:e2:f8:
                    a8:06:17:5b:88:ea:8b:f2:fb:eb:b2:e6:4c:0f:50:
                    a8:81:21:b7:10:f9:a3:c8:c2:45:ab:88:bb:44:6e:
                    1d:ae:0a:0b:d1:11:5e:32:78:32:b3:83:69:0d:2b:
                    8a:e9:02:c0:9a:df:ed:e6:8c:b2:33:33:39:89:75:
                    29:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:67:A1:20:CB:7D:A2:D6:4B:81:2E:6F:88:E1:38:09:53:05:55:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/190ba6-c4b3-4a52-800b-4352e880a8f9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/190ba6-c4b3-4a52-800b-4352e880a8f9/1/R2ehIMt9otZLgS5viOE4CVMFVWw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201033

    Signature Algorithm: sha256WithRSAEncryption
         82:bd:ee:e6:a5:46:53:cc:d4:57:bd:51:8d:71:96:d6:94:49:
         5f:ef:b8:a6:e5:3e:72:49:96:03:23:37:85:76:a7:f2:8e:b2:
         d5:57:b8:9b:1b:e4:e7:f2:a1:d4:b1:bf:73:c0:b3:64:78:8f:
         80:e5:10:91:47:49:cf:13:8f:5a:af:3c:3b:89:74:b4:b8:de:
         ef:45:61:57:a0:15:85:2b:5b:bd:c2:93:67:89:d7:7c:89:41:
         19:d5:60:9c:a5:02:1a:a8:90:d6:f1:2b:0b:07:51:a3:69:d9:
         7a:fc:36:7d:81:4f:74:5d:2a:1e:e7:a2:63:86:a7:78:a7:8d:
         88:f5:f7:c8:c5:0c:53:94:38:f7:fb:e7:39:7e:e8:3e:d9:e5:
         b8:8f:c7:0e:e1:1d:2f:e0:12:72:63:69:a5:68:2e:8d:ed:74:
         b6:6e:8c:3e:63:f0:be:33:54:b2:2c:01:6b:3d:13:e0:12:85:
         b1:63:37:a9:6e:25:85:ec:b8:c7:f7:77:31:e9:18:ec:8a:7d:
         ac:43:0a:37:8a:17:df:b4:0d:d0:b7:15:43:01:e5:eb:e0:70:
         e0:a1:62:fb:ba:dd:ca:f5:4d:85:83:66:b7:67:7c:09:e5:92:
         92:ea:85:5a:7c:93:66:a7:0a:13:e6:61:5b:0f:56:ef:a6:2d:
         b5:fe:ee:a9
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZxrkzYWKYEAKRJEz8j86k+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMjE3MTIyODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY3YTEyMGNiN2RhMmQ2NGI4MTJlNmY4OGUxMzgwOTUzMDU1NTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L2FIciNJvpoXTZ1BfabxtJECSmp
xr6ibVLoO9EV1vNEyfKcEhT5LHyiUjb7CSRKqgyvPUgSCPf0CfznNBVb6w3JgzGr
96Nc7f3XWS+fbf4564EHIvf++krpXCI6aleN1r7JbYL3nqAf+t9ysexAYOdcDHhM
fdL2cbu+LdQ992JxTh96XhM+RIW7bAmdYU7E4JcyLNqd2oopuE6ARNnbbUQdYmqi
Vw2Blq0nWs8t4g6jp6q28z+FNITzkDt7QzTk4vioBhdbiOqL8vvrsuZMD1CogSG3
EPmjyMJFq4i7RG4drgoL0RFeMngys4NpDSuK6QLAmt/t5oyyMzM5iXUpGwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEdnoSDLfaLWS4Eub4jhOAlTBVVsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhmLzE5MGJh
Ni1jNGIzLTRhNTItODAwYi00MzUyZTg4MGE4ZjkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvMTkwYmE2
LWM0YjMtNGE1Mi04MDBiLTQzNTJlODgwYThmOS8xL1IyZWhJTXQ5b3RaTGdTNXZp
T0U0Q1ZNRlZXdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMRSTANBgkqhkiG9w0BAQsFAAOCAQEAgr3u5qVGU8zU
V71RjXGW1pRJX++4puU+ckmWAyM3hXan8o6y1Ve4mxvk5/Kh1LG/c8CzZHiPgOUQ
kUdJzxOPWq88O4l0tLje70VhV6AVhStbvcKTZ4nXfIlBGdVgnKUCGqiQ1vErCwdR
o2nZevw2fYFPdF0qHueiY4aneKeNiPX3yMUMU5Q49/vnOX7oPtnluI/HDuEdL+AS
cmNppWguje10tm6MPmPwvjNUsiwBaz0T4BKFsWM3qW4lhey4x/d3MekY7Ip9rEMK
N4oX37QN0LcVQwHl6+Bw4KFi+7rdyvVNhYNmt2d8CeWSkuqFWnyTZqcKE+ZhWw9W
76Yttf7uqQ==
-----END CERTIFICATE-----