Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43700defc1ee59c66388e2190f78478c98344e02.cer
File:                     43700defc1ee59c66388e2190f78478c98344e02.cer (raw, json)
Hash identifier:          Ub9ZmZxPKUwUjaypEQtNRCnXuFzgGQTa/XXCbSc/7Hc=
Subject key identifier:   95:1A:13:08:F4:66:CA:B8:9C:C9:D3:BF:C0:36:9F:9D:03:8F:A4:1C
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       E2F724
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/50c293f8-4526-4970-9b12-911c1b4ab0bd/43700defc1ee59c66388e2190f78478c98344e02.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/50c293f8-4526-4970-9b12-911c1b4ab0bd/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Thu 30 Mar 2023 14:11:52 +0000
Certificate not after:    Tue 30 Jul 2024 22:29:18 +0000
Subordinate resources:    AS: 269796
                          IP: 45.185.31.0/24
                          IP: 2803:f360::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14874404 (0xe2f724)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Mar 30 14:11:52 2023 GMT
            Not After : Jul 30 22:29:18 2024 GMT
        Subject: CN=43700defc1ee59c66388e2190f78478c98344e02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fe:10:0b:b5:6e:11:0e:be:f3:d8:f9:83:f2:
                    7d:8a:41:e5:e7:d7:29:a1:8c:59:9a:b3:31:6a:91:
                    f6:e6:e3:d8:3b:fa:05:ff:39:d2:7b:27:af:35:f1:
                    04:48:01:6f:95:8f:8e:3a:32:1e:47:a9:4d:5d:8d:
                    8d:cb:7f:1c:34:11:03:6d:c3:f9:13:12:09:36:17:
                    7d:b3:54:e4:4b:f7:ce:e8:d3:f7:7d:02:62:9b:a1:
                    ab:86:57:34:6f:3a:57:56:81:5c:fa:8b:20:43:76:
                    88:d6:8a:0a:fe:ed:17:43:f7:cc:78:c5:89:14:a1:
                    a7:21:2a:41:00:33:ac:79:a9:d1:89:89:3d:cf:76:
                    07:4d:90:79:c0:09:c6:49:de:62:68:f1:d7:2f:ad:
                    21:3b:c0:50:0c:fa:56:02:40:69:a2:70:7e:ed:85:
                    29:13:e2:6e:af:e4:8f:1c:ae:fb:ad:51:38:9b:d8:
                    69:12:f0:34:ba:6f:16:18:42:76:ff:11:d5:c3:e4:
                    2e:2f:db:80:66:23:27:68:c2:49:6e:37:3d:41:2f:
                    c1:0a:af:d1:89:fb:5b:3b:10:2b:d6:a0:5e:06:11:
                    0f:38:32:e9:f4:13:bf:be:50:6e:8a:1a:9b:6f:d2:
                    35:b4:4e:ad:fc:9f:75:8b:fa:19:4b:5b:2b:f7:9d:
                    1a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:1A:13:08:F4:66:CA:B8:9C:C9:D3:BF:C0:36:9F:9D:03:8F:A4:1C
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/50c293f8-4526-4970-9b12-911c1b4ab0bd/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/50c293f8-4526-4970-9b12-911c1b4ab0bd/43700defc1ee59c66388e2190f78478c98344e02.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.185.31.0/24
