Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.cer (raw, json)
Hash identifier:          gt7gN3GUSRvM+UorNYLe/4Jhwvg80WTIaEYgQOFTSSQ=
Subject key identifier:   44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C12883F0D34AD28DC4FD2767B9531C9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 00:19:07 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 216345
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:88:3f:0d:34:ad:28:dc:4f:d2:76:7b:95:31:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:19:07 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=44dbe3626a76b04a120889704958863d42632f0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:51:e1:3c:d9:bd:b9:3c:1a:0e:ce:00:d4:84:
                    24:33:37:b6:2f:b3:29:b2:37:78:49:5c:41:1e:7c:
                    6f:72:e0:27:4c:4f:b2:1d:b9:18:2d:95:7c:9e:a8:
                    26:28:39:8d:0f:a9:f0:9c:33:fa:20:b8:98:e9:a4:
                    71:44:07:fc:cb:02:3c:ea:ab:09:03:25:5a:6c:70:
                    ad:a7:f2:d7:a6:ac:c2:85:17:2c:cd:ba:60:fd:0b:
                    24:f1:71:b0:7b:9d:af:90:09:2e:21:33:5c:e8:a6:
                    dd:48:aa:56:7f:51:cc:7d:0a:90:05:4e:e6:a8:aa:
                    59:64:50:a8:f2:f7:57:98:b5:2a:74:2a:0f:8c:02:
                    43:de:4e:2f:76:6f:06:41:24:d9:5c:9a:f9:19:bf:
                    5f:50:14:17:29:74:78:ea:ff:08:6c:2b:2f:eb:53:
                    5b:60:4d:fe:de:92:0b:3b:3b:7d:32:5d:a4:71:66:
                    ad:df:78:78:e3:4b:13:c5:15:51:fe:14:31:ff:4c:
                    13:4a:e8:2b:40:39:11:24:c4:a1:ee:07:86:1a:4e:
                    ea:a2:95:db:9c:58:10:c3:19:02:9a:3d:99:93:0d:
                    61:53:eb:72:20:9b:e0:93:d7:45:a9:bb:ce:6b:25:
                    79:07:07:77:fa:90:cd:4a:e5:ac:49:92:48:76:bd:
                    4a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216345

    Signature Algorithm: sha256WithRSAEncryption
         21:ba:f9:f4:5e:90:da:62:57:8f:51:22:e6:b2:1c:3a:c5:ee:
         ff:ff:d9:a4:e9:da:e1:5b:4f:b1:01:13:ce:e8:50:05:aa:50:
         02:5b:c9:ae:b1:b0:01:52:0f:fb:a8:a2:d7:8a:28:98:f6:85:
         2d:a8:37:1a:02:66:a4:e9:45:e7:0a:83:12:ce:a9:ef:86:63:
         2c:8a:4f:09:09:65:f1:b8:81:af:5c:b3:09:13:0c:bb:8b:19:
         97:79:b7:27:1e:15:19:87:6e:89:5d:d2:51:a5:b7:5d:fd:ca:
         f1:30:38:e2:d8:9d:d6:de:bc:eb:d3:29:16:d4:d1:1f:13:c2:
         b8:ca:18:41:11:34:e7:f5:5d:33:71:b2:d2:aa:5e:58:70:b8:
         35:a6:95:72:c0:4d:28:01:96:bc:c4:8e:b5:5a:3a:4f:7c:3d:
         33:af:bf:53:e7:ec:00:0d:51:8f:e8:98:f6:24:4a:0d:ea:cb:
         7c:70:01:a7:1d:c2:80:ca:fe:98:62:49:60:7f:ad:44:4e:45:
         54:4d:4c:3a:cd:b8:34:38:24:1f:ff:66:9d:25:5a:7e:0d:95:
         3f:be:32:97:6f:7f:fe:ba:90:2b:bf:c0:18:b9:b3:82:37:6b:
         6e:d9:21:7c:ee:b5:ca:72:a7:f8:84:64:c5:1c:5c:4d:8f:51:
         9c:ef:d7:04
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt8Eog/DTStKNxP0nZ7lTHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDAxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGRiZTM2MjZhNzZiMDRhMTIwODg5NzA0OTU4ODYzZDQyNjMyZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VHhPNm9uTwaDs4A1IQkMze2L7Mp
sjd4SVxBHnxvcuAnTE+yHbkYLZV8nqgmKDmND6nwnDP6ILiY6aRxRAf8ywI86qsJ
AyVabHCtp/LXpqzChRcszbpg/Qsk8XGwe52vkAkuITNc6KbdSKpWf1HMfQqQBU7m
qKpZZFCo8vdXmLUqdCoPjAJD3k4vdm8GQSTZXJr5Gb9fUBQXKXR46v8IbCsv61Nb
YE3+3pILOzt9Ml2kcWat33h440sTxRVR/hQx/0wTSugrQDkRJMSh7geGGk7qopXb
nFgQwxkCmj2Zkw1hU+tyIJvgk9dFqbvOayV5Bwd3+pDNSuWsSZJIdr1KlwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFETb42JqdrBKEgiJcElYhj1CYy8PMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQwL2M4ZTQx
OS0wMzQ2LTQzM2YtOTMwOS1kZTgxZjlhZDc3OWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAvYzhlNDE5
LTAzNDYtNDMzZi05MzA5LWRlODFmOWFkNzc5Yy8xL1JOdmpZbXAyc0VvU0NJbHdT
VmlHUFVKakx3OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNNGTANBgkqhkiG9w0BAQsFAAOCAQEAIbr59F6Q2mJX
j1Ei5rIcOsXu///ZpOna4VtPsQETzuhQBapQAlvJrrGwAVIP+6ii14oomPaFLag3
GgJmpOlF5wqDEs6p74ZjLIpPCQll8biBr1yzCRMMu4sZl3m3Jx4VGYduiV3SUaW3
Xf3K8TA44tid1t6869MpFtTRHxPCuMoYQRE05/VdM3Gy0qpeWHC4NaaVcsBNKAGW
vMSOtVo6T3w9M6+/U+fsAA1Rj+iY9iRKDerLfHABpx3CgMr+mGJJYH+tRE5FVE1M
Os24NDgkH/9mnSVafg2VP74yl29//rqQK7/AGLmzgjdrbtkhfO61ynKn+IRkxRxc
TY9RnO/XBA==
-----END CERTIFICATE-----