Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mEZq7HUpKLbUhluZ6GCMSuxLeKw.cer
File:                     mEZq7HUpKLbUhluZ6GCMSuxLeKw.cer (raw, json)
Hash identifier:          gFm2rtPwSqX3fFE9vjpDNNdXrvPLvqb9os7P1Yj8ttk=
Subject key identifier:   98:46:6A:EC:75:29:28:B6:D4:86:5B:99:E8:60:8C:4A:EC:4B:78:AC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0198853A8437852413063D541EFD9F468AFC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/75/abf0f5-3b03-42a4-aded-fd0c27fc113a/1/mEZq7HUpKLbUhluZ6GCMSuxLeKw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/75/abf0f5-3b03-42a4-aded-fd0c27fc113a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 07 Aug 2025 15:51:01 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 207196
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:85:3a:84:37:85:24:13:06:3d:54:1e:fd:9f:46:8a:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Aug  7 15:51:01 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=98466aec752928b6d4865b99e8608c4aec4b78ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:4a:e8:27:56:a1:c5:e1:23:b7:5f:7a:a5:0c:
                    95:6f:1e:d1:a0:0c:e0:d0:45:cd:56:fd:7e:f9:f9:
                    5b:a7:ae:2d:1f:89:98:3c:66:66:9e:98:58:c5:ce:
                    ea:a0:a1:a9:e5:fa:86:0c:23:08:0a:6a:02:d3:b0:
                    f2:39:42:6b:6e:b2:a8:e7:f9:42:ec:b4:dc:c6:fe:
                    95:77:1b:79:de:ca:c8:95:b3:dc:7e:fd:d2:9d:93:
                    65:87:ec:58:87:08:8b:ca:33:01:0d:c0:3d:b3:9a:
                    7e:dd:78:5d:af:3b:79:49:6e:00:2d:fb:0e:b4:04:
                    8e:ed:78:00:e0:13:4f:d9:0b:ea:9d:fd:eb:a9:42:
                    6d:a0:88:18:f8:ce:59:7c:b1:0b:08:0d:62:23:c1:
                    d1:5b:f8:6d:40:84:19:ea:70:fe:90:e6:e0:d3:ca:
                    17:8c:2f:18:6c:10:af:a3:e4:42:26:69:e5:6f:8d:
                    2c:2c:3c:70:e2:2e:e4:d2:08:18:70:c9:72:81:2f:
                    8f:2d:b7:7d:c8:99:1b:26:e2:0c:6d:ed:2a:1b:ac:
                    52:56:1c:58:47:54:7a:96:d1:44:1d:85:cf:43:d1:
                    4b:5b:e8:4e:2e:25:dc:13:3e:34:6b:54:6d:f9:25:
                    4c:d6:a2:82:63:c7:24:94:aa:07:d2:73:9f:76:eb:
                    54:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:46:6A:EC:75:29:28:B6:D4:86:5B:99:E8:60:8C:4A:EC:4B:78:AC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/abf0f5-3b03-42a4-aded-fd0c27fc113a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/abf0f5-3b03-42a4-aded-fd0c27fc113a/1/mEZq7HUpKLbUhluZ6GCMSuxLeKw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207196

    Signature Algorithm: sha256WithRSAEncryption
         10:d0:99:02:3b:aa:f9:b6:43:ba:53:ce:aa:46:87:f9:9a:f0:
         58:3a:aa:ea:2b:2c:1d:69:3d:00:d9:7c:c7:0c:62:2c:3d:e5:
         56:de:ee:e7:75:7c:1f:d7:09:4f:9e:4b:e7:0f:cf:c5:79:59:
         81:e5:63:f1:9e:67:c5:9a:fb:95:03:2a:08:c3:2b:7b:fd:b0:
         44:8c:cf:3c:0f:d1:b5:53:ad:ef:be:e9:48:d0:26:81:db:3e:
         14:6a:6a:39:ff:92:7e:c4:1c:18:13:34:82:69:09:2c:a3:d6:
         15:4e:89:be:f5:5e:b6:ad:bd:c9:04:8d:0c:3a:6c:46:89:fd:
         f1:c2:8d:56:a5:fe:f8:a6:5e:cc:ec:cf:4a:00:83:08:57:bd:
         ed:2c:01:8e:c2:07:b6:58:56:a2:f6:79:9a:93:20:d7:e2:48:
         b3:4a:dc:62:84:d7:a1:bd:e1:f0:49:79:cf:bb:61:81:88:f5:
         90:8f:23:30:ff:4a:d8:8a:ca:0c:8b:14:76:7f:68:ae:3d:8b:
         3f:71:a7:86:4a:53:f2:cd:fb:d2:c2:07:36:13:b5:a1:90:38:
         c7:c7:c5:eb:f2:3b:6e:d1:70:1c:1a:04:ab:c0:55:35:b1:6b:
         a3:04:12:a8:4d:5c:43:50:52:58:34:21:58:a5:6c:54:e1:21:
         92:fc:b4:1a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZiFOoQ3hSQTBj1UHv2fRor8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwODA3MTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQ2NmFlYzc1MjkyOGI2ZDQ4NjViOTllODYwOGM0YWVjNGI3OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0roJ1ahxeEjt196pQyVbx7RoAzg
0EXNVv1++flbp64tH4mYPGZmnphYxc7qoKGp5fqGDCMICmoC07DyOUJrbrKo5/lC
7LTcxv6Vdxt53srIlbPcfv3SnZNlh+xYhwiLyjMBDcA9s5p+3Xhdrzt5SW4ALfsO
tASO7XgA4BNP2Qvqnf3rqUJtoIgY+M5ZfLELCA1iI8HRW/htQIQZ6nD+kObg08oX
jC8YbBCvo+RCJmnlb40sLDxw4i7k0ggYcMlygS+PLbd9yJkbJuIMbe0qG6xSVhxY
R1R6ltFEHYXPQ9FLW+hOLiXcEz40a1Rt+SVM1qKCY8cklKoH0nOfdutUNwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJhGaux1KSi21IZbmehgjErsS3isMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc1L2FiZjBm
NS0zYjAzLTQyYTQtYWRlZC1mZDBjMjdmYzExM2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvYWJmMGY1
LTNiMDMtNDJhNC1hZGVkLWZkMGMyN2ZjMTEzYS8xL21FWnE3SFVwS0xiVWhsdVo2
R0NNU3V4TGVLdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMpXDANBgkqhkiG9w0BAQsFAAOCAQEAENCZAjuq+bZD
ulPOqkaH+ZrwWDqq6issHWk9ANl8xwxiLD3lVt7u53V8H9cJT55L5w/PxXlZgeVj
8Z5nxZr7lQMqCMMre/2wRIzPPA/RtVOt777pSNAmgds+FGpqOf+SfsQcGBM0gmkJ
LKPWFU6JvvVetq29yQSNDDpsRon98cKNVqX++KZezOzPSgCDCFe97SwBjsIHtlhW
ovZ5mpMg1+JIs0rcYoTXob3h8El5z7thgYj1kI8jMP9K2IrKDIsUdn9orj2LP3Gn
hkpT8s370sIHNhO1oZA4x8fF6/I7btFwHBoEq8BVNbFrowQSqE1cQ1BSWDQhWKVs
VOEhkvy0Gg==
-----END CERTIFICATE-----