Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hcAE7tTPscJ2cTgiL_wJUooqXIY.cer
File:                     hcAE7tTPscJ2cTgiL_wJUooqXIY.cer (raw, json)
Hash identifier:          tEzSO5BIp98GP8DckWmocRhNZstJ8O4JWnLG+S9pl2o=
Subject key identifier:   85:C0:04:EE:D4:CF:B1:C2:76:71:38:22:2F:FC:09:52:8A:2A:5C:86
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0198CBBD97C294A6D230857379D854855F35
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/6f/05215b-7152-4742-9b38-cbcc090f4a0f/1/hcAE7tTPscJ2cTgiL_wJUooqXIY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/6f/05215b-7152-4742-9b38-cbcc090f4a0f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 21 Aug 2025 08:27:36 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 44383
                          IP: 91.201.180.0/22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:cb:bd:97:c2:94:a6:d2:30:85:73:79:d8:54:85:5f:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug 21 08:27:36 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=85c004eed4cfb1c2767138222ffc09528a2a5c86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7d:61:82:0d:0f:e3:66:c2:ca:25:d7:31:46:
                    21:a2:fe:fb:27:3c:9c:43:63:31:45:57:d2:52:44:
                    18:33:56:3f:d2:4c:44:60:7a:83:61:23:d2:62:6f:
                    c8:63:ba:8d:29:1b:0e:4f:8e:99:37:20:e9:43:3d:
                    c9:3b:3f:f2:0b:4f:c8:91:f3:cd:35:28:29:ba:bb:
                    42:02:b6:53:42:0c:4d:0a:a3:ce:f3:69:5c:31:f4:
                    93:13:c7:e7:8e:d7:12:06:cb:62:81:4a:74:ec:e1:
                    77:70:99:ac:d2:48:d3:62:4b:83:b9:82:62:b2:78:
                    a7:13:89:99:bc:fd:7a:de:63:ef:6a:0f:dc:40:87:
                    12:a0:ea:de:99:cc:5d:d6:96:91:42:2f:26:2d:a8:
                    6e:24:1b:be:2d:bc:0c:73:99:f7:c7:86:03:35:8a:
                    60:74:ed:88:be:e5:07:d6:19:96:9b:ce:28:fa:d7:
                    56:1c:a1:8e:f5:87:c0:f7:92:02:6b:a1:17:11:e3:
                    d5:3a:e1:39:63:3e:e7:ce:49:24:e2:8e:26:8c:93:
                    e9:eb:18:24:82:22:59:dc:50:01:d6:df:c0:c0:c4:
                    b9:35:1a:2a:9f:58:0f:ca:8b:77:7f:10:ec:9d:d9:
                    56:fa:81:ad:42:c7:13:57:fc:19:99:9f:de:0c:67:
                    18:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:C0:04:EE:D4:CF:B1:C2:76:71:38:22:2F:FC:09:52:8A:2A:5C:86
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/05215b-7152-4742-9b38-cbcc090f4a0f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/05215b-7152-4742-9b38-cbcc090f4a0f/1/hcAE7tTPscJ2cTgiL_wJUooqXIY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.201.180.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44383

    Signature Algorithm: sha256WithRSAEncryption
         38:4f:26:39:30:39:80:1a:1a:66:f3:eb:b5:1d:6c:e5:f0:76:
         78:9a:9d:00:33:fb:81:c9:5d:7a:02:c8:24:68:01:92:83:d3:
         c7:cd:35:9f:62:1f:d6:cc:8f:20:f6:3f:2a:ef:ad:e1:55:c9:
         88:b0:8c:a0:e6:73:46:fe:c4:41:37:4e:a2:a6:f0:31:de:71:
         4a:8f:7d:d8:0a:ff:bc:18:9b:cb:f7:fe:1e:00:9d:a5:a4:90:
         79:0a:7c:ed:06:ac:c9:17:59:72:3b:f3:bd:67:5d:44:9e:e3:
         80:60:3c:c7:3f:aa:c4:ca:ec:24:dc:89:a8:c8:f1:eb:a7:59:
         8a:73:35:7a:52:01:d7:a5:dc:15:b3:98:85:3b:fb:bd:95:c6:
         ae:06:67:d5:7d:ca:28:a7:b0:b9:7d:92:48:15:9b:35:49:88:
         fd:be:60:84:9e:f3:71:fb:59:01:ec:be:cd:7c:f0:9b:5d:26:
         b8:af:12:89:f0:14:f7:1a:93:34:f9:47:ed:7d:a1:f1:fb:48:
         0e:69:f1:25:cc:c6:31:79:ef:10:9f:98:c5:16:57:8f:6c:75:
         18:ff:0f:7b:99:55:61:99:7a:4e:a9:cb:d4:26:47:e6:70:f3:
         fb:b0:be:a2:5d:5e:49:01:de:ad:bb:4e:4e:d6:a6:a9:9f:e2:
         87:97:a3:f6
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZjLvZfClKbSMIVzedhUhV81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODIxMDgyNzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWMwMDRlZWQ0Y2ZiMWMyNzY3MTM4MjIyZmZjMDk1MjhhMmE1Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH1hgg0P42bCyiXXMUYhov77Jzyc
Q2MxRVfSUkQYM1Y/0kxEYHqDYSPSYm/IY7qNKRsOT46ZNyDpQz3JOz/yC0/IkfPN
NSgpurtCArZTQgxNCqPO82lcMfSTE8fnjtcSBstigUp07OF3cJms0kjTYkuDuYJi
sninE4mZvP163mPvag/cQIcSoOremcxd1paRQi8mLahuJBu+LbwMc5n3x4YDNYpg
dO2IvuUH1hmWm84o+tdWHKGO9YfA95ICa6EXEePVOuE5Yz7nzkkk4o4mjJPp6xgk
giJZ3FAB1t/AwMS5NRoqn1gPyot3fxDsndlW+oGtQscTV/wZmZ/eDGcYNwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFIXABO7Uz7HCdnE4Ii/8CVKKKlyGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmLzA1MjE1
Yi03MTUyLTQ3NDItOWIzOC1jYmNjMDkwZjRhMGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvMDUyMTVi
LTcxNTItNDc0Mi05YjM4LWNiY2MwOTBmNGEwZi8xL2hjQUU3dFRQc2NKMmNUZ2lM
X3dKVW9vcVhJWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCW8m0MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCtXzANBgkqhkiG9w0BAQsFAAOCAQEAOE8mOTA5gBoaZvPrtR1s5fB2eJqdADP7
gcldegLIJGgBkoPTx801n2If1syPIPY/Ku+t4VXJiLCMoOZzRv7EQTdOoqbwMd5x
So992Ar/vBiby/f+HgCdpaSQeQp87QasyRdZcjvzvWddRJ7jgGA8xz+qxMrsJNyJ
qMjx66dZinM1elIB16XcFbOYhTv7vZXGrgZn1X3KKKewuX2SSBWbNUmI/b5ghJ7z
cftZAey+zXzwm10muK8SifAU9xqTNPlH7X2h8ftIDmnxJczGMXnvEJ+YxRZXj2x1
GP8Pe5lVYZl6TqnL1CZH5nDz+7C+ol1eSQHerbtOTtamqZ/ih5ej9g==
-----END CERTIFICATE-----