RPKI Certificate
Location: rpki.ripe.net/repository/DEFAULT/IE0C1LO29ho9dwXfYyRJIpKQERI.cer (download)

Subject key identifier:   20:4D:02:D4:B3:B6:F6:1A:3D:77:05:DF:63:24:49:22:92:90:11:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Manifest:                 nostromo.heficed.net/repo/1123932/0/204D02D4B3B6F61A3D7705DF6324492292901112.mft
Subordinate resources:
    1: IP: 194.33.149.0/24
    2: IP: 194.33.182.0/24
    3: IP: 194.34.139.0/24
    4: IP: 194.34.175.0/24

--
$ openssl x509 -text -inform DER -in rpki.ripe.net/repository/DEFAULT/IE0C1LO29ho9dwXfYyRJIpKQERI.cer
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 503517981230 (0x753c02aa2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:02:01 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=204d02d4b3b6f61a3d7705df6324492292901112
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ad:44:66:d3:1c:d3:e5:5d:37:aa:e8:ed:5d:
                    51:9d:d5:3a:4a:7c:b8:99:f2:c0:e5:37:ca:c2:fd:
                    11:0e:e0:bc:77:87:14:78:c7:51:00:87:65:52:15:
                    13:f7:47:82:54:72:f3:dc:1a:1a:eb:a1:7e:3c:c3:
                    f3:c9:20:ce:4f:3b:0c:4f:ed:e4:7e:ed:d9:3c:05:
                    a6:4f:6d:4a:f7:e6:80:63:cf:dd:43:d1:10:70:35:
                    a1:1d:a7:40:81:94:ab:d3:58:fa:bc:e8:97:e9:65:
                    bd:89:44:5b:ce:eb:f0:b6:0b:50:4a:63:0b:f1:cc:
                    01:8e:06:fa:fa:03:82:4e:53:4a:1d:48:52:01:f0:
                    8c:3d:5a:82:e5:49:46:4d:67:36:5e:8b:b9:a3:2f:
                    4d:dd:d8:37:12:0f:2a:7b:fc:5e:9d:15:64:64:8b:
                    94:1c:b1:1f:8e:11:2f:5c:53:b8:83:d2:ef:d4:10:
                    0e:76:32:31:df:0a:48:ca:ab:90:45:99:42:1f:94:
                    ae:fa:8d:38:cc:e0:03:27:0d:78:52:b8:db:62:01:
                    bf:93:13:6f:db:02:10:7a:b6:14:ea:10:66:52:58:
                    aa:39:44:36:ca:1a:f9:6a:d8:f7:09:50:01:85:ba:
                    49:1c:dd:b0:bc:f5:a6:0c:8e:5f:db:a1:68:6b:0b:
                    52:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://nostromo.heficed.net/repo/1123932/0/
                1.3.6.1.5.5.7.48.10 - URI:rsync://nostromo.heficed.net/repo/1123932/0/204D02D4B3B6F61A3D7705DF6324492292901112.mft
                1.3.6.1.5.5.7.48.13 - URI:https://nostromo.heficed.net/rrdp/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: 1.3.6.1.5.5.7.14.2