                IPv6:
                  2803:f360::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  269796

    Signature Algorithm: sha256WithRSAEncryption
         af:07:ab:c3:b0:ff:72:15:65:15:c8:3f:c7:b3:63:b5:68:54:
         78:fe:b2:75:05:8d:fe:f9:68:c4:ce:f9:5d:86:1a:55:ed:74:
         1b:a8:28:68:47:e6:66:72:15:5a:74:fb:3c:d6:d8:95:9b:2c:
         f2:45:b5:4d:63:f0:06:14:30:92:f3:14:9f:42:5b:04:bb:e3:
         bd:f1:39:b2:42:63:3b:42:c1:97:6e:1d:28:64:38:2e:90:b2:
         31:46:1e:7f:07:bf:cf:43:07:b3:b3:75:9c:41:03:70:ac:84:
         0a:e2:cf:e5:2a:33:5b:43:31:6b:5f:45:ab:5e:b4:84:b5:c6:
         75:62:39:e7:2c:34:a8:46:f6:ad:96:3e:fc:2f:73:6c:a4:b2:
         0b:2a:9a:0d:0f:5b:2e:ee:47:1d:83:6c:6f:12:69:e9:85:aa:
         6f:91:4f:da:01:89:22:43:9c:92:d7:17:1b:3c:04:ef:9d:1e:
         d9:f9:b6:25:bb:64:2d:f1:b6:3e:d6:e4:87:4b:56:93:7e:3d:
         d4:0e:6e:d6:68:15:6a:72:a0:04:ab:fb:c0:d9:0d:ae:fc:e9:
         b3:14:65:3a:a8:99:c3:be:4f:26:e8:19:ff:82:ce:b6:d0:0c:
         27:ed:6b:92:25:c2:33:9b:3f:67:d1:6c:87:aa:7a:a2:d6:61:
         23:dc:c7:f7
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIEAOL3JDANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIzMDMzMDE0MTE1MloXDTI0MDczMDIyMjkx
OFowMzExMC8GA1UEAxMoNDM3MDBkZWZjMWVlNTljNjYzODhlMjE5MGY3ODQ3OGM5
ODM0NGUwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKP+EAu1bhEO
vvPY+YPyfYpB5efXKaGMWZqzMWqR9ubj2Dv6Bf850nsnrzXxBEgBb5WPjjoyHkep
TV2Njct/HDQRA23D+RMSCTYXfbNU5Ev3zujT930CYpuhq4ZXNG86V1aBXPqLIEN2
iNaKCv7tF0P3zHjFiRShpyEqQQAzrHmp0YmJPc92B02QecAJxkneYmjx1y+tITvA
UAz6VgJAaaJwfu2FKRPibq/kjxyu+61ROJvYaRLwNLpvFhhCdv8R1cPkLi/bgGYj
J2jCSW43PUEvwQqv0Yn7WzsQK9agXgYRDzgy6fQTv75Qbooam2/SNbROrfyfdYv6
GUtbK/edGkUCAwEAAaOCAwkwggMFMB0GA1UdDgQWBBSVGhMI9GbKuJzJ07/ANp+d
A4+kHDAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy81MGMyOTNmOC00NTI2
LTQ5NzAtOWIxMi05MTFjMWI0YWIwYmQvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvNTBjMjkzZjgtNDUyNi00
OTcwLTliMTItOTExYzFiNGFiMGJkLzQzNzAwZGVmYzFlZTU5YzY2Mzg4ZTIxOTBm
Nzg0NzhjOTgzNDRlMDIubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC25HzANBAIAAjAHAwUAKAPzYDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMEHeQwDQYJKoZIhvcNAQELBQADggEBAK8H
q8Ow/3IVZRXIP8ezY7VoVHj+snUFjf75aMTO+V2GGlXtdBuoKGhH5mZyFVp0+zzW
2JWbLPJFtU1j8AYUMJLzFJ9CWwS7473xObJCYztCwZduHShkOC6QsjFGHn8Hv89D
B7OzdZxBA3CshAriz+UqM1tDMWtfRatetIS1xnViOecsNKhG9q2WPvwvc2yksgsq
mg0PWy7uRx2DbG8SaemFqm+RT9oBiSJDnJLXFxs8BO+dHtn5tiW7ZC3xtj7W5IdL
VpN+PdQObtZoFWpyoASr+8DZDa786bMUZTqomcO+TyboGf+CzrbQDCfta5IlwjOb
P2fRbIeqeqLWYSPcx/c=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:58:06 2024 by rpki-client on console-fra.rpki-client.org