Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6ssFiF5lXMJnEAq6R_8V5ada5s.cer
File:                     d6ssFiF5lXMJnEAq6R_8V5ada5s.cer (raw, json)
Hash identifier:          Y18/R1xodp3xnhDiBYZcQdhlKReWf7Fh6U+USsS6Z2s=
Subject key identifier:   77:AB:2C:16:21:79:95:73:09:9C:40:2A:E9:1F:FC:57:96:9D:6B:9B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0198CCF741D6A1D28C1AE9D9FD52C456D68B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f9/30655f-59c3-4dc5-ab2c-397bc4031594/1/d6ssFiF5lXMJnEAq6R_8V5ada5s.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f9/30655f-59c3-4dc5-ab2c-397bc4031594/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 21 Aug 2025 14:10:13 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 205305
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:cc:f7:41:d6:a1:d2:8c:1a:e9:d9:fd:52:c4:56:d6:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug 21 14:10:13 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=77ab2c1621799573099c402ae91ffc57969d6b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a6:f5:4d:bc:ac:1e:fb:a0:5d:78:26:d7:b3:
                    cb:0c:f9:db:2e:cb:4b:fc:ee:b1:74:59:13:2f:3d:
                    d5:92:ec:4f:fc:cc:fe:c0:ef:74:5b:3c:60:00:38:
                    f4:41:71:5c:83:cd:92:5d:26:21:c3:03:4b:57:0d:
                    b8:bc:c5:8b:08:b0:90:b3:f3:90:dd:ae:68:f5:7c:
                    be:1e:5a:b7:ed:1e:8a:8c:7c:0b:da:a1:77:c1:d8:
                    46:e0:99:b8:b7:d1:39:30:bf:a6:41:66:74:f7:81:
                    5b:76:ee:ca:8c:96:3b:91:6e:5e:ac:c3:c8:89:11:
                    72:94:1f:93:84:ab:0f:51:9b:7f:2d:5a:9e:d2:f4:
                    46:0a:9f:25:14:ea:0a:01:65:42:cd:10:a9:d9:cc:
                    1a:a2:7c:f5:14:3d:e1:b1:2b:f4:d8:5b:08:ae:0e:
                    ef:69:46:ad:03:8b:69:48:b2:77:9a:68:d4:5e:43:
                    65:d9:80:69:07:e7:c8:03:60:ee:96:af:2d:03:95:
                    45:e0:78:ca:b6:71:d5:d5:69:c8:65:e2:b1:f8:8b:
                    12:2a:46:07:97:97:86:59:fa:4d:5a:13:77:99:39:
                    34:c6:23:14:af:bb:d5:77:d6:dd:6b:c1:c0:0a:1b:
                    97:dc:3f:e3:8d:23:bb:52:70:e0:97:4e:69:0f:c5:
                    27:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:AB:2C:16:21:79:95:73:09:9C:40:2A:E9:1F:FC:57:96:9D:6B:9B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/30655f-59c3-4dc5-ab2c-397bc4031594/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/30655f-59c3-4dc5-ab2c-397bc4031594/1/d6ssFiF5lXMJnEAq6R_8V5ada5s.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205305

    Signature Algorithm: sha256WithRSAEncryption
         33:9a:e9:d6:2a:42:a1:1b:17:e6:d6:1f:da:e6:d7:5c:c6:d7:
         c8:c4:39:56:3f:c9:17:08:79:b1:79:dc:47:1f:e4:54:79:19:
         dc:dd:d4:7a:e8:90:69:d5:4b:f5:52:35:80:ee:94:41:cb:4c:
         4c:08:99:fb:b9:50:96:ec:ab:eb:7d:e7:14:ef:d8:71:4c:01:
         0a:db:d1:9e:e1:5e:bf:5d:39:38:b4:d1:22:5a:81:f5:b2:09:
         d4:05:ea:60:2f:64:8e:6b:8a:65:62:22:d0:b4:42:54:7c:0c:
         83:69:c1:ed:45:7c:b2:57:5c:6a:3a:71:4d:a6:44:b1:57:51:
         ed:aa:38:26:c5:fd:0e:f4:3c:71:f4:d4:71:44:4a:30:d8:bf:
         46:14:39:94:e2:95:00:4c:6b:19:4a:cf:53:83:1b:45:d0:9c:
         70:99:6e:f0:1a:fe:74:ee:7b:cb:2f:35:d9:24:20:4f:0a:de:
         ea:13:1a:d0:3e:e9:d2:e2:0f:40:b3:67:79:be:38:31:44:f1:
         b5:c0:81:9c:d8:3a:31:da:22:28:39:21:a8:1b:cb:b0:59:4c:
         95:28:3c:07:9d:cc:c1:5f:ca:f4:44:73:7e:2a:a7:46:78:6c:
         2c:cc:8f:d7:9e:a4:90:e0:1a:68:c8:a6:1d:e7:98:77:f4:77:
         bb:01:a4:b8
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZjM90HWodKMGunZ/VLEVtaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODIxMTQxMDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FiMmMxNjIxNzk5NTczMDk5YzQwMmFlOTFmZmM1Nzk2OWQ2YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26b1TbysHvugXXgm17PLDPnbLstL
/O6xdFkTLz3VkuxP/Mz+wO90WzxgADj0QXFcg82SXSYhwwNLVw24vMWLCLCQs/OQ
3a5o9Xy+Hlq37R6KjHwL2qF3wdhG4Jm4t9E5ML+mQWZ094Fbdu7KjJY7kW5erMPI
iRFylB+ThKsPUZt/LVqe0vRGCp8lFOoKAWVCzRCp2cwaonz1FD3hsSv02FsIrg7v
aUatA4tpSLJ3mmjUXkNl2YBpB+fIA2Dulq8tA5VF4HjKtnHV1WnIZeKx+IsSKkYH
l5eGWfpNWhN3mTk0xiMUr7vVd9bda8HAChuX3D/jjSO7UnDgl05pD8UnFQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHerLBYheZVzCZxAKukf/FeWnWubMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5LzMwNjU1
Zi01OWMzLTRkYzUtYWIyYy0zOTdiYzQwMzE1OTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvMzA2NTVm
LTU5YzMtNGRjNS1hYjJjLTM5N2JjNDAzMTU5NC8xL2Q2c3NGaUY1bFhNSm5FQXE2
Ul84VjVhZGE1cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMh+TANBgkqhkiG9w0BAQsFAAOCAQEAM5rp1ipCoRsX
5tYf2ubXXMbXyMQ5Vj/JFwh5sXncRx/kVHkZ3N3UeuiQadVL9VI1gO6UQctMTAiZ
+7lQluyr633nFO/YcUwBCtvRnuFev105OLTRIlqB9bIJ1AXqYC9kjmuKZWIi0LRC
VHwMg2nB7UV8sldcajpxTaZEsVdR7ao4JsX9DvQ8cfTUcURKMNi/RhQ5lOKVAExr
GUrPU4MbRdCccJlu8Br+dO57yy812SQgTwre6hMa0D7p0uIPQLNneb44MUTxtcCB
nNg6MdoiKDkhqBvLsFlMlSg8B53MwV/K9ERzfiqnRnhsLMyP156kkOAaaMimHeeY
d/R3uwGkuA==
-----END CERTIFICATE-----