            sbgp-ipAddrBlock: critical
                0 0.....0.....!.....!.....".....".
    Signature Algorithm: sha256WithRSAEncryption
         5c:22:88:82:c9:37:c9:16:f9:0b:43:5a:b3:94:e1:80:38:68:
         0b:18:87:11:a5:4e:46:5a:29:d0:cc:fb:84:8f:dd:a7:2e:0b:
         59:33:37:b4:cb:eb:af:88:2d:37:6d:c2:e5:04:5c:bf:67:59:
         92:f5:17:8a:2d:f0:cb:80:68:ec:dd:87:a8:57:66:27:79:1b:
         0a:8b:7a:93:db:41:7e:5d:db:e1:47:0f:1e:92:b6:95:3a:85:
         e1:57:8b:8c:26:02:77:68:12:5c:90:ce:41:0b:46:c9:d3:4f:
         5b:0e:26:00:3d:d6:56:40:05:79:74:58:6c:82:9c:55:f9:15:
         0c:f1:15:e2:8d:6f:1c:b2:f9:7e:4e:89:6c:3b:cf:1f:7c:1f:
         ec:df:05:ff:99:44:03:a2:0b:a1:9d:91:00:55:97:df:57:65:
         4b:b6:d3:ce:15:e9:8c:d3:f3:05:e0:f6:b3:af:c9:f6:80:c3:
         7c:14:4b:02:55:24:09:51:50:5b:58:a8:1c:a4:bd:cf:e7:0d:
         d9:d9:53:82:63:09:42:4b:37:be:4a:95:7c:4a:16:ff:95:a0:
         d5:3e:97:cc:d2:f1:88:fc:89:f3:e2:fa:a5:6f:d9:cb:bd:cd:
         91:da:db:9d:b9:da:2e:f6:b4:d1:82:ae:f3:aa:f0:3e:57:93:
         75:e9:6a:0e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIFdTwCqi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMDAyMDFaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIwNGQwMmQ0YjNi
NmY2MWEzZDc3MDVkZjYzMjQ0OTIyOTI5MDExMTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlrURm0xzT5V03qujtXVGd1TpKfLiZ8sDlN8rC/REO4Lx3
hxR4x1EAh2VSFRP3R4JUcvPcGhrroX48w/PJIM5POwxP7eR+7dk8BaZPbUr35oBj
z91D0RBwNaEdp0CBlKvTWPq86JfpZb2JRFvO6/C2C1BKYwvxzAGOBvr6A4JOU0od
SFIB8Iw9WoLlSUZNZzZei7mjL03d2DcSDyp7/F6dFWRki5QcsR+OES9cU7iD0u/U
EA52MjHfCkjKq5BFmUIflK76jTjM4AMnDXhSuNtiAb+TE2/bAhB6thTqEGZSWKo5
RDbKGvlq2PcJUAGFukkc3bC89aYMjl/boWhrC1LRAgMBAAGjggJiMIICXjAdBgNV
HQ4EFgQUIE0C1LO29ho9dwXfYyRJIpKQERIwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCB
8AYIKwYBBQUHAQsEgeMwgeAwOAYIKwYBBQUHMAWGLHJzeW5jOi8vbm9zdHJvbW8u
aGVmaWNlZC5uZXQvcmVwby8xMTIzOTMyLzAvMGQGCCsGAQUFBzAKhlhyc3luYzov
L25vc3Ryb21vLmhlZmljZWQubmV0L3JlcG8vMTEyMzkzMi8wLzIwNEQwMkQ0QjNC
NkY2MUEzRDc3MDVERjYzMjQ0OTIyOTI5MDExMTIubWZ0MD4GCCsGAQUFBzANhjJo
dHRwczovL25vc3Ryb21vLmhlZmljZWQubmV0L3JyZHAvbm90aWZpY2F0aW9uLnht
bDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw
GAMEAMIhlQMEAMIhtgMEAMIiiwMEAMIirzANBgkqhkiG9w0BAQsFAAOCAQEAXCKI
gsk3yRb5C0Nas5ThgDhoCxiHEaVORlop0Mz7hI/dpy4LWTM3tMvrr4gtN23C5QRc
v2dZkvUXii3wy4Bo7N2HqFdmJ3kbCot6k9tBfl3b4UcPHpK2lTqF4VeLjCYCd2gS
XJDOQQtGydNPWw4mAD3WVkAFeXRYbIKcVfkVDPEV4o1vHLL5fk6JbDvPH3wf7N8F
/5lEA6ILoZ2RAFWX31dlS7bTzhXpjNPzBeD2s6/J9oDDfBRLAlUkCVFQW1ioHKS9
z+cN2dlTgmMJQks3vkqVfEoW/5Wg1T6XzNLxiPyJ8+L6pW/Zy73NkdrbnbnaLva0
0YKu86rwPleTdelqDg==
-----END CERTIFICATE-----

Generated at Wed Mar 3 04:29:13 2021 by LibreSSL & rpki-client.